On 8/12/20 5:39 AM, Dario García Díaz-Miguel wrote: > kadmin -k -t $KEYTABLOCATION -p $SERVICEPRINCIPAL -q "cpw $PRINCIPAL -pw > $PASSWORD" > > What we found is that this command ignores the password policy assigned to > the principal, including all the complexity rules and history options. No > matter if the command is launched in a kadmin console interactive mode, > policies are totally ignored. > > If we use: > > kpasswd $PRINCIPAL
That's unexpected, and it's not the behavior I see in a test environment: $ kadmin.local addpol -minlength 6 testpol $ kadmin.local modprinc -policy testpol user $ kadmin -k -p user/admin cpw -pw pw user change_password: Password is too short while changing password for "u...@krbtest.com". $ kadmin.local cpw -pw pw user change_password: Password is too short while changing password for "u...@krbtest.com". What software and version is running on the kadmin server? ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos