83def5bc18
Since c6bf100b password quality checks have been moved out of kadmindd and into
libkadm5. This means that all password changes are subject to quality checks,
if enforce_on_admin_set is true (the default). In rare instances it could be
possible for realm initialization to fail because the randomly generated
passwords do not pass the password quality test. Fix this by creating
principals with no password or key, rather than with a random password.
Random *keys* continue to be set immediately after the principal is created,
and before DISALLOW_ALL_TIX is unset, so there should be no functionality or
security implications from this change. It is safe to call a server-side API
such as kadm5_s_create_principal_with_key() as local_flag is asserted to be
true.
Heimdal
Heimdal is a Kerberos 5 implementation.
For information how to install see here.
There are man pages for most of the commands.
Bug reports and bugs are appreciated. Use GitHub issues or send e-mail to heimdal-bugs@h5l.org.
For more information see the project homepage https://www.h5l.org/ or the mailing lists:
- heimdal-announce@sics.se low-volume announcement
- heimdal-discuss@sics.se high-volume discussion
Send e-mail to heimdal-announce-request@sics.se and heimdal-discuss-request@sics.se respectively to subscribe.
Build Status