[OpenAFS] Missing admin/hosts/users policies in recent krb-server build (RHEL4.5)

Russ Allbery rra@stanford.edu
Sat, 22 Nov 2008 10:59:59 -0800


avison48 <avison48@yahoo.co.uk> writes:

> This was asked on comp.protocols.kerberos, but no answers. Maybe someone
> here has the experience to have seen this before.
>
> I built a test kerberos server in Sept & it has some pre-installed
> account policies. But in duplicating this (prod server & other test
> servers, same OS & kerberos versions), no pre-installed policies!
> googled a couple hours about this, but can't find any answers.

I've never seen an MIT KDC pre-install any policies other than default,
but I guess I haven't ever looked that closely.

Anyway, policies are trivial in an MIT KDC.  They only have five
parameters, all of which are fairly obvious.  You can pretty trivially
create whatever policy you need.  I don't think the pre-installed policies
are really doing anything that useful for you.

-- 
Russ Allbery (rra@stanford.edu)             <http://www.eyrie.org/~eagle/>