[Freeipa-devel] [PATCH 558] Allow disabling requireing preauth by default for Service Principal Names
Simo Sorce
simo at redhat.com
Tue Nov 24 21:20:58 UTC 2015
This addresses #3860, giving admins the option to not require preauth
for Hosts and services.
I did not add this option by default, although it does reduce the load
on the KDC as well as speed up TGT acquisition for service principal
accounts that acquire TGTs.
Tested and working as expected (SPNs are not returned PREAUTH_NEEDED
error while normal users are).
HTH,
Simo.
--
Simo Sorce * Red Hat, Inc * New York
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-simo-558-1-Allow-admins-to-disable-preauth-for-SPNs.patch
Type: text/x-patch
Size: 6582 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20151124/52afefb4/attachment.bin>
More information about the Freeipa-devel
mailing list