Hide Forgot
Description of problem: kinit fails with the message: kinit: ASN.1 failed call to system time library while getting initial credentials Or (krbpasswordexpiration == 20380119031408Z) tels you to change your password: Password expired. You must change it now. Enter new password: Version-Release number of selected component (if applicable): krb5-server-1.9.2-6.fc16.x86_64 krb5-workstation-1.9.2-6.fc16.x86_64 freeipa-server-2.1.4-5.fc16.x86_64 389-ds-base-1.2.10-0.10.rc1.fc16.x86_64 How reproducible: - - use "kinit <user>" Steps to Reproduce: 1. Use ldapmodify to change the value of "krbpasswordexpiration" to 20380119031408Z "<user>" 2. Use "kinit <user>" to get a ticket 3. repeat steps 1 and 2 with a value larger than 20380119031408Z 4. repeat steps 1 and 2 with a valu of 20380119031407Z or lower Actual results: 2. Password expired. You must change it now. 3. kinit: ASN.1 failed call to system time library while getting initial credentials Expected results: - like in the case 4. ticket granted, klist lists the ticket Additional info:
Please use https://bugzilla.redhat.com/show_bug.cgi?id=797333 for further communication about this issue.
Thank you taking your time and submitting this request for FreeIPA in Fedora. Unfortunately, this bug was not given a priority and was deferred both in Fedora and in the upstream FreeIPA project. Given that we are unable to fulfill this request in following Fedora releases, I am closing the Bugzilla as DEFERRED. To request re-consideration of this decision please reopen this Bugzilla and provide additional technical details about its importance to you. Note that you can still track this request or even contribute patches in the referred upstream Trac ticket.