Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

splitting authentication instances and changing passwords

John DeStefano john.destefano at gmail.com
Wed Feb 4 10:19:09 PST 2009


Hi folks,

We are thinking of splitting our Kerberos-backed, WebAuth- 
authenticated services into two, separate Kerberos accounts.  Since  
the users' current Kerberos passwords are encrypted, the admins don't  
know what they are, and they cant be ported to another Kerberos  
instance (AFAIK).  Thus, when a user first attempts to authenticate to  
the new services, their initial authentication attempts will fail.   
Ideally, these initial failures could redirect the users to a page  
authenticated by their current ("old") Kerberos password using  
WebAuth, which could prompt the users to change their passwords, and  
which would save the new passwords to the new service's new Kerberos  
accounts.

I was wondering whether some application or set of scripts for doing  
this already exists -- not a directly WebAuth-related question, but I  
thought this as good a place to ask as any.

Thank you,
~John



More information about the webauth-info mailing list