- Often with Active Directory a Kerberos host keytab is needed to bind with
LDAPoperations. On many sites security policies do not allow never-expiring passwords so the keytab needs to renewed eventually, currently requiring manual steps to obtain a new keytab.
SSSDshould support automated renewal of Kerberos host keytabs as
- Is it possible to set password expiry policy to the Red Hat Enterprise Linux system computer accounts created in the Active Directory Server?
- When computer accounts are created using
adclion RHEL 6), their passwords are set to never expire. RHEL systems should have passwords recycled just like any other Windows client.
- Red Hat Enterprise Linux 7.x
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.