#1774 move processing of password expiration back to PAM provider only
Closed: Invalid None Opened 6 years ago by jhrozek.

Since bf8cce7 we process the LDAP password expiration warning in the responder, but the Kerberos password expiration warning in the provider. That is wrong architecture, we should move all the processing back to responder only.


Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.10 beta
priority: major => minor
type: defect => task

Fields changed

rhbz: => 0

I don't know what I was smoking when I filed this ticket. It's complete nonsense, for two reasons:
1. the logic cannot be in responders, some parts of it are provider-specific. In other words, we implement different password expiration warnings in Kerberos back end and LDAP back end.
2. It's already implemented correctly in providers. There's no change needed.

Sorry for the noise.

resolution: => invalid
review: => 0
status: new => closed

Metadata Update from @jhrozek:
- Issue set to the milestone: SSSD 1.10 beta

2 years ago

Login to comment on this ticket.

Metadata