We currently do not honour the krbprincipalexpiration attribute for LDAP binds.
A simple place to check and deny auth would be to check for it in the pre_bind operation.
3.4 development was shifted for one month, moving tickets to reflect reality better.
Linking with the right Bugzilla (previous closed as duplicate).
Adjusting time plan - 3.4 development was postponed as we focused on 3.3.x testing and stabilization.
This ticket is not complete yet, moving to next month milestone.
Metadata Update from @simo:
- Issue assigned to tbabej
- Issue set to the milestone: FreeIPA 4.0 - 2014/04
to comment on this ticket.
Copyright © 2014-2018 Red Hat
4.0.4 — Documentation