the man page for default.conf mentions setting session_auth_duration and session_duration_type but these parameters are not relevant anymore after the introduction of privilege separation (tickets #5959 and #7001)
The man page should rather describe the parameter kinit_lifetime that allows to limit the lifetime of ticket obtained by users authenticating to the WebGUI using login/password.
Targeting ipa-4-5 as the change was introduced in 4.5.2
Metadata Update from @frenaud:
- Issue set to the milestone: FreeIPA 4.5.5
Metadata Update from @cheimes:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)
to comment on this ticket.