As admin, I have configured my /etc/ipa/default.conf with the parameters session_auth_duration and session_duration_type in order to limit the length of time WebUI session will last without prompting for re-authentication. These parameters are not used any more after the implementation of privilege separation (tickets #5959 and #7001). In this case, the upgrade should update the content of default.conf and configure kinit_lifetime with a value providing the same behavior as session_auth_duration. or at least provide a warning that these parameters are not used any more.
Metadata Update from @rcritten: - Issue priority set to: normal - Issue set to the milestone: FreeIPA 4.8
Login to comment on this ticket.