git.ipfire.org Git - thirdparty/samba.git/commit

]> git.ipfire.org Git - thirdparty/samba.git/commit

projects / thirdparty / samba.git / commit

author	Joseph Sutton <josephsutton@catalyst.net.nz>
	Tue, 8 Aug 2023 22:47:08 +0000 (10:47 +1200)
committer	Andrew Bartlett <abartlet@samba.org>
	Mon, 14 Aug 2023 04:57:34 +0000 (04:57 +0000)
commit	0cf658cd10d3a2cee429615f3c01bb6bd4bd4ddb
tree	48180fcc1b190b64ebc964210fcb60ef7b89e99a	tree \| snapshot
parent	7026b08e23e2b64b1cbbaa2b95a14b6b4350cef0	commit \| diff

s4:kdc: Don’t issue forwardable or proxiable tickets to Protected Users

If an authentication policy enforces a maximum TGT lifetime for a
Protected User, that limit should stand in place of the four-hour limit
usually applied to Protected Users; we should nevertheless continue to
ensure that forwardable or proxiable tickets are not issued to such
users.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

selftest/knownfail_heimdal_kdc		diff \| blob \| blame \| history
selftest/knownfail_mit_kdc_1_20		diff \| blob \| blame \| history
source4/kdc/db-glue.c		diff \| blob \| blame \| history

Mirror of https://github.com/samba-team/samba.git

RSS Atom