...
Change Password Property | Default Value | Description |
|---|---|---|
changepw.principal | kadmin/changepw@EXAMPLE.COM | Principal for this Change Password server |
changepw.primary.realm | EXAMPLE.COM | Primary realm this Change Password service serves |
changepw.port | 464 | The port for the Change Password protocol to use |
changepw.entry.basedn | ou=Users,dc=example,dc=com | Base DN for looking up users |
changepw.encryption.types | des-cbc-md5 | Allowed Kerberos Cipher Text type(s) |
changepw.empty.addresses.allowed | true | Whether tickets issued with empty Host Addresses are allowed |
changepw.allowable.clockskew | 5 minutes | Allowable clockskew for all Change Password transactions |
changepw.password.length | 6 characters | Minimum password length |
changepw.category.count | 3 (out of 4) | Number of character categories required (A - Z), (a - z), (0 - 9), non-alphanumeric (!, $, #, %, ... ) |
changepw.token.size | 3 characters | Password must not contain tokens larger than 3 characters that occur in the user's principal name. |
changepw.buffer.size | 1024 | Buffer size for MINA ByteBuffers |
java.naming.ldap.attributes.binary | krb5Key | MANDATORY for JNDI to return Kerberos keys as binary, not String |
Changing Passwords with Windows 2003
Configure the Windows 2003 workstation to use an Apache Change Password server:
| Code Block |
|---|
C:> Ksetup /addkpasswd REALM.EXAMPLE.COM kdc.realm.example.com
|
Change a password using Windows Security:
1. After logging on, press CTRL+ALT+DEL.
2. Click on the button labeled "Change Password ..."
3. Enter the Old Password and New Password (twice) and click OK.
Or change a password using the Command Prompt:
| Code Block |
|---|
C:> Ksetup /domain /changepassword <old-password> <new-password>
|