Hi all,

I am having a problem with my Kerberos authentication. For the most part, everything is working like it should exept for one small thing. Here are the details...

My Linux workstation authenticates against the Active Directory using Kerberos. The problem occurs when the AD starts sending messages back that the password is about to expire. When I try to login, and the password is set to expire in, say, 3 days, I get a login failed. Maybe the kerberos doesn't know what to do with the messages??? I don't know. Also, if a password is already expired, I cannot get in either.

Does anyone know if there has been an work done with this? Specifically, password maintenance through Kerberos. I did a little research and others seem to have the same problem, but no real solution. It is a very frustrating problem.

Thanks!

To give a few more details...we are using heimdal kerberos with pam for login, xdm, ssh, etc. SuSE distro