Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Stop loading policy for pw_expiration in LDAP
populate_krb5_db_entry() performs a subsidiary LDAP search to load the password policy, which it uses to update the pw_expiration field. This has some minimal value (it causes pw_expiration values in principals to auto-update whenever the pw_max_life field of a policy changes), but it's complicated, expensive, and inconsistent with the DB2 back end. Get rid of it. ticket: 7535 (new)
- Loading branch information