Question for time based group membership in FL 2016
Kees van Vloten
keesvanvloten at gmail.com
Thu Feb 1 22:34:09 UTC 2024
On 01-02-2024 22:33, Douglas Bagnall wrote:
> hi Kees,
>
>> Still, if you know what this powershell call changes in the LDAP
>> record of the group, the user or elsewhere in LDAP, you can mimic
>> this functionality quite easily with a little cron script on the DC.
>
> I had similar thoughts, but it sounds this Windows Server 2016 feature
> is a bit cleverer than that -- in particular, the KDC will not issue
> tickets that outlive an expiring group.
>
> cheers,
> Douglas
>
Thanks for providing more background, Douglas!
- Kees.
More information about the samba-technical
mailing list