Projects / k5expire


K5expire is a tool to complement a Kerberos/LDAP server combination. It checks all kerberos principals per user in LDAP for password and/or account expiration and sends email to the owners if they will expire in a preconfigured amount of time. It started as a hack to emulate the behavior of expiration found in pam_unix and Windows, but this method is believed to be less intrusive because it does not delay the login process.

Operating Systems

Recent releases

  •  04 Jul 2007 10:58

    Release Notes: Support for XMLSensor output was added.

    •  09 May 2007 14:10

      Release Notes: This is the final release of k5expire 2.0, it changes the way the program works since version 1.0. All users in an LDAP directory are now matched with kerberos principals that are checked for expired accounts and passwords.

      •  22 Feb 2007 15:57

        Release Notes: This is a major rewrite of k5expire. This version checks all user accounts in an LDAP directory, looks up the associated Kerberos principals, and checks for expiration. It does not rely on a list of users like 1.0, which makes it easier to maintain in a large setup.


        Project Spotlight


        A Fluent OpenStack client API for Java.


        Project Spotlight

        TurnKey TWiki Appliance

        A TWiki appliance that is easy to use and lightweight.