From c38adcf25a45804f4a5a9e07d25315861357e06a Mon Sep 17 00:00:00 2001 From: Marc 'risson' Schmitt Date: Tue, 29 Oct 2024 17:30:33 +0100 Subject: [PATCH] sources/kerberos: add kiprop to ignored system principals (#11852) --- blueprints/system/sources-kerberos.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/blueprints/system/sources-kerberos.yaml b/blueprints/system/sources-kerberos.yaml index d97e8eda539c..8664183b7ee0 100644 --- a/blueprints/system/sources-kerberos.yaml +++ b/blueprints/system/sources-kerberos.yaml @@ -38,7 +38,7 @@ entries: name: "authentik default Kerberos User Mapping: Ignore system principals" expression: | localpart, realm = principal.rsplit("@", 1) - denied_prefixes = ["kadmin/", "krbtgt/", "K/M", "WELLKNOWN/"] + denied_prefixes = ["kadmin/", "krbtgt/", "K/M", "WELLKNOWN/", "kiprop/", "changepw/"] for prefix in denied_prefixes: if localpart.lower().startswith(prefix.lower()): raise SkipObject