Re: How to lock/unlock the user principal
Thank you for the info !
What do you mean by saying "when building Kerberos named something like
updates database" ?
Did you test this feature ?
15/01/2008 16:57 Ido Levy/Haifa/IBM@IBMIL
Re: How to lock/unlock the user
It's an undocumented feature that you need to specify when building
Kerberos named something like updates database. And the "kadmin modprinc
(+-)allow_tix principal@realm" allows you to enable/disable the account.
I believe the number of failed attempts before blacklisting is kept in
the kdc.conf file.
Ido Levy wrote:[color=blue]
> Hello All,
> Is there a way to lock the user principal in case of unsuccessful[/color]
> If yes what is the way to unlock the user ?
> When issuing getprinc one of the fields is "Failed password attempts:"
> Is there a way to use this field ?
> Is this mechanism relates to Kerberos or to LDAP ?
> Ido Levy
> Kerberos mailing list [email]Kerberos@mit.edu[/email]