Jan Zeleny wrote:
Rob Crittenden<rcrit...@redhat.com> wrote:
Jan Zelený wrote:
Jan Zeleny<jzel...@redhat.com> wrote:
Rob Crittenden<rcrit...@redhat.com> wrote:
Jan Zelený wrote:
https://fedorahosted.org/freeipa/ticket/930
I put there a value Dmitri suggested. Feel free to change it before
pushing if you think there should be the originally suggested 10 login
attempts.
We want to increase krbPwdLockoutDuration too, to 600.
rob
Sorry, I didn't realize it was in seconds. I just saw 10 and figured
it's ok it's already there. Anyway, I'm sending the updated patch.
Just a reminder that this patch needs to be re-reviewed.
Thanks
Jan
I think we need to fix this as an update file rather than changing the
default install. It would look something like:
dn: cn=global_policy,cn=$REALM,cn=kerberos,$SUFFIX
replace:krbPwdLockoutDuration: 10: 600
replace: krbPwdMaxFailure: 3: 6
I'm ok with fixing it in both places.
rob
Here it is, hopefully I got it right this time. I wasn't sure about the file
number, but from guidelines in README I guess it's ok.
Jan
I removed the spaces before the integers, I guess the updater was
sending ' 600' as the update instead of '600'.
ack, pushed to master
rob
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel