It's an undocumented feature that you need to specify when building Kerberos named something like updates database. And the "kadmin modprinc (+-)allow_tix [EMAIL PROTECTED]" allows you to enable/disable the account. I believe the number of failed attempts before blacklisting is kept in the kdc.conf file.
Ido Levy wrote: > Hello All, > > Is there a way to lock the user principal in case of unsuccessful logins ? > If yes what is the way to unlock the user ? > > When issuing getprinc one of the fields is "Failed password attempts:" > Is there a way to use this field ? > > Is this mechanism relates to Kerberos or to LDAP ? > > Thanks, > > Ido Levy > > ________________________________________________ > Kerberos mailing list [email protected] > https://mailman.mit.edu/mailman/listinfo/kerberos >
smime.p7s
Description: S/MIME Cryptographic Signature
________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
