Nicolas Williams wrote:
> On Mon, Dec 10, 2007 at 08:32:57PM -0500, Yu, Ming wrote:
>> But I am still not clear how to "lock out" account after n-times of
>> failed login.
>>
>> Are you saying there is no way to do it in current version of MIT
>> kerberos?
>
> I'm saying that the MIT a
On Mon, Dec 10, 2007 at 08:32:57PM -0500, Yu, Ming wrote:
> But I am still not clear how to "lock out" account after n-times of
> failed login.
>
> Are you saying there is no way to do it in current version of MIT
> kerberos?
I'm saying that the MIT and Solaris KDCs do not support that f
gt;
> Please clarify.
>
> Thanks,
>
> Ming
>
>
> *From:* Douglas E. Engert [mailto:[EMAIL PROTECTED]
> *Sent:* Mon 12/10/2007 6:11 PM
> *To:* Yu, Ming
> *Cc:* kerberos@mit.edu
> *Subject:* Re: A
On Dec 10, 2007, at 18:58, Nicolas Williams wrote:
> The answer is that an MIT KDC with plain old db2 backend can't do it.
> An MIT KDC with an LDAP backend could do it, but it doesn't yet.
The code to support this in either back end is there, but not
compiled by default. Unfortunately, some c
"Yu, Ming" <[EMAIL PROTECTED]> writes:
> But I am still not clear how to "lock out" account after n-times of
> failed login.
>
> Are you saying there is no way to do it in current version of MIT
> kerberos?
Right, there's no way to do it at a Kerberos level. There are various
things th
s Williams [mailto:[EMAIL PROTECTED]
Sent: Mon 12/10/2007 6:58 PM
To: Douglas E. Engert
Cc: Yu, Ming; kerberos@mit.edu
Subject: Re: Account lockout support in Solaris 10 when authenticating against
Kerberos
On Mon, Dec 10, 2007 at 05:11:21PM -0600, Douglas E. Engert wrote:
> Y
From: Douglas E. Engert [mailto:[EMAIL PROTECTED]
Sent: Mon 12/10/2007 6:11 PM
To: Yu, Ming
Cc: kerberos@mit.edu
Subject: Re: Account lockout support in Solaris 10 when authenticating against
Kerberos
Yu, Ming wrote:
> Hi! Guys,
>
>
>
>We are trying to authen
On Mon, Dec 10, 2007 at 05:11:21PM -0600, Douglas E. Engert wrote:
> Yu, Ming wrote:
> >Does anybody know how to implement account lockout
> > features on Solaris 10 when the user authenticates against Kerberos?
>
> See "man shadow". /etc/passwd, NIS or LDAP can have *LK* to indic
Yu, Ming wrote:
> Hi! Guys,
>
>
>
>We are trying to authenticate users against Kerberos on
> Solaris 10.
>
>
>
>I found that MIT Kerberos does not support account
> lockout and/or inactive account lockout features.
>
>
>
>Does anybody kn
Hi! Guys,
We are trying to authenticate users against Kerberos on
Solaris 10.
I found that MIT Kerberos does not support account
lockout and/or inactive account lockout features.
Does anybody know how to implement account lockout
features on
10 matches
Mail list logo