From 3f40f1492cd39574c80af1a01e3771bd86c7027d Mon Sep 17 00:00:00 2001 From: Jan Zeleny Date: Thu, 10 Feb 2011 08:02:27 -0500 Subject: Updated default Kerberos password policy https://fedorahosted.org/freeipa/ticket/930 --- install/share/default-pwpolicy.ldif | 4 ++-- install/updates/50-lockout-policy.update | 4 ++++ install/updates/Makefile.am | 1 + 3 files changed, 7 insertions(+), 2 deletions(-) create mode 100644 install/updates/50-lockout-policy.update (limited to 'install') diff --git a/install/share/default-pwpolicy.ldif b/install/share/default-pwpolicy.ldif index 9d3d8a755..1bb4a096e 100644 --- a/install/share/default-pwpolicy.ldif +++ b/install/share/default-pwpolicy.ldif @@ -8,7 +8,7 @@ krbPwdMinDiffChars: 0 krbPwdMinLength: 8 krbPwdHistoryLength: 0 krbMaxPwdLife: 7776000 -krbPwdMaxFailure: 3 +krbPwdMaxFailure: 6 krbPwdFailureCountInterval: 60 -krbPwdLockoutDuration: 10 +krbPwdLockoutDuration: 600 diff --git a/install/updates/50-lockout-policy.update b/install/updates/50-lockout-policy.update new file mode 100644 index 000000000..302ab81c9 --- /dev/null +++ b/install/updates/50-lockout-policy.update @@ -0,0 +1,4 @@ +dn: cn=global_policy,cn=$REALM,cn=kerberos,$SUFFIX +replace:krbPwdLockoutDuration:10:600 +replace: krbPwdMaxFailure:3:6 + diff --git a/install/updates/Makefile.am b/install/updates/Makefile.am index b474cd1c5..26318e144 100644 --- a/install/updates/Makefile.am +++ b/install/updates/Makefile.am @@ -10,6 +10,7 @@ app_DATA = \ 20-replication.update \ 20-winsync_index.update \ 40-delegation.update \ + 50-lockout-policy.update \ $(NULL) EXTRA_DIST = \ -- cgit