diff options
| author | Greg Hudson <ghudson@mit.edu> | 2010-05-21 03:08:18 +0000 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2010-05-21 03:08:18 +0000 |
| commit | 263b6258c20e52b648b68a2580fb6cffc7e84d2a (patch) | |
| tree | fd4d4e286f03153fce05b5e5c14552179627cec7 | |
| parent | b2b972bb559c7f9df289d814bce1ba1f55eb3416 (diff) | |
| download | krb5-263b6258c20e52b648b68a2580fb6cffc7e84d2a.tar.gz krb5-263b6258c20e52b648b68a2580fb6cffc7e84d2a.tar.xz krb5-263b6258c20e52b648b68a2580fb6cffc7e84d2a.zip | |
Document the disable_last_success and disable_lockout variables in
krb5.conf.M. Also document database_name in krb5.conf.M and slightly
adjust the wording in admin.texinfo.
ticket: 6719
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24078 dc483132-0cff-0310-8789-dd5450dbe970
| -rw-r--r-- | doc/admin.texinfo | 4 | ||||
| -rw-r--r-- | src/config-files/krb5.conf.M | 17 |
2 files changed, 19 insertions, 2 deletions
diff --git a/doc/admin.texinfo b/doc/admin.texinfo index ad122a7eba..5da912768d 100644 --- a/doc/admin.texinfo +++ b/doc/admin.texinfo @@ -1054,8 +1054,8 @@ For each section, the following tags may be specified in the subsection: This tag indicates the name of the loadable database library. The value should be @samp{db2} for DB2 database and @samp{kldap} for LDAP database. @itemx database_name -This DB2-specific tag indicates the location of the database. The -default is @* @code{@value{DefaultDatabaseName}}. +This DB2-specific tag indicates the location of the database in the +filesystem. The default is @* @code{@value{DefaultDatabaseName}}. @itemx disable_last_success If set to @code{true}, suppresses KDC updates to the ``Last successful diff --git a/src/config-files/krb5.conf.M b/src/config-files/krb5.conf.M index 412156bdfa..5ecfd426c7 100644 --- a/src/config-files/krb5.conf.M +++ b/src/config-files/krb5.conf.M @@ -585,6 +585,23 @@ The following tags are used in this section: This relation indicates the name of the configuration section under dbmodules for database specific parameters used by the loadable database library. +.IP database_name +This DB2-specific tag indicates the location of the database in the +filesystem. + +.IP disable_last_success +If set to true, suppresses KDC updates to the "Last successful +authentication" field of principal entries requiring +preauthentication. Setting this flag may improve performance. +(Principal entries which do not require preauthentication never update +the "Last successful authentication" field.) + +.IP disable_lockout +If set to true, suppresses KDC updates to the "Last failed +authentication" and "Failed password attempts" fields of principal +entries requiring preauthentication. Setting this flag may improve +performance, but also disables account lockout. + .IP ldap_kerberos_container_dn This LDAP specific tag indicates the DN of the container object where the realm objects will be located. This value is used if no object DN is mentioned in the |