diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2011-01-18 14:58:58 -0500 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2011-01-21 13:59:24 -0500 |
| commit | cf9ec1c4271e1f2b35f9a4377550064bad0387c3 (patch) | |
| tree | 5f586544af7a8ca1f701d182d1584374b864d27b /daemons/ipa-slapi-plugins/ipa-lockout/lockout-conf.ldif | |
| parent | 4361cd02422d8a6b30d67bb6869af9c67f7ec9c0 (diff) | |
| download | freeipa-cf9ec1c4271e1f2b35f9a4377550064bad0387c3.tar.gz freeipa-cf9ec1c4271e1f2b35f9a4377550064bad0387c3.tar.xz freeipa-cf9ec1c4271e1f2b35f9a4377550064bad0387c3.zip | |
Update kerberos password policy values on LDAP binds.
On a failed bind this will update krbLoginFailedCount and krbLastFailedAuth
and will potentially fail the bind altogether.
On a successful bind it will zero krbLoginFailedCount and set
krbLastSuccessfulAuth.
This will also enforce locked-out accounts.
See http://k5wiki.kerberos.org/wiki/Projects/Lockout for details on
kerberos lockout.
ticket 343
Diffstat (limited to 'daemons/ipa-slapi-plugins/ipa-lockout/lockout-conf.ldif')
| -rw-r--r-- | daemons/ipa-slapi-plugins/ipa-lockout/lockout-conf.ldif | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/daemons/ipa-slapi-plugins/ipa-lockout/lockout-conf.ldif b/daemons/ipa-slapi-plugins/ipa-lockout/lockout-conf.ldif new file mode 100644 index 00000000..8a13fc94 --- /dev/null +++ b/daemons/ipa-slapi-plugins/ipa-lockout/lockout-conf.ldif @@ -0,0 +1,15 @@ +dn: cn=IPA Lockout,cn=plugins,cn=config +changetype: add +objectclass: top +objectclass: nsSlapdPlugin +objectclass: extensibleObject +cn: IPA Lockout +nsslapd-pluginpath: libipa_lockout +nsslapd-plugininitfunc: ipalockout_init +nsslapd-plugintype: object +nsslapd-pluginenabled: on +nsslapd-pluginid: ipalockout_version +nsslapd-pluginversion: 1.0 +nsslapd-pluginvendor: Red Hat, Inc. +nsslapd-plugindescription: IPA Lockout plugin +nsslapd-plugin-depends-on-type: database |