IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-01-15 19:01:55 -06:00
Code Issues Packages Projects Releases Wiki Activity
797baef1a4
freeipa/daemons/ipa-slapi-plugins/ipa-lockout
History
Rob Crittenden 797baef1a4 Fix lockout of LDAP bind. 
There were several problems:

- A cut-n-paste error where the wrong value was being considered when
  an account was administratively unlocked.
- An off-by-one error where LDAP got one extra bind attempt.
- krbPwdPolicyReference wasn't being retrieved as a virtual attribute so
  only the global_policy was used.
- The lockout duration wasn't examined in the context of too many failed
  logins so wasn't being applied properly.
- Lockout duration wasn't used properly so a user was effectively unlocked
  when the failure interval expired.
- krbLastFailedAuth and krbLoginFailedCount are no longer updated past
  max failures.

https://fedorahosted.org/freeipa/ticket/3433
2013-03-21 15:44:53 -04:00
..
ipa_lockout.c Fix lockout of LDAP bind. 2013-03-21 15:44:53 -04:00
lockout-conf.ldif Update kerberos password policy values on LDAP binds. 2011-01-21 13:59:24 -05:00
Makefile.am Update kerberos password policy values on LDAP binds. 2011-01-21 13:59:24 -05:00