Administering the Kerberos Server
Password Tab (Principal Information Window)
Table | Password Tab Components (Continued) | ||
|
|
| |
| Component Name | Description | |
|
|
| |
| Failed Auth Count | Specifies the number of failed authentication | |
|
|
| attempts since the last successful |
|
|
| authentication by the principal. Every failed |
|
|
| SignOn request by the client increments the |
|
|
| Failed Auth Count value by 1. If the number |
|
|
| exceeds the maximum value allowed by the |
|
|
| MaxFailAuthCnt parameter in the password |
|
|
| policy file, the principal account is |
|
|
| automatically locked. To determine if a |
|
|
| principal account is locked, click Principal |
|
|
| Information>Attributes and verify if Lock |
|
|
| Principal check box is selected. To unlock a |
|
|
| principal, clear the check box. |
|
|
|
|
| Primary and |
| Specifies the available key encryption options: |
| Secondary Key |
| DES3, |
| Types |
| encryption type for each salt type that you |
|
|
| use. |
|
|
|
|
| Primary and |
| Specifies the salt type for a principal. A Salt |
| Secondary Salt |
| is a string of characters added to a password |
| Types |
| before it is transformed into the secret key. |
|
|
| Each salt type, except None, has some data |
|
|
| associated with it. The salt data is appended |
|
|
| to the password before generating the DES3 or |
|
|
| DES encrypted key. The salt key settings are |
|
|
| controlled through the Password tab. Salts |
|
|
| are used to strengthen passwords and to |
|
|
| ensure that principals with the same |
|
|
| passwords do not have the same key. |
|
|
|
|
When you create a new principal using the Principal Information window>Password tab, HP Kerberos Administrator automatically displays the Change Password window (Figure
162 | Chapter 8 |