Installing, Configuring and Administering the Kerberos Server V 2.0 on HP-UX 11i
Administration
Manual Administration Using kadmin
Chapter 6176
Numberof Specifythe number offailed authentication attempts
authentication the principal is allowed. The number must be an
failures (fcnt) integer between 0 and 255.
Key Version The number must be an integer between 0 and 255.
Number (vno) When you create a principal, its key version number
(vno) is 1 and then it automatically increments by one
each time the key is changed. You can manually change
the key version number using this command.
The general syntax for modifying an existing principal is:
command: mod
To modify the principal admin, you need to do the following:
Command: mod
Name of Principal to Modify: admin
Parameter Type to be Modified (attr,fcnt,vno or quit):<option>
Principal modified.
Enter the Parameter type to be modified at the command line prompt.
Based on the parameter you have opted for the principal is modified. The
following sections of this chapter entail a detailed description of the
parameter types.
Number of Authentication failures (fcnt)
When you create a principal, the failed authentication count is
automatically set to zero. The user associated with that principal
increments the failed authentication count by one for each failed
authentication attempt.
If the user has more consecutive authentication failures than allowed by
the MaxFailAuthCnt parameter in the password policy file, the principal
is locked. Before the user can attempt to authenticate again, the
administrator must unlock the principal, which resets the fcnt to zero.
If the user successfully authenticates before the maximum failed
authentication count value, fcnt is automatically reset to zero.
To modify the parameter type fcnt for the principal admin, you need to
do the following: