[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ppolicy module limited to catching 1 login failure per second?

To: "Paul B. Henson" <henson@acm.org>, openldap-technical@openldap.org
Subject: Re: ppolicy module limited to catching 1 login failure per second?
From: Michael Ströder <michael@stroeder.com>
Date: Mon, 28 Apr 2014 08:22:28 +0200
In-reply-to: <20140428022906.GB1541@bender.unx.csupomona.edu>
References: <20140428022906.GB1541@bender.unx.csupomona.edu>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:28.0) Gecko/20100101 Firefox/28.0 SeaMonkey/2.25

Paul B. Henson wrote:
> We're testing the ppolicy module for the purposes of enabling account
> lockout on our ldap infrastructure. During initial testing, I noticed
> that it didn't seem to be catching all of the failed logins, and then
> realized that the pwdFailureTime attribute in which they are stored
> seems to have a granularity of only 1 second?

Yes, there's already an ITS present for that:

http://www.openldap.org/its/index.cgi?findid=7161

Ciao, Michael.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Follow-Ups:
- RE: ppolicy module limited to catching 1 login failure per second?
  - From: "Paul B. Henson" <henson@acm.org>

References:
- ppolicy module limited to catching 1 login failure per second?
  - From: "Paul B. Henson" <henson@acm.org>

Prev by Date: ppolicy module limited to catching 1 login failure per second?
Next by Date: Re: deploying password policy module
Index(es):
- Chronological
- Thread