Skip Menu |
 

From: ghudson@mit.edu
Subject: SVN Commit

The account lockout feature of krb5 1.8 came at a cost in database
accesses for principals requiring preauth, even if lockout is not
used. Add dbmodules variables disable_last_success and
disable_lockout for the DB2 and LDAP back ends, allowing the admin to
recover the lost performance at the cost of new functionality.

(Unrelated documentation fix: document database_name as a DB2-specific
dbmodules variable instead of the realm variable it used to be.)


https://github.com/krb5/krb5/commit/6eacb6d5f29da306ea605a5efb00c0d01c3182b1
Commit By: ghudson
Revision: 24003
Changed Files:
U trunk/doc/admin.texinfo
U trunk/src/include/k5-int.h
U trunk/src/plugins/kdb/db2/kdb_db2.c
U trunk/src/plugins/kdb/db2/kdb_db2.h
U trunk/src/plugins/kdb/db2/lockout.c
U trunk/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.h
U trunk/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c
U trunk/src/plugins/kdb/ldap/libkdb_ldap/lockout.c
From: ghudson@mit.edu
Subject: SVN Commit

Document the disable_last_success and disable_lockout variables in
krb5.conf.M. Also document database_name in krb5.conf.M and slightly
adjust the wording in admin.texinfo.


https://github.com/krb5/krb5/commit/263b6258c20e52b648b68a2580fb6cffc7e84d2a
Commit By: ghudson
Revision: 24078
Changed Files:
U trunk/doc/admin.texinfo
U trunk/src/config-files/krb5.conf.M