From: | ghudson@mit.edu |
Subject: | SVN Commit |
The account lockout feature of krb5 1.8 came at a cost in database
accesses for principals requiring preauth, even if lockout is not
used. Add dbmodules variables disable_last_success and
disable_lockout for the DB2 and LDAP back ends, allowing the admin to
recover the lost performance at the cost of new functionality.
(Unrelated documentation fix: document database_name as a DB2-specific
dbmodules variable instead of the realm variable it used to be.)
https://github.com/krb5/krb5/commit/6eacb6d5f29da306ea605a5efb00c0d01c3182b1
Commit By: ghudson
Revision: 24003
Changed Files:
U trunk/doc/admin.texinfo
U trunk/src/include/k5-int.h
U trunk/src/plugins/kdb/db2/kdb_db2.c
U trunk/src/plugins/kdb/db2/kdb_db2.h
U trunk/src/plugins/kdb/db2/lockout.c
U trunk/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.h
U trunk/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c
U trunk/src/plugins/kdb/ldap/libkdb_ldap/lockout.c