Skip Menu |
 

Subject: Account lockout not transparently reported to administrators via get_principal
kadmin get_principal reports the last successful authentication, the
last failed authentication, and the number of failed password attempts.
We should also report:

* The last administrative unlock timestamp
* Whether the account is locked out, and for how long