Subject: | Account lockout not transparently reported to administrators via get_principal |
kadmin get_principal reports the last successful authentication, the
last failed authentication, and the number of failed password attempts.
We should also report:
* The last administrative unlock timestamp
* Whether the account is locked out, and for how long
last failed authentication, and the number of failed password attempts.
We should also report:
* The last administrative unlock timestamp
* Whether the account is locked out, and for how long