[hcoop/debian/openafs.git] / doc / man-pages / pod5 / kaserverauxdb.pod

=head1 NAME

kaserverauxdb - Records failed authentication attempts

=head1 DESCRIPTION

The file F<kaserverauxdb> records failed authentication attempts for the
local Authentication Server. The server creates it automatically in the
F</usr/afs/local> directory by default; use the B<-localfiles> argument to
the B<kaserver> command to specify an alternate directory.

The F<kaserverauxdb> file is an internal database used by the
Authentication Server to prevent access by users who have exceeded the
limit on failed authentication attempts defined in their Authentication
Database entry. The Authentication Server refuses further attempts to
authenticate to an account listed in the database until either an AFS
system administrator issues the B<kas unlock> command to unlock the
account, or the timeout period defined in the user's Authentication
Database entry passes.

The F<kaserverauxdb> file is in binary format, so its contents are not
directly accessible. However, the output from the B<kas examine> command
reports an account's maximum number of failed attempts, the lockout time,
and whether the account is currently locked.

=head1 CAUTIONS

The Authentication Server is obsolete and is provided only for sites that
need to use it while preparing for a migration to Kerberos KDC. It will be
removed in a future version of OpenAFS.

=head1 SEE ALSO

L<kaserver.DB0(5)>,
L<kas_examine(8)>,
L<kas_unlock(8)>,
L<kaserver(8)>

=head1 COPYRIGHT

IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.

This documentation is covered by the IBM Public License Version 1.0.  It was
converted from HTML to POD by software written by Chas Williams and Russ
Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
Commit	Line	Data
805e021f CE	1	=head1 NAME
	2
	3	kaserverauxdb - Records failed authentication attempts
	4
	5	=head1 DESCRIPTION
	6
	7	The file F<kaserverauxdb> records failed authentication attempts for the
	8	local Authentication Server. The server creates it automatically in the
	9	F</usr/afs/local> directory by default; use the B<-localfiles> argument to
	10	the B<kaserver> command to specify an alternate directory.
	11
	12	The F<kaserverauxdb> file is an internal database used by the
	13	Authentication Server to prevent access by users who have exceeded the
	14	limit on failed authentication attempts defined in their Authentication
	15	Database entry. The Authentication Server refuses further attempts to
	16	authenticate to an account listed in the database until either an AFS
	17	system administrator issues the B<kas unlock> command to unlock the
	18	account, or the timeout period defined in the user's Authentication
	19	Database entry passes.
	20
	21	The F<kaserverauxdb> file is in binary format, so its contents are not
	22	directly accessible. However, the output from the B<kas examine> command
	23	reports an account's maximum number of failed attempts, the lockout time,
	24	and whether the account is currently locked.
	25
	26	=head1 CAUTIONS
	27
	28	The Authentication Server is obsolete and is provided only for sites that
	29	need to use it while preparing for a migration to Kerberos KDC. It will be
	30	removed in a future version of OpenAFS.
	31
	32	=head1 SEE ALSO
	33
	34	L<kaserver.DB0(5)>,
	35	L<kas_examine(8)>,
	36	L<kas_unlock(8)>,
	37	L<kaserver(8)>
	38
	39	=head1 COPYRIGHT
	40
	41	IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
	42
	43	This documentation is covered by the IBM Public License Version 1.0. It was
	44	converted from HTML to POD by software written by Chas Williams and Russ
	45	Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.