[hcoop/debian/openafs.git] / doc / man-pages / pod8 / kas_unlock.pod

=head1 NAME

kas_unlock - Unlocks a locked user account

=head1 SYNOPSIS

=for html
<div class="synopsis">

B<kas unlock> S<<< B<-name> <I<authentication ID>> >>>
    S<<< [B<-admin_username> <I<admin principal to use for authentication>>] >>>
    S<<< [B<-password_for_admin> <I<admin password>>] >>> S<<< [B<-cell> <I<cell name>>] >>>
    S<<< [B<-servers> <I<explicit list of authentication servers>>+] >>>
    [B<-noauth>] [B<-help>]

B<kas u> S<<< B<-na> <I<authentication ID>> >>>
    S<<< [B<-a> <I<admin principal to use for authentication>>] >>>
    S<<< [B<-p> <I<admin password>>] >>> S<<< [B<-c> <I<cell name>>] >>>
    S<<< [B<-s> <I<explicit list of authentication servers>>+] >>> [B<-no>] [B<-h>]

=for html
</div>

=head1 DESCRIPTION

The B<kas unlock> command unlocks the Authentication Database entry named
by the B<-name> argument. An entry becomes locked when the user exceeds
the limit on failed authentication attempts, generally by providing the
wrong password to either an AFS-modified login utility or the B<klog>
command. Use the B<kas setfields> command to set the limit and the lockout
time, and the B<kas examine> command to examine the settings.

To unlock all locked user accounts at once, shutdown the B<kaserver>
process on every database server machine, and remove the
F</usr/afs/local/kaauxdb> file from each one. The B<kaserver> process
recreates the file as it restarts.

=head1 OPTIONS

=over 4

=item B<-name> <I<authentication ID>>

Names the Authentication Database entry to unlock.

=item B<-admin_username> <I<admin principal>>

Specifies the user identity under which to authenticate with the
Authentication Server for execution of the command. For more details, see
L<kas(8)>.

=item B<-password_for_admin> <I<admin password>>

Specifies the password of the command's issuer. If it is omitted (as
recommended), the B<kas> command interpreter prompts for it and does not
echo it visibly. For more details, see L<kas(8)>.

=item B<-cell> <I<cell name>>

Names the cell in which to run the command. For more details, see
L<kas(8)>.

=item B<-servers> <I<authentication servers>>+

Names each machine running an Authentication Server with which to
establish a connection. For more details, see L<kas(8)>.

=item B<-noauth>

Assigns the unprivileged identity C<anonymous> to the issuer. For more
details, see L<kas(8)>.

=item B<-help>

Prints the online help for this command. All other valid options are
ignored.

=back

=head1 EXAMPLES

In the following example, an administrator using the C<admin> account
unlocks the entry for C<jones>:

   % kas unlock -name jones -admin_username admin
   Administrator's (admin) Password:

=head1 PRIVILEGE REQUIRED

The issuer must have the C<ADMIN> flag set on his or her Authentication
Database entry.

=head1 SEE ALSO

L<kas(8)>,
L<kas_examine(8)>,
L<kas_setfields(8)>,
L<klog(1)>

=head1 COPYRIGHT

IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.

This documentation is covered by the IBM Public License Version 1.0.  It was
converted from HTML to POD by software written by Chas Williams and Russ
Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
Commit	Line	Data
805e021f CE	1	=head1 NAME
	2
	3	kas_unlock - Unlocks a locked user account
	4
	5	=head1 SYNOPSIS
	6
	7	=for html
	8	<div class="synopsis">
	9
	10	B<kas unlock> S<<< B<-name> <I<authentication ID>> >>>
	11	S<<< [B<-admin_username> <I<admin principal to use for authentication>>] >>>
	12	S<<< [B<-password_for_admin> <I<admin password>>] >>> S<<< [B<-cell> <I<cell name>>] >>>
	13	S<<< [B<-servers> <I<explicit list of authentication servers>>+] >>>
	14	[B<-noauth>] [B<-help>]
	15
	16	B<kas u> S<<< B<-na> <I<authentication ID>> >>>
	17	S<<< [B<-a> <I<admin principal to use for authentication>>] >>>
	18	S<<< [B<-p> <I<admin password>>] >>> S<<< [B<-c> <I<cell name>>] >>>
	19	S<<< [B<-s> <I<explicit list of authentication servers>>+] >>> [B<-no>] [B<-h>]
	20
	21	=for html
	22	</div>
	23
	24	=head1 DESCRIPTION
	25
	26	The B<kas unlock> command unlocks the Authentication Database entry named
	27	by the B<-name> argument. An entry becomes locked when the user exceeds
	28	the limit on failed authentication attempts, generally by providing the
	29	wrong password to either an AFS-modified login utility or the B<klog>
	30	command. Use the B<kas setfields> command to set the limit and the lockout
	31	time, and the B<kas examine> command to examine the settings.
	32
	33	To unlock all locked user accounts at once, shutdown the B<kaserver>
	34	process on every database server machine, and remove the
	35	F</usr/afs/local/kaauxdb> file from each one. The B<kaserver> process
	36	recreates the file as it restarts.
	37
	38	=head1 OPTIONS
	39
	40	=over 4
	41
	42	=item B<-name> <I<authentication ID>>
	43
	44	Names the Authentication Database entry to unlock.
	45
	46	=item B<-admin_username> <I<admin principal>>
	47
	48	Specifies the user identity under which to authenticate with the
	49	Authentication Server for execution of the command. For more details, see
	50	L<kas(8)>.
	51
	52	=item B<-password_for_admin> <I<admin password>>
	53
	54	Specifies the password of the command's issuer. If it is omitted (as
	55	recommended), the B<kas> command interpreter prompts for it and does not
	56	echo it visibly. For more details, see L<kas(8)>.
	57
	58	=item B<-cell> <I<cell name>>
	59
	60	Names the cell in which to run the command. For more details, see
	61	L<kas(8)>.
	62
	63	=item B<-servers> <I<authentication servers>>+
	64
65	Names each machine running an Authentication Server with which to
66	establish a connection. For more details, see L<kas(8)>.
67
68	=item B<-noauth>
69
70	Assigns the unprivileged identity C<anonymous> to the issuer. For more
71	details, see L<kas(8)>.
72
73	=item B<-help>
74
75	Prints the online help for this command. All other valid options are
76	ignored.
77
78	=back
79
80	=head1 EXAMPLES
81
82	In the following example, an administrator using the C<admin> account
83	unlocks the entry for C<jones>:
84
85	% kas unlock -name jones -admin_username admin
86	Administrator's (admin) Password:
87
88	=head1 PRIVILEGE REQUIRED
89
90	The issuer must have the C<ADMIN> flag set on his or her Authentication
91	Database entry.
92
93	=head1 SEE ALSO
94
95	L<kas(8)>,
96	L<kas_examine(8)>,
97	L<kas_setfields(8)>,
98	L<klog(1)>
99
100	=head1 COPYRIGHT
101
102	IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
103
104	This documentation is covered by the IBM Public License Version 1.0. It was
105	converted from HTML to POD by software written by Chas Williams and Russ
106	Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.