Commit | Line | Data |
---|---|---|
805e021f CE |
1 | =head1 NAME |
2 | ||
3 | kas_unlock - Unlocks a locked user account | |
4 | ||
5 | =head1 SYNOPSIS | |
6 | ||
7 | =for html | |
8 | <div class="synopsis"> | |
9 | ||
10 | B<kas unlock> S<<< B<-name> <I<authentication ID>> >>> | |
11 | S<<< [B<-admin_username> <I<admin principal to use for authentication>>] >>> | |
12 | S<<< [B<-password_for_admin> <I<admin password>>] >>> S<<< [B<-cell> <I<cell name>>] >>> | |
13 | S<<< [B<-servers> <I<explicit list of authentication servers>>+] >>> | |
14 | [B<-noauth>] [B<-help>] | |
15 | ||
16 | B<kas u> S<<< B<-na> <I<authentication ID>> >>> | |
17 | S<<< [B<-a> <I<admin principal to use for authentication>>] >>> | |
18 | S<<< [B<-p> <I<admin password>>] >>> S<<< [B<-c> <I<cell name>>] >>> | |
19 | S<<< [B<-s> <I<explicit list of authentication servers>>+] >>> [B<-no>] [B<-h>] | |
20 | ||
21 | =for html | |
22 | </div> | |
23 | ||
24 | =head1 DESCRIPTION | |
25 | ||
26 | The B<kas unlock> command unlocks the Authentication Database entry named | |
27 | by the B<-name> argument. An entry becomes locked when the user exceeds | |
28 | the limit on failed authentication attempts, generally by providing the | |
29 | wrong password to either an AFS-modified login utility or the B<klog> | |
30 | command. Use the B<kas setfields> command to set the limit and the lockout | |
31 | time, and the B<kas examine> command to examine the settings. | |
32 | ||
33 | To unlock all locked user accounts at once, shutdown the B<kaserver> | |
34 | process on every database server machine, and remove the | |
35 | F</usr/afs/local/kaauxdb> file from each one. The B<kaserver> process | |
36 | recreates the file as it restarts. | |
37 | ||
38 | =head1 OPTIONS | |
39 | ||
40 | =over 4 | |
41 | ||
42 | =item B<-name> <I<authentication ID>> | |
43 | ||
44 | Names the Authentication Database entry to unlock. | |
45 | ||
46 | =item B<-admin_username> <I<admin principal>> | |
47 | ||
48 | Specifies the user identity under which to authenticate with the | |
49 | Authentication Server for execution of the command. For more details, see | |
50 | L<kas(8)>. | |
51 | ||
52 | =item B<-password_for_admin> <I<admin password>> | |
53 | ||
54 | Specifies the password of the command's issuer. If it is omitted (as | |
55 | recommended), the B<kas> command interpreter prompts for it and does not | |
56 | echo it visibly. For more details, see L<kas(8)>. | |
57 | ||
58 | =item B<-cell> <I<cell name>> | |
59 | ||
60 | Names the cell in which to run the command. For more details, see | |
61 | L<kas(8)>. | |
62 | ||
63 | =item B<-servers> <I<authentication servers>>+ | |
64 | ||
65 | Names each machine running an Authentication Server with which to | |
66 | establish a connection. For more details, see L<kas(8)>. | |
67 | ||
68 | =item B<-noauth> | |
69 | ||
70 | Assigns the unprivileged identity C<anonymous> to the issuer. For more | |
71 | details, see L<kas(8)>. | |
72 | ||
73 | =item B<-help> | |
74 | ||
75 | Prints the online help for this command. All other valid options are | |
76 | ignored. | |
77 | ||
78 | =back | |
79 | ||
80 | =head1 EXAMPLES | |
81 | ||
82 | In the following example, an administrator using the C<admin> account | |
83 | unlocks the entry for C<jones>: | |
84 | ||
85 | % kas unlock -name jones -admin_username admin | |
86 | Administrator's (admin) Password: | |
87 | ||
88 | =head1 PRIVILEGE REQUIRED | |
89 | ||
90 | The issuer must have the C<ADMIN> flag set on his or her Authentication | |
91 | Database entry. | |
92 | ||
93 | =head1 SEE ALSO | |
94 | ||
95 | L<kas(8)>, | |
96 | L<kas_examine(8)>, | |
97 | L<kas_setfields(8)>, | |
98 | L<klog(1)> | |
99 | ||
100 | =head1 COPYRIGHT | |
101 | ||
102 | IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved. | |
103 | ||
104 | This documentation is covered by the IBM Public License Version 1.0. It was | |
105 | converted from HTML to POD by software written by Chas Williams and Russ | |
106 | Allbery, based on work by Alf Wachsmann and Elizabeth Cassell. |