lists.arthurdejong.org
RSS feed

Account locked out after one wrong password attempt

[Date Prev][Date Next] [Thread Prev][Thread Next]

Account locked out after one wrong password attempt




Hi everyone

I configured the following line in /etc/nslcd.conf:

uri DNS:ad.example.org

In our environment this entry resolves to 5 active directory domain controllers.

Currently, if a user enters a wrong password, nslcd tries to authenticate against all 5 domain controllers and fails at every DC. As a consequence the user is locked out as our AD policy allows 4 wrong password attempts.

I would like to specify as many DCs as possible, in order to ensure login is possible even if one or more DCs are down. I would also like nss-pam-ldapd to stop authenticating immediately after the first failed login attempt and not try authenticating in vain against the remaing four domain controllers.

Is it possible to configure the above mentioned scenario?

I am using version 0.8.13

Thanks for any support.

Thomas
-- 
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-users/