Account lockout failure count

The account lockout feature has one attribute called: Failures Before Lockout. According to the sun doc, it is said that it is 'how many consecutive failures are allowed before Directory Server locks the account'. My question is: if the user ssh into the LDAP client and type a wrong password, do sshd and pam service all log one record for the failed attempt? In another words, does pam count one failure and the sshd count one failure (totally 2 times) or just either pam or sshd count one time failure (totally only 1 time)?

Thanks,

--xinhuan

[566 byte] By [xhza] at [2007-11-27 4:47:58]

«« How to import msaccess into mysql in lan using jdbc
»» How to provide streaming in J2EE web application?

# 1

These are more questions of implementation of the pam module.

But, Directory Server uses only LDAP Bind failed authentication to increase the counters. So, I would say that an ssh user typing a wrong pasword should only translate into a single failed Bind request and thus 1 failure.

Ludovic.

ludovicpa at 2007-7-12 10:00:46 >

top of Java-index,Web & Directory Servers,Directory Servers...

# 2

Thanks Ludovic. Your information is very helpful.--xinhuan

xhza at 2007-7-12 10:00:46 >

Web & Directory Servers

Directory Servers

Java programming resources: FAQs, tutorials, compiler and browser download sites, documentation, books lists, IDEs, etc.

Account lockout failure count

Web & Directory Servers New Topic

Web & Directory Servers Hot Topic

Web & Directory Servers

All Classified