Steps to reproduce: 1) Create new Password policy 2) Set --maxfail to lets say 10 (value does not matter) 3) Set --lockouttime to lets say 60 (value does not matter) 4) Try to kinit as user in group for which the policy was created 5) The account is locked after various number of failed attemps, not exactly after 10.
It works correctly when --failinterval is set to number != 0 .
Doc string should be enhanced.
Metadata Update from @pvomacka: - Issue assigned to someone - Issue set to the milestone: FreeIPA 4.5
Metadata Update from @mbasti: - Issue close_status updated to: None - Issue set to the milestone: FreeIPA 4.5.1 (was: FreeIPA 4.5)
Metadata Update from @pvoborni: - Issue set to the milestone: FreeIPA 4.7 (was: FreeIPA 4.5.1)
Metadata Update from @rcritten: - Issue set to the milestone: FreeIPA 4.7.1 (was: FreeIPA 4.7)
FreeIPA 4.7 has been released, moving to FreeIPA 4.7.1 milestone
Login to comment on this ticket.