Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
More options
HP.com home
 Kerberos Server Version 3.12 Administrator's Guide: HP-UX 11i v3 > Chapter 8 Administering the Kerberos Server

Password Tab (Principal Information Window)
» 

Technical documentation

Complete book in PDF
» Feedback
Content starts here

 » Table of Contents

 » Glossary

 » Index

spacerspacerspacer
spacer
spacer
  		 
 

You can use the Password tab (Figure 8-5 “Password Tab”) on the Principal Information window to specify the password parameters for the principal.

Figure 8-5 Password Tab

Password Tab

Table 8-10 “Password Tab Components” describes the components of the Password tab.

Table 8-10 Password Tab Components

Component NameDescription
PrincipalDisplays the name of the principal that you are editing.

LDAP DN

Displays the LDAP DN that you are editing.

Password Expiration/Date

Indicates when the current principal password expires. Select Password Expiration/Date to activate password expiration for the current principal. If you do not enable this function, the password of the current principal never expires.

You can enter one of the following options in the Password Expiration/Date text box:

  • A date and time, in the following format: 

    HH:MM MM/DD/YYY

  • The keyword NEVER, which indicates that the principal will never expire.

Key Version Number

Specifies the version number of the principal password. The version number identifies the number of times the password has been changed. When a principal is created for the first time, its password version number is 1. Every time the password is changed, the version number is incremented by 1.

Password Last Changed

Indicates the date when the password was last changed. The keyword NEVER indicates that a user cannot change the password.

Change Password

Displays the Change Password window, which provides the option to specify a password or to generate a random key for the current principal.

Failed Auth Count

Specifies the number of failed authentication attempts since the last successful authentication by the principal. Every failed SignOn request by the client increments the Failed Auth Count value by 1. If the number exceeds the maximum value allowed by the MaxFailAuthCnt parameter in the password policy file, the principal account is automatically locked. To determine if a principal account is locked, click Principal Information>Attributes and verify if Lock Principal check box is selected. To unlock a principal, clear the check box.

Primary and Secondary Key Types

Specifies the available key encryption options: DES3, DES-MD5,and DES-CRC. Select a key encryption type for each salt type that you use.

Primary and Secondary Salt Types

Specifies the salt type for a principal. A Salt is a string of characters added to a password before it is transformed into the secret key. Each salt type, except None, has some data associated with it. The salt data is appended to the password before generating the DES3 or DES encrypted key. The salt key settings are controlled through the Password tab. Salts are used to strengthen passwords and to ensure that principals with the same passwords do not have the same key.

 

Change Password Window (Password Tab)

When you create a new principal using the Principal Information window>Password tab, HP Kerberos Administrator automatically displays the Change Password window (Figure 8-6 “Change Password Window”). Enter a new password and verify the password for user principals. You must select Generate Random Key only for service principals. If you select the Generate Random Key option, a unique encrypted key is created without entering a password.

Figure 8-6 Change Password Window

Change Password Window

Table 8-11 “Change Password Window Components” describes the components of the Change Password window.

Table 8-11 Change Password Window Components

ComponentsDescription
PrincipalDisplays the name of the principal that you are editing.
Generate Random Key

Generates a random key for a principal. Generating a random key always results in a unique key. Random keys are generally created for service principals.

New Password

Specifies the new password information. This is a temporary password because the principal is required to change the password of the user during next logon. The assumption is that the NoChangeReqPwd setting in the password policy file of the principal is set to 0 (zero), which is the default.

Verification

Re-enter your new password for verification.

 



Changing Password Information
  		 


Changing a Key Type  
Printable version
Privacy statement Using this site means you accept its terms Feedback to webmaster
© 2007 Hewlett-Packard Development Company, L.P.