Filter
Top Products
Managing Kerberos
22-10 Managing Access Server Security
User Authentication Procedure
When the system administrator configures Kerberos security features for a given
access server port, you need to enter a valid user name and password when you log on
to the access server. A complete Kerberos principal name has the following format:
user-name[.instance]@realm-name
To abort the authentication process, press the Break key or the Local Switch key.
By default, Kerberos allows you three attempts to enter a valid user name and
password. After three unsuccessful attempts to enter a user name and password, the
access server disables the authentication procedure on the port for a period of 1 minute.
To change the default number of invalid authentication attempts, use the SET
PASSWORD LIMIT command.
Example: Authentication with a Complete User Name
The following example shows a typical user authentication that uses the complete form
of the Kerberos principal name. This session assumes that the Kerberos administrator
has entered your user name and password in the Kerberos database.
Username> smith.su@finance.acme.com
Password> (not echoed)
Local - 450 - Attempting to authenticate
user:smith.su@finance.acme.com
Local - 451 - Authentication successful
Local>
Example: Authentication Using the First Portion of the User Name
If a default realm is configured, you have to enter only the first portion of the user name
as shown in the following example:
Username> smith
Password> (not echoed)
Local - 450 - Attempting to authenticate user:
smith@finance.acme.com
Local - 451 - Authentication successful
Local>