Filter
Top Products
Managing Access Server Security 22-11
Managing Kerberos
Changing a User Name and Password
Once the network manager has set up the access server, users can change their own
passwords on the master KDC for their realm.
Example: Sample Kerberos User Authentication Session
The following example shows a sample session for changing a password. The way that
message 468 wraps may appear differently on your terminal screen.
Local> kpasswd
Username> smith
Old password> oldpassword (not echoed)
New password> newpassword (not echoed)
Verification> newpassword (not echoed)
Local -468- Attempting to change Kerberos password for user
smith@finance.acme.com
Local -469- Kerberos password has been changed
Local>
Alternative Password Command
Instead of the KPASSWD command, you can also use the DEFINE KERBEROS
PASSWORD COMMAND as described in the
Network Access Server Command
Reference
.
User Authentication Counters
This section describes the user authentication counters. These counters display
information that is useful for detecting problems.
Network Access Server User Authentication Counters
The following example shows how to display the user authentication counters for the
access server:
Local> SHOW SERVER AUTHENTICATION COUNTERS
Total Total
attempts failures
User authentication (all realms): 16 0
Total Valid Error
Packets Packets Packets
Sent Received Received
Realm: mfg.acme.com 8 8 0
Realm: sales.acme.com 7 6 1
Realm: finance.acme.com 1 1 0
Time since counters last zeroed: 1 01:55:14