|Summary:||"User account is locked" only locks local password|
|Product:||[Retired] Red Hat Linux||Reporter:||Matthew Miller <mattdm>|
|Component:||redhat-config-users||Assignee:||Brent Fox <bfox>|
|Status:||CLOSED RAWHIDE||QA Contact:|
|Fixed In Version:||Doc Type:||Bug Fix|
|Doc Text:||Story Points:||---|
|Last Closed:||2003-05-22 22:09:28 UTC||Type:||---|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
Description Matthew Miller 2003-03-19 19:57:22 UTC
The user account properties dialog contains a "User account is locked" checkbox in the Account Info tab. This checkbox, however, only causes the local password to be !!'d out -- it doesn't actually "lock" the account in the way someone might expect. Someone using Kerberos, for example, can get in just fine. I see two possible solutions to this. First, change the wording to say "Local password is locked". Alternately, instead of locking with !!, change the account to be expired.
Comment 1 Brent Fox 2003-04-03 20:31:31 UTC
Nalin, how would you recommend that we address this?
Comment 2 Nalin Dahyabhai 2003-05-22 21:14:45 UTC
For now we should just document that we're locking the local password, but long-term we should roll Kerberos administration into the underlying management library. Doing that makes things *really* complicated, because you'll suddenly run into cases where the local admin can administer local files but nothing else.
Comment 3 Matthew Miller 2003-05-22 21:41:11 UTC
Cases where the local admin can administer local files but nothing else is pretty much the standard environment here. :)
Comment 4 Brent Fox 2003-05-22 22:09:28 UTC
I changed the string to say "Local password is locked". Should be fixed in redhat-config-users-1.1.6-1. Thanks for your report.