Post by mharishm on Jun 16, 2021 10:08:39 GMT
As per the schema we understood that when "AccountLockoutCounterResetEnabled" property is set to "false" then the account gets locked permanently on reaching the threshold value for failed login attempts.
Lets say there is a same account in both redfish account service(local account) and also in external account service provider.
Lets say there is a same account in both redfish account service(local account) and also in external account service provider.
Ex:
Redfish Account
username: admin
password: admin
External Account Service like LDAP/AD
username: admin
password: admin
Consider "AccountLockoutCounterResetEnabled" property is set to "false" and "LocalAccountAuth" is set to "LocalFirst".
Suppose if we give wrong password for "admin" account continuously to reach its threshold limit, what should be the ideal behaviour?
>> giving 200 response even on reaching the threshold limit for failed login attempt and authenticate redfish service using external account service like LDAP/AD
>> should we have to lock the account permanently without checking in external account service
What should be the ideal behavior in this situation.
Thanks,
Harish
