Raritan Computer DSX-0N-E Security Camera User Manual


  Open as PDF
of 233
 
CHAPTER 12: COMMAND LINE INTERFACE 145
The above 3 machines should be pingable by FQDN. Get the hosts file using
gethostnamefile from the Kerberos menu.
Use klist to check the ticket expiration.
Most of the kadmin error messages are associated with ticket expiration
Kadmin: -List principal and add missing principal if it doesn’t already exist in the KDC
database.
Browser rule : Do not include the REALM part when the browser prompts for principal.
Telnet access : Use –x –l and –k option appropriately. Telnet will initially print that
authentication
Key and Definitions:
1. For KDC, Kadmind, the application server and client machine, refer to : the MIT
Kerberos FAQ [ http://www.cmf.nrl.navy.mil/CCS/people/kenh/kerberos-faq.html ]
2. FQDN : Fully Qualified Domain Name
Note: Information about setting up KDC kadmind is not in the scope of this document. Use
the references mentioned in this section for this information.
Kerberos Command Example
1) admin > Security > Kerberos > getkrbconfig ip 192.168.52.197
login vijay password vijayv path /home/vijay/krb5.conf
Success
2)
kadmin: addprinc host/dsx-182.domain.com@REALM
kadmin: addprinc HTTP/dsx-182.raritan.com@RARITAN.COM
Loginsettings Commands
The loginsettings command menu provides access to the commands used to configure the
systemwide login settings. The loginsettings commands are listed in the table below.
Table 62 Loginsettings Commands
COMMAND DESCRIPTION
idletimeout Set systemwide idletimeout.
inactiveloginexpiry Configure local login expiry time.
invalidloginretries Configure local login max number of retries.
localauth Configure local authentication.
lockoutperiod Lockout period on invalid login attempt.
singleloginperuser Restrict to a single login session per user.
strongpassword Configure strong password rules.
unauthorizedportaccess Unauthorized (Anonymous) port access.
idletimeout Command
The idletimeout command sets or changes the amount of idle time allowed before the system
disconnects the user.
The syntax of the idletimeout command is:
 previous next