Previous Topic: Endpoint Custom Settings TabNext Topic: Microsoft Active Directory

Screens and TabsTabsEndpoint Account Management TabsAccount Management ScreensKerberosAccount Tab

Account Tab

Use this tab to view and modify the account properties of a principal and account template.

The fields in this tab are listed below:

Account ID

Specifies the name of the Kerberos account.

Rule String: %AC%

Suspended

When checked, specifies the account ID is suspended.

*For Accounts Only

Password

Specifies the password of the Kerberos principal.

Size/Type: 0 to 64 alpha-numeric characters

Rule String: %p%

Confirm Password

Confirms the password.

*For Accounts Only

Choose Random Password Check Box

When checked, specifies that the password of the principal is randomly generated. The generated password conforms to the selected password account template.

enc:salt List Box

Displays the available and assigned encryption type and salt pairs. You can add or remove assigned encryption type and salt pairs as needed..

Note: If there is no password change, the list box is read-only. If the password is changed or Choose Random Password is selected, the list box is enabled and can be edited.

Password Policy

Specifies the password policy for the account.

Suspended

When checked, specifies that the account is suspended.

Maximum Ticket Life

Specifies the maximum ticket life of the Kerberos principal in days, hours minutes and seconds.

Renewable Life of a Ticket

Specifies the maximum renewable life of a ticket for the Kerberos principal in days, hours, minutes and seconds.

Expiration User

Specifies the expiration date of the principal. Click the Calendar to select the date.

Expiration Password

Specifies the expiration date of the principal's password.Click the Calendar to select the date.

ALLOW POST DATED

When checked, specifies that the principal is can receive post-dated tickets.

ALLOW FORWARDABLE

When checked, specifies that the principal can receive forwardable tickets.

ALLOW RENEWABLE

When checked, specifies that the principal is not prohibited from obtaining renewable tickets.

ALLOW PROXIABLE

When checked, specifies that the principal can receive proxiable tickets.

ALLOW DUP SKEY

When checked, specifies that the principal can receive a session key for another user.

REQUIRES PREAUTH

When checked, specifies that the principal must pre-authenticate before being allowed to kinit.

REQUIRES HWAUTH

When checked, specifies that the principal must pre-authenticate using a hardware device before being allowed to kinit.

ALLOW SVR

When checked, specifies service tickets can be issued to this principal.

ALLOW TGS REQ

When checked, specifies that a Ticket-Granting Service request for a service ticket is permitted for this principal.

ALLOW TIX

When checked, specifies that the principal can be issued tickets.

REQUIRE PWD CHANGE

When checked, specifies that a flag is set to force a password change.

PWD CHANGE SERVICE

When checked, specifies that a flag is set to mark this principal as a password change service.