Hi I have finally started to get around to analysing the krb5kdc.logs from our production server. Most of it was simple but I can't seem to find a marker for a failed login with an incorrect password. I see the same log entry for sucessful or unsuccessful logins using kinit?
failed login Feb 20 13:33:19 keberos krb5kdc[29389](info): AS_REQ (1 etypes {1}) nnn.nnn.nnn.nnn: ISSUE: authtime 1140395599, etypes {rep=1 tkt=16 ses=1}, [EMAIL PROTECTED] for krbtgt/[EMAIL PROTECTED] successful login Feb 20 13:33:24 kerberos krb5kdc[29389](info): AS_REQ (1 etypes {1}) nnn.nnn.nnn.nnn: ISSUE: authtime 1140395604, etypes {rep=1 tkt=16 ses=1}, [EMAIL PROTECTED] for krbtgt/[EMAIL PROTECTED] Is it even possible to tell from the KDC? Cheers Matt ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos