Password interaction with remote aaa servers, Configuring the account lockout threshold – Brocade Network OS NETCONF Operations Guide v4.1.1 User Manual
Page 225
Network OS NETCONF Operations Guide
193
53-1003231-02
Password policies
15
Configuring the account lockout threshold
You can configure the lockout threshold. The lockout threshold is the number of times a user can
attempt to log in with an incorrect password before the account is locked. The number of failed
login attempts is counted from the last successful login. This value can be set to a value from 0
through 16. A value of 0 disables the lockout mechanism (default).
1. Issue the
urn:brocade.com:mgmt:brocade-aaa namespace.
2. Under the
the lockout threshold.
The following example sets the lockout threshold to 4.
?xml version="1.0" encoding="UTF-8"?>
When a user account is locked, it can be unlocked using the procedure described in
Password interaction with remote AAA servers
The password policies apply to local switch authentication only. External AAA servers such as
RADIUS, TACACS+, or LDAP provide server-specific password-enforcement mechanisms. The
Network OS password management commands operate on the switch-local password database
only, even when the switch is configured to use an external AAA service for authentication. When so
configured, authentication through remote servers is applied to login only.
When remote AAA server authentication is enabled, an administrator can still perform user and
password management functions on the local password database.
For more information on remote AAA server authentication, refer to