The Enforce Login Restrictions feature of the Novell® Kerberos KDC allows you to do the following:
Enforce the login restrictions of the eDirectory™ users for Kerberos authentications. For every authentication request by a Kerberos principal, the Novell Kerberos KDC checks for the associated eDirectory user’s various login based restrictions, such as address restrictions, time restrictions, intruder detection, account disabled, login expiration, password expiration, and grace logins expiration.
Update the login statistics for both successful and failed authentication attempts to enforce the login restrictions configured. For example, the account is locked when the configured number of bad password attempts is exceeded.