-----BEGIN PGP SIGNED MESSAGE-----
On Tue, 25 Feb 1997, Jean Chess wrote:
I think that I can add something at your list:
How can I disable the possibility of two (or more) concurent logins using
the same userID?
> I have tac_plus 2.1 running for authentication with a Cisco comm server.
> There are a couple features that I don't think it is possible to
> implement with the tac_plus code as is - Any comments/suggestions?
> - lock out users after n successive failures
> I know how to configure the cisco to kick them out after attempts,
> but I don't think there is anyway with just tac_plus to also disable
> the user account on the tacacs server.
> - pre-expire/age passwords and allow users to change them
> When I set an account as expired in the config file, it is
> simply invalid - can't figure out any way to warn user and query
> for a new password.
> I think the Shiva and CiscoSecure provide these options - but I assume
> they do it through enhanced code.
> Jean Chess
> RPM Associates, Inc.
> Pager: 800-504-8235
Network Administrator - LOGIC TELECOM SA
e-mail: <cornel @
PGP Key at: <http://swissnet.ai.mit.edu:11371/pks/lookup?op=get&search=0x41C3DBE9>
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----