When using FreeIPA windows there are time when user lock themself. And when we check FreeIPA UI we don’t see any problem. Actually the problem is user is locked out in Kerberos Database. Hence to make it work we have to unlock the user in kerberos database. Below are the steps.
# kadmin.local kadmin: getprinc mohan
Below is the output from above command.
Last successful authentication: [never]
Last failed authentication: Thu Sep 03 11:30:33 IST 2014
Failed password attempts: 4
To unlock the user below is the command.
kadmin: modprinc -unlock mohan