1. Proposed title of this feature request:

Adding a temporary lock to kubeadmin account

2. What is the nature and description of the request?

Since OpenShift OAuth does not support such functionality by default, they want the system configured in a way  to be able to trigger an account lockout for a reasonable lockout period. Possibly subsequent to 4 failed login attempts. (Slowdown Timer / Temp Lockout / Perm. Lockout)

3. Why does the customer need this? (List the business requirements here)

It doesn't comply with a compliance requirement. They want this configuration to trigger a lockout.

Notes:

• They are on OCP 4.8.35

-They want it on all, lab, PreProd & Prod.

-They already have an integration with LDAP and this part works for AD accounts; they now want for kubeadmin.

Their ask is; "is kubeadmin is using oAuth mechanism? does the oAuth mechanism support temporary account lockout?"