Sponsored Content
Full Discussion: User Account Policy
Operating Systems Linux User Account Policy Post 302710093 by yprudent on Thursday 4th of October 2012 01:28:38 AM
Old 10-04-2012
User Account Policy

Hi,
i have the following config in the system-auth files

PHP Code:
auth        required      /lib/security/$ISA/pam_env.so
auth        sufficient    
/lib/security/$ISA/pam_unix.so likeauth nullok
auth        required      
/lib/security/$ISA/pam_deny.so

account     required      
/lib/security/$ISA/pam_unix.so
account     sufficient    
/lib/security/$ISA/pam_succeed_if.so uid 100 quiet
account     required      
/lib/security/$ISA/pam_permit.so

password    requisite     
/lib/security/$ISA/pam_cracklib.so retry=3 minlen=8 lcredit=-1 ucredit=-1 dcredit=-1 ocredit=-1
password    sufficient    
/lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow
password    required      
/lib/security/$ISA/pam_deny.so

session     required      
/lib/security/$ISA/pam_limits.so
session     required      
/lib/security/$ISA/pam_unix.so 
and i want a user to be able to try to enter a password on 3 time then the account shall be locked for 60 secondes. HAving a look to some post i tried the following:

PHP Code:
auth        required      /lib/security/$ISA/pam_env.so
#auth        required      /lib/security/$ISA/pam_tally.so onerr=fail deny=3 unlock_time=60
auth        required      /lib/security/$ISA/pam_tally.so deny=3 unclok_time=60
auth        sufficient    
/lib/security/$ISA/pam_unix.so likeauth nullok
auth        required      
/lib/security/$ISA/pam_deny.so

account     required      
/lib/security/$ISA/pam_unix.so
account     required      
/lib/security/$ISA/pam_tally.so reset
account     sufficient    
/lib/security/$ISA/pam_succeed_if.so uid 100 quiet
account     required      
/lib/security/$ISA/pam_permit.so

password    requisite     
/lib/security/$ISA/pam_cracklib.so try_first_pass retry=3 minlen=8 lcredit=-1 ucredit=-1 dcredit=-1 ocredit=-1
password    sufficient    
/lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow
password    required      
/lib/security/$ISA/pam_deny.so

session     required      
/lib/security/$ISA/pam_limits.so
session     required      
/lib/security/$ISA/pam_unix.so 

but still test in unsucessfull. i need the help of an expert urgently,

thanks

Last edited by yprudent; 10-04-2012 at 02:40 AM..
 

8 More Discussions You Might Find Interesting

1. Post Here to Contact Site Administrators and Moderators

user account

hi how to disable the useraccount in aix (should not remove). (1 Reply)
Discussion started by: chomca
1 Replies

2. UNIX for Dummies Questions & Answers

Difference between : Locked User Account & Disabled User Accounts in Linux ?

Thanks AVKlinux (3 Replies)
Discussion started by: avklinux
3 Replies

3. Red Hat

Account lockout policy

Hi all; I m using Red Hat Enterprise Linux Server release 5.1 (Tikanga) and I'm trying to setup password lockout policy so that a user account locks out after 3 failed attempts. Here are the entires of my /etc/pam.d/system-auth #%PAM-1.0 # This file is auto-generated. # User changes... (1 Reply)
Discussion started by: maverick_here
1 Replies

4. Solaris

how to assign group policy to user in solaris

hi, how to assign group policy to user in solaris (1 Reply)
Discussion started by: meet2muneer
1 Replies

5. Solaris

password policy for new user

hi folk, i try to setup a new password policy for our solaris box user, below are the /etc/default/passwd/, but then when i tried to create a user, it didn't ask for numeric character, and the new password also didn't ask for special characters. # useradd testing # passwd testing New... (7 Replies)
Discussion started by: dehetoxic
7 Replies

6. Ubuntu

User and Password Policy

Hi linux expert, i would like to create a script for listing all user with there password policy. It should be in the following format: Last password change : Sep 19, 2011 Password expires : never Password inactive : never Account... (2 Replies)
Discussion started by: yprudent
2 Replies

7. HP-UX

User account

I need to check actual date a user was disabled on my HP-UX server. Audit is claiming the user account was active during the last audit exercise. (7 Replies)
Discussion started by: cyriac_N
7 Replies

8. AIX

How to copy user policy from a server to another one?

Hi I would like to copy some user policy ( such as login time out , password expired time, number of failed login before user is locked, ... ) from one server to another server. I had copied necessary files ( in /etc and /etc/security ) to new server, but something didn't work. I guess that... (13 Replies)
Discussion started by: bobochacha29
13 Replies
All times are GMT -4. The time now is 12:30 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy