Login or Register to Ask a Question and Join Our Community


HP-UX

Password compliance setting

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems HP-UX Password compliance setting
# 1  
Old 05-19-2016
Password compliance setting
I need to set password compliance for some servers in my company.
However, the requirements are that we need to set different password policies for 3 different user groups within the company. These are :
  1. System Users: i.e root, etc
  2. Batch/Application Users: oracle, bscs, etc
  3. Standard User: emoyikje, vincentw, etc
Is it possible to get this done?
As far as I know there is only one global file for password compliance setting, which is /etc/default/security.

How do I create different policies for 3 different user groups?
Last edited by rbatte1; 05-19-2016 at 04:57 PM.. Reason: Changed text list into formatted list with LIST=1 tags
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Solaris

Problems setting password.

Hi All, I have a problem setting the password when I have to create a user and password as detailed below. username : gaacj01 password : oshopp01 username : gaacj02 password : oshopp02 username : gaacj03 password : oshopp03 username : gaacj04 password : oshopp04 username : gaacj05 ... (17 Replies)
Discussion started by: kittigolf
17 Replies

2. SuSE

Setting password complexity

Hi, I am setting password complexity in SLES 11. I am able to do most of things pam-config -d --pwcheck pam-config -a --cracklib pam-config -a --cracklib-minlen=8 pam-config -a --cracklib-dcredit=-1 pam-config -a --cracklib-ocredit=-1 pam-config -a --pwhistory pam-config -a... (1 Reply)
Discussion started by: solaris_1977
1 Replies

3. Solaris

default password setting

Can anyone kindly explain to me the meaning of the default values of the code below please? Thank you very much #MINDIFF=3 #MINALPHA=2 #MINNONALPHA=1 #MINUPPER=0 #MINLOWER=0 #MAXREPEATS=0 #MINSPECIAL=0 #MINDIGIT=0 #WHITESPACE=YES (1 Reply)
Discussion started by: cjashu
1 Replies

4. AIX

Setting up Password Security in AIX 5.3

In AIX 5.3 tech level 11: I want to setup a default password policy to have at least one of each of the following: alpha character, numeric character, and "special" character ("!", "&", etc). The smitty Security and Users --> Passwords --> System Password Policy screen only offers "MIN... (2 Replies)
Discussion started by: kikwit_phil
2 Replies

5. UNIX for Advanced & Expert Users

setting password in ldap

Hi, I have installed open ldap according to the order from this video: YouTube - bowendenning's Channel sudo apt-get install slapd sudo apt-get install ldap-utils sudo apt-get install phpldapadmin The installaion was good. However it did NOT ask from me any password. After I enter to... (0 Replies)
Discussion started by: programAngel
0 Replies

6. Solaris

Password Setting

Hi: Could I set the: - Login Time-out Interval - Password History Count - Lockout Duration - Lockout Threshold for user account in Sun Solaris 5.8. Thanks for your help (6 Replies)
Discussion started by: mlsun
6 Replies

7. UNIX for Advanced & Expert Users

setting password for user using useradd?

hi all i am writing a script to create user and group from the input given to script for eg. script needs to values 1. mode - 1 or 2 2. id - if mode is 1 then id should be 2 char like x1 / v1 / v2 if mode is 2 then id should be 1 char like x / v / e from these to values group is... (1 Reply)
Discussion started by: zedex
1 Replies

8. UNIX for Advanced & Expert Users

setting username and password for ftp

hi, i have set up an FTP server in one of our systems. could some one tell me the procedure to set up the username and password for it to enable other users to access the server. thanks (1 Reply)
Discussion started by: div
1 Replies

9. UNIX for Dummies Questions & Answers

Setting password restrictions for all users

I would like to change the password requirements for all our AIX 5.2 logins but am having trouble finding a place where I can set the rules for everyone at the same time. I know I can go user by user in smit passwords but is there a way to create rules for everyone at the same time? Thanks,... (2 Replies)
Discussion started by: drathbone
2 Replies

10. UNIX for Dummies Questions & Answers

Help in setting up password without Interaction.

Can anybody tell me how can I create an account without having to enter the password after editing the vipw file. I mean the system should automatically take care of the password encryption in the shadow file and I don't to enter the password again and the Account should be ready to go. ... (3 Replies)
Discussion started by: syedifti
3 Replies
Login or Register to Ask a Question

LEARN ABOUT MOJAVE

dsconfigldap

dsconfigldap(1) 					    BSD General Commands Manual 					   dsconfigldap(1)

NAME

     dsconfigldap -- LDAP server configuration/binding add/remove tool.

SYNOPSIS

     dsconfigldap [-fvixsgmeSN] -a servername [-n configname] [-c computerid] [-u username] [-p password] [-l username] [-q password]

     dsconfigldap [-fviSN] -r servername [-u username] [-p password] [-l username] [-q password]

		  options:
			-f	       force authenticated binding/unbinding
			-v	       verbose logging to stdout
			-i	       prompt for passwords as required
			-x	       choose SSL connection
			-s	       enforce secure authentication only
			-g	       enforce packet signing security policy
			-m	       enforce man-in-middle security policy
			-e	       enforce encryption security policy
			-S	       do not update search policies
			-N	       do not prompt about adding certificates
			-h	       display usage statement
			-a servername  add config of servername
			-r servername  remove config of servername
			-n configname  name given to LDAP server config
			-c computerid  name used if binding to directory
			-u username    privileged network username
			-p password    privileged network user password
			-l username    local admin username
			-q password    local admin password

DESCRIPTION

     dsconfigldap allows addition or removal of LDAP server configurations. Presented below is a discussion of possible parameters. Usage has
     three intents: add server config, remove server config, or display help.

     Options list and their descriptions:

     -f       Bindings will be established or dropped in conjunction with the addition or removal of the LDAP server configuration.

     -v       This enables the logging to stdout of the details of the operations. This can be redirected to a file.

     -i       You will be prompted for a password to use in conjunction with a specified username.

     -s       This ensures that no clear text passwords will be sent to the LDAP server during authentication.	This will only be enabled if the
	      server supports non-cleartext methods.

     -e       This ensures that if the server is capable of supporting encryption methods (i.e., SSL or Kerberos) that encryption will be enforced
	      at all times via policy.

     -m       This ensures that man-in-the-middle capabilities will be enforced via Kerberos, if the server supports the capability.

     -g       This ensures that packet signing capabilities will be enforced via Kerberos, if the server supports the capability.

     -x       Connection to the LDAP server will only be made over SSL.

     -S       Will skip updating the search policies.

     -N       Will assume Yes for installing certificates

     -h       Display usage statement.

     -a servername
	      This is either the fully qualified domain name or correct IP address of the LDAP server to be added to the DirectoryService LDAPv3
	      configuration.

     -r servername
	      This is either the fully qualified domain name or correct IP address of the LDAP server to be removed from the DirectoryService
	      LDAPv3 configuration.

     -n configname
	      This is the UI configuration label that is to be given the LDAP server configuration.

     -c computerid
	      This is the name to be used for directory binding to the LDAP server. If none is given the first substring, before a period, of the
	      hostname (the defined environment variable "HOST") is used.

     -u username
	      Username of a privileged network user to be used in authenticated directory binding.

     -p password
	      Password for the privileged network user.  This is a less secure method of providing a password, as it may be viewed via process
	      list.  For stronger security leave the option off and you will be prompted for a password.

     -l username
	      Username of a local administrator.

     -q password
	      Password for the local administrator.  This is a less secure method of providing a password, as it may be viewed via process list.
	      For stronger security leave the option off and you will be prompted for a password.

EXAMPLES

     dsconfigldap -a ldap.company.com

     The LDAP server config for the LDAP server myldap.company.com will be added. If authenticated directory binding is required by the LDAP
     server, then this call will fail. Otherwise, the following parameters configname, computerid, and local admin name will respectively pick up
     these defaults: ip address of the LDAP servername, substring up to first period of fully qualified hostname, and username of the user in the
     shell this tool was invoked.

     dsconfigldap -r ldap.company.com

     The LDAP server config for the LDAP server myldap.company.com will be removed but not unbound since no network user credentials were sup-
     plied.  The local admin name will be the username of the user in the shell this tool was invoked.

SEE ALSO

     opendirectoryd(8), odutil(1)

Mac OS								   April 24 2010							    Mac OS