|
|
Sponsored Content
Operating Systems
AIX
failed login time limit
Post 302074617 by jyoung on Wednesday 24th of May 2006 01:59:18 PM
05-24-2006
|
|
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
How do I limit the amount of idle time an account gets on solaris?
Thanks.
VJ (2 Replies)
Discussion started by: vancouver_joe
2 Replies
2. Shell Programming and Scripting
Gud day :)
We have a limited user login so we want to restrict 1 login per user. We have added below script in each user's profile but it is not working :confused: , I displayed the output for COUNT (by inserting echo command) but the value is always 1. Hope you could help me.
Thanks ;) ... (3 Replies)
Discussion started by: lancemendioro
3 Replies
3. Solaris
hi, can someone tell me " how to reset failed login in solaris 8.0"
a user is not able to login and inspite of my changing password cannot.
I believe it must be because the user tried many attempts.
how do i reset the failed login for the user.
Thanks!
karthik (2 Replies)
Discussion started by: karthikosu
2 Replies
4. UNIX for Dummies Questions & Answers
Would appreciate some help, system was displaying an error regarding the kernal when a "sar" was run, after a reboot we get "WARNING user login limit exceeded by 1 user". We have plenty of licences. any ideas? (1 Reply)
Discussion started by: nchrocc
1 Replies
5. Solaris
Hi,
Would appreciate it if someone could shed me some light here as I'm yet to find any related information in this forum with regards to my problem.
Basically, I would like to display "Last Unsuccessful login" information when a user successfully logs-in to the system. I can't seem to find... (2 Replies)
Discussion started by: gilberteu
2 Replies
6. Red Hat
Hi All,
How can I limit a userid (/bin/false) to have access only to ftp service? On redhat ent 4.
Thanks! (1 Reply)
Discussion started by: itik
1 Replies
7. Solaris
Hi guys, Can you please help me.
I have SUN V100 server running solaris 8.
I also have a Redhat Linux 6.2 machine and a windows XP machine on the network.
I'm trying to copy files from the Linux and XP machines to the V100 server.
When I try to ftp to the solaris machine, I'm challenged... (2 Replies)
Discussion started by: Stin
2 Replies
8. Solaris
Dear Unix Team,
This is sudhansu once again. I need some tips on below issue.
Sometimes we got calls from customer that their console got hangged means they are not able to access the server through console ip.
in that case "resetsc -y" will resolve the issue.
2. But couple of days... (2 Replies)
Discussion started by: sudhansu
2 Replies
9. Solaris
Hi,
Can someone tell me the command to do this in solaris 5.10 please? I've trawled around the internet for ages but all I can find is the AIX command...
Thanks (2 Replies)
Discussion started by: Grueben
2 Replies
10. Shell Programming and Scripting
Hey
Am new to scripting in aix 5.3
I need to write a script to limit a user's logon prompt to an interactive menu based upon logon and nothing else.
Any ideas much appreciated.
:wall: (4 Replies)
Discussion started by: mills
4 Replies
LEARN ABOUT OPENSOLARIS
pam_unix_auth
pam_unix_auth(5) Standards, Environments, and Macros pam_unix_auth(5) NAME
pam_unix_auth - PAM authentication module for UNIX SYNOPSIS
pam_unix_auth.so.1 DESCRIPTION
The pam_unix_auth module implements pam_sm_authenticate(), which provides functionality to the PAM authentication stack. It provides func- tions that use crypt(3C) to verify that the password contained in the PAM item PAM_AUTHTOK is the correct password for the user specified in the item PAM_USER. If PAM_REPOSITORY is specified, then user's password is fetched from that repository. Otherwise, the default nss- witch.conf(4) repository is searched for that user. For accounts in the name services which support automatic account locking, the account may be configured to be automatically locked (see user_attr(4) and policy.conf(4)) after multiple failed login attempts. For accounts that are configured for automatic locking, if authen- tication failure is to be returned, the failed login counter is incremented upon each failure. If the number of successive failures equals or exceeds RETRIES as defined in login(1), the account is locked and PAM_MAXTRIES is returned. Currently, only the "files" repository (see passwd(4) and shadow(4)) supports automatic account locking. A successful authentication by this module clears the failed login counter and reports the number of failed attempts since the last successful authentication. Authentication service modules must implement both pam_sm_authenticate() and pam_sm_setcred(). To allow the authentication portion of UNIX authentication to be replaced, pam_sm_setcred() in this module always returns PAM_IGNORE. This module should be stacked with pam_unix_cred(5) to ensure a successful return from pam_setcred(3PAM). The following options can be passed to the module: nowarn Turn off warning messages. server_policy If the account authority for the user, as specified by PAM_USER, is a server, do not apply the UNIX policy from the passwd entry in the name service switch. nolock Regardless of the automatic account locking setting for the account, do not lock the account, increment or clear the failed login count. The nolock option allows for exempting account locking on a per service basis. ERRORS
The following error codes are returned from pam_sm_authenticate(): PAM_AUTH_ERR Authentication failure. PAM_BUF_ERR Memory buffer error. PAM_IGNORE Ignores module, not participating in result. PAM_MAXTRIES Maximum number of retries exceeded. PAM_PERM_DENIED Permission denied. PAM_SUCCESS Successfully obtains authentication token. PAM_SYSTEM_ERR System error. PAM_USER_UNKNOWN No account present for user. The following error codes are returned from pam_sm_setcred(): PAM_IGNORE Ignores this module regardless of the control flag. ATTRIBUTES
See attributes(5) for descriptions of the following attributes: +-----------------------------+-----------------------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | +-----------------------------+-----------------------------+ |Interface Stability |Committed | +-----------------------------+-----------------------------+ |MT Level |MT-Safe with exceptions | +-----------------------------+-----------------------------+ SEE ALSO
login(1), passwd(1), useradd(1M), usermod(1M), roleadd(1M), rolemod(1M), crypt(3C), libpam(3LIB), pam(3PAM), pam_authenticate(3PAM), pam_setcred(3PAM), syslog(3C), pam.conf(4), passwd(4), policy.conf(4), nsswitch.conf(4), shadow(4), user_attr(4), attributes(5), pam_auth- tok_check(5), pam_authtok_get(5), pam_authtok_store(5), pam_dhkeys(5), pam_passwd_auth(5), pam_unix_account(5), pam_unix_session(5) NOTES
The interfaces in libpam(3LIB) are MT-Safe only if each thread within the multi-threaded application uses its own PAM handle. The pam_unix(5) module is no longer supported. Similar functionality is provided by pam_authtok_check(5), pam_authtok_get(5), pam_auth- tok_store(5), pam_dhkeys(5), pam_passwd_auth(5),pam_setcred(3PAM), pam_unix_account(5), pam_unix_cred(5), pam_unix_session(5). If the PAM_REPOSITORY item_type is set and a service module does not recognize the type, the service module does not process any informa- tion, and returns PAM_IGNORE. If the PAM_REPOSITORY item_type is not set, a service module performs its default action. SunOS 5.11 23 Apr 2008 pam_unix_auth(5)