Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: PAM settings.
Operating Systems Solaris PAM settings. Post 302309899 by Hari_Ganesh on Thursday 23rd of April 2009 07:43:37 AM
Old 04-23-2009
[1]d08083: cat /etc/default/login
#ident "@(#)login.dfl 1.10 99/08/04 SMI" /* SVr4.0 1.1.1.1 */
# Set the TZ environment variable of the shell.
#
#TIMEZONE=EST5EDT
# ULIMIT sets the file size limit for the login. Units are disk blocks.
# The default of zero means no limit.
#
#ULIMIT=0
# If CONSOLE is set, root can only login on that device.
# Comment this line out to allow remote login by root.
#
CONSOLE=/dev/console
# PASSREQ determines if login requires a password.
#
PASSREQ=YES
# ALTSHELL determines if the SHELL environment variable should be set
#
ALTSHELL=YES
# PATH sets the initial shell PATH variable
#
#PATH=/usr/bin:
# SUPATH sets the initial shell PATH variable for root
#
#SUPATH=/usr/sbin:/usr/bin
# TIMEOUT sets the number of seconds (between 0 and 900) to wait before
# abandoning a login session.
#
#TIMEOUT=300
# UMASK sets the initial shell file creation mode mask. See umask(1).
#
UMASK=022
# SYSLOG determines whether the syslog(3) LOG_AUTH facility should be used
# to log all root logins at level LOG_NOTICE and multiple failed login
# attempts at LOG_CRIT.
#
SYSLOG=YES
# SLEEPTIME controls the number of seconds that the command should
# wait before printing the "login incorrect" message when a
# bad password is provided. The range is limited from
# 0 to 5 seconds.
#
#SLEEPTIME=4
# RETRIES determines the number of failed logins that will be
# allowed before login exits.
#
RETRIES=3
#
# The SYSLOG_FAILED_LOGINS variable is used to determine how many failed
# login attempts will be allowed by the system before a failed login
# message is logged, using the syslog(3) LOG_NOTICE facility. For example,
# if the variable is set to 0, login will log -all- failed login attempts.
#
SYSLOG_FAILED_LOGINS=0
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

PAM Vs Trusted mode in HP-UX

Hi All, Some questions on PAM (Pluggable Authentication Modulues) and Trusted mode in HP-UX. As default, when I turn on trusted mode (need shadow password only), the PAM is atomatically installed(not sure the word "installed" is appropriate or not). Can we turn on the trusted mode only,... (0 Replies)
Discussion started by: wilsonchan1000
0 Replies

2. Programming

PAM Authentication Sample

Hi, I am a Linux / Unix newbie c programmer. I have a c/c++ daemon server that will receive authentication (userid / password) from a windows client. All I want to do is authenticate the user via PAM API - i.e. user must exist on the Unix / Linux system + password must be validated. ... (1 Reply)
Discussion started by: vineshp
1 Replies

3. AIX

PAM in aix 5.2

After enabling PAm , passwd command does not work properly error in passwd # passwd pamuser Changing password for "pamuser" pamuser's New password: Enter the new password again: 3004-709 Error changing password for "pamuser". ... (0 Replies)
Discussion started by: ayeshaseerin
0 Replies

4. UNIX for Advanced & Expert Users

Pam configuration

I have suse (SLES 9) machine,I would like to know how to creat a PAM configure file for ldap authentication and loading it using a "config" argument to pam_ldap.so Thanks for your help (0 Replies)
Discussion started by: hassan1
0 Replies

5. AIX

PAM and aix

Does any one know how to get aix 5.3 pam working .. Is there any pathc to make it work (0 Replies)
Discussion started by: ayeshaseerin
0 Replies

6. UNIX for Dummies Questions & Answers

reread pam configuration

Hi. i am on solaris. I have changed pam configuration. Do i need to let pam re-read its configuration again? If so, how can i do it? ps -ef | grep -i pam, returns no hits. Rgds (0 Replies)
Discussion started by: yls177
0 Replies

7. UNIX for Advanced & Expert Users

PAM authentication.

I have applied pam authentication for local users as highlighted in below file. # cat /etc/pam.d/system-auth #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. auth required pam_env.so auth sufficient pam_unix.so... (0 Replies)
Discussion started by: pinga123
0 Replies

8. Ubuntu

PAM, set_rlimits

I have installed a real time kernel on ubuntu, Now, I don't know how to run in real time mode. I tried to execute commands and like emerge, PAM and alike but none were found. Then I installed set_rlimits package, it is installed. I need a real time server, but in the tutorial it tries to run PAM... (2 Replies)
Discussion started by: dr_mabuse
2 Replies

9. SuSE

PAM password change failed, pam error 20

Hi, I use a software which can create account on many system or application. One of resource which is managed by this soft his a server SUSE Linux Enterprise Server 10 (x86_64). patch level 3. This application which is an IBM application use ssh to launch command to create account in... (3 Replies)
Discussion started by: scabarrus
3 Replies

10. SuSE

Authentication with PAM

Hello all, I recently updated PAM policy files (pam_authz.policy) on HP-UX Servers with AD groups involving allowing and denying the certain groups.. Could anyone tell me what is the equivalent mechanism in SLES(Linux)? Is it possible to allow/deny AD group access with the SLES LDAP... (0 Replies)
Discussion started by: lcclaj0
0 Replies

LEARN ABOUT XFREE86

pam_ldap

pam_ldap(8)						      System Manager's Manual						       pam_ldap(8)

NAME

       pam_ldap - PAM module for LDAP-based authentication

SYNOPSIS

       pam_ldap.so [...]

DESCRIPTION

       This is a PAM module that uses an LDAP server to verify user access rights and credentials.

OPTIONS

       use_first_pass
	      Specifies that the PAM module should use the first password provided in the authentication stack and not prompt the user for a pass-
	      word.

       try_first_pass
	      Specifies that the PAM module should use the first password provided in the authentication stack and if that fails prompt  the  user
	      for a password.

       nullok Specifying this option allows users to log in with a blank password.  Normally logins without a password are denied.

       ignore_unknown_user
	      Specifies  that  the  PAM module should return PAM_IGNORE for users that are not present in the LDAP directory.  This causes the PAM
	      framework to ignore this module.

       ignore_authinfo_unavail
	      Specifies that the PAM module should return PAM_IGNORE if it cannot contact the LDAP server.  This causes the PAM framework  to  ig-
	      nore this module.

       no_warn
	      Specifies that warning messages should not be propagated to the PAM application.

       use_authtok
	      This  causes the PAM module to use the earlier provided password when changing the password. The module will not prompt the user for
	      a new password (it is analogous to use_first_pass).

       debug  This option causes the PAM module to log debugging information to syslog(3).

       minimum_uid=UID
	      This option causes the PAM module to ignore the user if the user id is lower than the specified value. This can be  used	to  bypass
	      LDAP checks for system users (e.g. by setting it to 1000).

MODULE SERVICES PROVIDED

       All services are provided by this module but currently sessions changes are not implemented in the nslcd daemon.

FILES

       /etc/pam.conf
	      the main PAM configuration file

       /etc/nslcd.conf
	      The configuration file for the nslcd daemon (see nslcd.conf(5))

SEE ALSO

       pam.conf(5), nslcd(8), nslcd.conf(5)

AUTHOR

       This manual was written by Arthur de Jong <arthur@arthurdejong.org>.

Version 0.8.10							     Jun 2012							       pam_ldap(8)
All times are GMT -4. The time now is 07:08 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy