|
|
Sponsored Content
Operating Systems
Linux
Red Hat
Account lockout policy
Post 302427910 by ygemici on Tuesday 8th of June 2010 08:36:54 AM
06-08-2010
|
|
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
I am using AIx 4.3.3 and was wondering what the command was to keep users from logging in. I want to be able to do maintenance and keep the users out. Can anyone help? (7 Replies)
Discussion started by: cgillett
7 Replies
2. UNIX for Dummies Questions & Answers
Hi, I am extremely new to UNIX and was recently promoted to administer the system for a small company. Anyhow, the time came for passwords to change, and I made the huge mistake of entering in the command (as root)
passwd -l
After logging out (oblivious to what would happen next), the root... (4 Replies)
Discussion started by: newbieadmin
4 Replies
3. AIX
Hi,
We are using 4.3.3.0 and I would like to make a global change to the "number of failed logins before user account is locked"
Any ideas, other than using SMIT one user at a time.... ???
Thanks... Craig. (2 Replies)
Discussion started by: stumpy
2 Replies
4. AIX
I want to know if there is any easy way of stopping 1 user from using su? perferabily any su but I can make do with not allow him to su to root but allow other user to su to root. (3 Replies)
Discussion started by: daveisme
3 Replies
5. UNIX and Linux Applications
What is the best way to implement account lockout in openldap? I have an openldap server with Ubuntu desktop client connecting to it for authentication. I want he accounts to locked out after say 5 failed authentication attempts
I have enabled ppolicy layout in slapd.conf.
overlay ppolicy... (0 Replies)
Discussion started by: nitin09
0 Replies
6. Red Hat
On a redhat linux 4 server, how to find if there is an account lockout duration is set. Is it configured under pam or /etc/shadow? what entries I need to find out? Is it pam_time.so module?
I desperately need an answer because on one of the servers, no one was able to login through any account... (4 Replies)
Discussion started by: Tirmazi
4 Replies
7. Linux
Hi,
i have the following config in the system-auth files
auth required /lib/security/$ISA/pam_env.so
auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
auth required /lib/security/$ISA/pam_deny.so
account required ... (2 Replies)
Discussion started by: yprudent
2 Replies
8. Red Hat
having account lockout issues with an RHEL 5 server. My users are getting locked out for 10 minutes after one failed login attempt even though /etc/pam.d/sshd is configured for 5 failed attempts:
auth include system-auth
auth required pam_tally2.so deny=5 onerr=fail... (1 Reply)
Discussion started by: nerdalert
1 Replies
9. Solaris
Greetings,
I work with a Solaris Sun Server V240 system (GCCS) and have run into a problem where I can't seem to unlock my SECMAN account at the NON-GLOBAL level. I have access to all global accounts to include sysadmin and secman. I have access to the non-global sysadmin account and root... (4 Replies)
Discussion started by: TLAMGUY
4 Replies
10. Red Hat
Good day. I have setup hardening the password (test system so far) prior to doing any work on production. Here is what I have set.
Snippet from /etc/pam.d/system-auth
auth required /lib/security/$ISA/pam_env.so
auth required /lib/security/$ISA/pam_tally.so... (3 Replies)
Discussion started by: smurphy_it
3 Replies
LEARN ABOUT CENTOS
lchage
lchage(1) General Commands Manual lchage(1) NAME
lchage - Display or change user password policy SYNOPSIS
lchage [OPTION]... user DESCRIPTION
Displays or allows changing password policy of user. OPTIONS
-d, --date=days Set the date of last password change to days after Jan 1 1970. Set days to -1 to disable password expiration (i.e. to ignore --mindays, and --maxdays and related settings). Set days to 0 to enforce password change on next login. (This also disables password expiration until the password is changed.) -E, --expire=days Set the account expiration date to days after Jan 1 1970. Set days to -1 to disable account expiration. -i, --interactive Ask all questions when connecting to the user database, even if default answers are set up in libuser configuration. -I, --inactive=days Disable the account after days after password expires (after the user is required to change the password). Set days to -1 to keep the account enabled indefinitely after password expiration. -l, --list Only list current user's policy and make no changes. -m, --mindays=days Require at least days days between password changes. Set days to 0 or -1 to disable this requirement. If this value is larger than the value set by --maxdays, the user cannot change the pasword. -M, --maxdays=days Require changing the password after days since last password change. Set days to -1 to disable password expiration. -W, --warndays=days Start warning the user days before password expires (before the user is required to change the password). Set days to 0 or -1 to disable the warning. EXIT STATUS
The exit status is 0 on success, nonzero on error. NOTES
Note that "account expiration" (set by --expire) is distinct from "password expiration" (set by --maxdays). Account expiration happens on a fixed date regardless of password changes. Password expiration is relative to the date of last password change. libuser Nov 8 2012 lchage(1)