Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: NIS password policy
Operating Systems Linux Red Hat NIS password policy Post 302464910 by ygemici on Thursday 21st of October 2010 09:29:59 AM
Old 10-21-2010
** If you have /lib/security/pam_pwdb.so
append below to your /etc/pwdb.conf in client
Code:
user:
    unix+shadow
    nis+unix+shadow
group:
    unix+shadow
    nis+unix+shadow

change like below to /etc/nsswitch.conf
Code:
passwd:     files nis
shadow:     files nis
group:      files nis

append like below to /etc/pam.d/passwd
Code:
auth  required  /lib/security/pam_pwdb.so shadow  
account  required  /lib/security/pam_pwdb.so  
password  required  /lib/security/pam_cracklib.so retry=3  
password  required  /lib/security/pam_pwdb.so use_authtok md5 shadow


** if you have not pam_pwdb.so then append like below to /etc/pam.d/passwd
Code:
password required pam_unix.so obscure min=8 max=15 md5 nis
password required pam_cracklib.so retry=3 retry=3 minlen=12 dcredit=2 ucredit=2 lcredit=1 difok=3
password sufficient pam_unix.so obscure min=4 max=8 md5 nis use_authtok
password required pam_unix.so obscure min=4 max=8 md5 use_first_pass

** if you dont success for these methods then u can try this module for nis
PAM NIS authorisation module

good lucks
regards ygemici
Last edited by ygemici; 10-21-2010 at 11:19 AM..
 

10 More Discussions You Might Find Interesting

1. UNIX and Linux Applications

Need openLDAP + Password policy guide

Hi all of you.............. I am using openldap on ubuntu server . i want to apply password policy for user's to set password length , expire date , ......etc. can anybody guide me to configure this. (1 Reply)
Discussion started by: jagnikam
1 Replies

2. Solaris

Password policy problem ??

Hi Solaris's expert I need to change user password on Solaris10 2 servers. With the same password I can change it just only one. Try to check everything but not found difference?? password pattern: abcdeFgh9Jk server1 check all characters but server2 check only first 8 characters.Why??... (10 Replies)
Discussion started by: arm_naja
10 Replies

3. Red Hat

Shadow file password policy

Today i was going through some of security guides written on linux . Under shadow file security following points were mentioned. 1)The encrypted password stored under /etc/shadow file should have more than 14-25 characters. 2)Usernames in shadow file must satisfy to all the same rules as... (14 Replies)
Discussion started by: pinga123
14 Replies

4. Solaris

password policy for new user

hi folk, i try to setup a new password policy for our solaris box user, below are the /etc/default/passwd/, but then when i tried to create a user, it didn't ask for numeric character, and the new password also didn't ask for special characters. # useradd testing # passwd testing New... (7 Replies)
Discussion started by: dehetoxic
7 Replies

5. Ubuntu

User and Password Policy

Hi linux expert, i would like to create a script for listing all user with there password policy. It should be in the following format: Last password change : Sep 19, 2011 Password expires : never Password inactive : never Account... (2 Replies)
Discussion started by: yprudent
2 Replies

6. Red Hat

Password Policy description

Hi Experts, i would like to know the description of the following: Minimum: 0 Maximum: 90 Warning: 7 Inactive: -1 Last Change: Never Password Expires: Never Password Inactive: Never Account Expires: Never Does this means that... (2 Replies)
Discussion started by: yprudent
2 Replies

7. Solaris

Solaris and PAM Password policy

Hello All, I have Sun DSEE7 (11g) on Solaris 10. I have run idsconfig and initialized ldap client with profile created using idsconfig. My ldap authentication works. Here is my pam.conf # Authentication management # # login service (explicit because of pam_dial_auth) # login ... (3 Replies)
Discussion started by: pandu345
3 Replies

8. Ubuntu

Password Expiration Policy

Hello Team, I am using Lubuntu & have DRBL remote boot setup with open Ldap authentication. Currently there is no password expire policy. I want to set Password Policy so that user's password will expire after a month & they will get prompt to change their password. Using PAM we can do it,... (1 Reply)
Discussion started by: paragnehete
1 Replies

9. AIX

Password Policy

I need help. I have set a password policy. But I want to dis allow setting user name as password. My policy is as below... min length =8 min diff=2 min alpha=2 max repeats=2 dictionary= /usr/share/dict/words Still user can set his username as password (i.e. Jackie1234). Code tags for... (11 Replies)
Discussion started by: powerAIX
11 Replies

10. Red Hat

Password policy for root

Hi, I am unable to enforce password complexity policy for root user. (other users are working) on RHEL 6.2. Anything wrong with system-auth parameters? PLease help.. vi /etc/pam.d/system-auth #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time... (1 Reply)
Discussion started by: suresh3566
1 Replies

LEARN ABOUT OSF1

yppasswdd

yppasswdd(8)						      System Manager's Manual						      yppasswdd(8)

NAME

       yppasswdd, rpc.yppasswdd - server daemon for modifying the Network Information Service (NIS) password file

SYNOPSIS

       /usr/sbin/rpc.yppasswdd file [-m arg1 arg2...]

DESCRIPTION

       The yppasswdd daemon is a server that handles password change requests from yppasswd(1). It changes a password entry in the specified file,
       which is assumed to be in the same format described in passwd(4).  An entry in file will be changed  only  if  the  password  presented	by
       yppasswd(1) matches the encrypted password of that entry.

       If  the -m option is given, then after file is modified, a make(1) will be performed in /var/yp. Any arguments following the option will be
       passed to make. The -m option should be set only at a NIS master server machine.

       This server is not run by default, nor can it be started up from inetd(8).  If it is desired to enable remote  password	updating  for  the
       NIS, then an entry for yppasswdd should be put in the /sbin/init.d/nis file of the host serving as the master for the NIS passwd file.

SECURITY NOTE

       When enhanced security is installed and NIS is used to distribute the protected password authentication database, the yppasswdd daemon man-
       ages writes to that database.  A strict C2 security     policy, which is optionally configurable using  enhanced  security,  requires  each
       user  login or login failure to be recorded in the protected password authentication database.  These updates, in combination with password
       changes and system administration functions affecting user accounts, are coordinated by the daemon.

EXAMPLES

       If the NIS password file is stored as /var/yp/src/passwd, then to have password	changes  propagated  immediately,  the	server	should	be
       invoked as: /usr/sbin/rpc.yppasswdd /var/yp/src/passwd -m passwd DIR= /var/yp/src

FILES

SEE ALSO

       Commands: yppasswd(1), ypmake(8)

       Files: passwd(4), ypfiles(4)

																      yppasswdd(8)
All times are GMT -4. The time now is 05:11 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy