10-21-2010
Hi,
Thanks for the response, I tried both options but no luck, after editing pam files do i need to start any services.
If i go for third option what I need to do after installing.
Thanks,
trimurtulu
10 More Discussions You Might Find Interesting
1. UNIX and Linux Applications
Hi all of you..............
I am using openldap on ubuntu server . i want to apply password policy for user's to set password length , expire date , ......etc.
can anybody guide me to configure this. (1 Reply)
Discussion started by: jagnikam
1 Replies
2. Solaris
Hi Solaris's expert
I need to change user password on Solaris10 2 servers.
With the same password I can change it just only one.
Try to check everything but not found difference??
password pattern: abcdeFgh9Jk
server1 check all characters but server2 check only first 8 characters.Why??... (10 Replies)
Discussion started by: arm_naja
10 Replies
3. Red Hat
Today i was going through some of security guides written on linux .
Under shadow file security following points were mentioned.
1)The encrypted password stored under /etc/shadow file should have more than 14-25 characters.
2)Usernames in shadow file must satisfy to all the same rules as... (14 Replies)
Discussion started by: pinga123
14 Replies
4. Solaris
hi folk,
i try to setup a new password policy for our solaris box user, below are the /etc/default/passwd/, but then when i tried to create a user, it didn't ask for numeric character, and the new password also didn't ask for special characters.
# useradd testing
# passwd testing
New... (7 Replies)
Discussion started by: dehetoxic
7 Replies
5. Ubuntu
Hi linux expert,
i would like to create a script for listing all user with there password policy. It should be in the following format:
Last password change : Sep 19, 2011
Password expires : never
Password inactive : never
Account... (2 Replies)
Discussion started by: yprudent
2 Replies
6. Red Hat
Hi Experts,
i would like to know the description of the following:
Minimum: 0
Maximum: 90
Warning: 7
Inactive: -1
Last Change: Never
Password Expires: Never
Password Inactive: Never
Account Expires: Never
Does this means that... (2 Replies)
Discussion started by: yprudent
2 Replies
7. Solaris
Hello All,
I have Sun DSEE7 (11g) on Solaris 10.
I have run idsconfig and initialized ldap client with profile created using idsconfig.
My ldap authentication works. Here is my pam.conf
# Authentication management
#
# login service (explicit because of pam_dial_auth)
#
login ... (3 Replies)
Discussion started by: pandu345
3 Replies
8. Ubuntu
Hello Team,
I am using Lubuntu & have DRBL remote boot setup with open Ldap authentication. Currently there is no password expire policy. I want to set Password Policy so that user's password will expire after a month & they will get prompt to change their password.
Using PAM we can do it,... (1 Reply)
Discussion started by: paragnehete
1 Replies
9. AIX
I need help. I have set a password policy. But I want to dis allow setting user name as password.
My policy is as below...
min length =8
min diff=2
min alpha=2
max repeats=2
dictionary= /usr/share/dict/words
Still user can set his username as password (i.e. Jackie1234).
Code tags for... (11 Replies)
Discussion started by: powerAIX
11 Replies
10. Red Hat
Hi,
I am unable to enforce password complexity policy for root user. (other users are working) on RHEL 6.2. Anything wrong with system-auth parameters? PLease help..
vi /etc/pam.d/system-auth
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time... (1 Reply)
Discussion started by: suresh3566
1 Replies
LEARN ABOUT LINUX
pam-auth-update
PAM-AUTH-UPDATE(8) System Manager's Manual PAM-AUTH-UPDATE(8)
NAME
pam-auth-update - manage PAM configuration using packaged profiles
SYNOPSIS
pam-auth-update [--package [--remove profile [profile...]]] [--force]
DESCRIPTION
pam-auth-update is a utility that permits configuring the central authentication policy for the system using pre-defined profiles as sup-
plied by PAM module packages. Profiles shipped in the /usr/share/pam-configs/ directory specify the modules, with options, to enable; the
preferred ordering with respect to other profiles; and whether a profile should be enabled by default. Packages providing PAM modules reg-
ister their profiles at install time by calling pam-auth-update --package. Selection of profiles is done using the standard debconf inter-
face. The profile selection question will be asked at `medium' priority when packages are added or removed, so no user interaction is
required by default. Users may invoke pam-auth-update directly to change their authentication configuration.
The script makes every effort to respect local changes to /etc/pam.d/common-*. Local modifications to the list of module options will be
preserved, and additions of modules within the managed portion of the stack will cause pam-auth-update to treat the config files as locally
modified and not make further changes to the config files unless given the --force option.
If the user specifies that pam-auth-update should override local configuration changes, the locally-modified files will be saved in
/etc/pam.d/ with a suffix of .pam-old.
OPTIONS
--package
Indicate that the caller is a package maintainer script; lowers the priority of debconf questions to `medium' so that the user is
not prompted by default.
--remove profile [profile...]
Remove the specified profiles from the system configuration. pam-auth-update --remove should be used to remove profiles from the
configuration before the modules they reference are removed from disk, to ensure that PAM is in a consistent and usable state at all
times during package upgrades or removals.
--force
Overwrite the current PAM configuration, without prompting. This option must not be used by package maintainer scripts; it is
intended for use by administrators only.
FILES
/etc/pam.d/common-*
Global configuration of PAM, affecting all installed services.
/usr/share/pam-configs/
Package-supplied authentication profiles.
AUTHOR
Steve Langasek <steve.langasek@canonical.com>
COPYRIGHT
Copyright (C) 2008 Canonical Ltd.
SEE ALSO
PAM(7), pam.d(5), debconf(7)
Debian 08/23/2008 PAM-AUTH-UPDATE(8)