|
|
Sponsored Content
Operating Systems
Solaris
Solaris Automatic Account Unlock
Post 303000738 by os2mac on Tuesday 18th of July 2017 05:54:32 PM
07-18-2017
|
|
10 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
Hi,
I am currently working in a security project and I was wondering wether you can help me out. I need to find a way to secure scripts and files in Solaris 10 so they do not contain embedded clear text passwords.
The following is an example of a command that could be issued to determine if... (1 Reply)
Discussion started by: nircob
1 Replies
2. Solaris
I only able to lock user ID with passwd -l username
It seems there is no option for me to unlock ID in solaris?
Is there any command as below?
passwd -u username
Appreciate someome can share with me the way to do it. (1 Reply)
Discussion started by: dwarf007
1 Replies
3. UNIX for Dummies Questions & Answers
Hi I am working in Solaris 10 and I want to monitor logs for every telnet/ssh session that tries to connect to the server. I need these logs to be generated in a file that I can fetch using ftp.
I am a new user and a stepwise detail will be great
BR
saGGee (3 Replies)
Discussion started by: saggee
3 Replies
4. UNIX for Advanced & Expert Users
Hi,
I need to deactivate a user account for some time and then reactivate the user account ...
Can anybody please help me how to do this.....
I don't have root privileges but i have sudo to privileges.
Thanks....
Thread closed. Double post. Continued here. (0 Replies)
Discussion started by: firestar
0 Replies
5. Solaris
Hi,
I need to deactivate a user account for some time and then reactivate the user account ...
Can anybody please help me how to do this.....
I don't have root privileges but i have sudo to privileges.
Thanks.... (3 Replies)
Discussion started by: firestar
3 Replies
6. Solaris
Hi
I need to create a new user account in salaries. Can anyone tell me the cmd to create the new user acc. But the main thing is it should same permissions ,same group etc of already existing group.
For example we have already one user in name “comp” so the newly created user should also have... (3 Replies)
Discussion started by: kkalyan
3 Replies
7. Solaris
Is there an automatic method for adding drivers to Solaris 10? I know there is add_drv, (0 Replies)
Discussion started by: trinityforce
0 Replies
8. UNIX for Advanced & Expert Users
Hi - Please help me to understand the Veritas Cluster fail-over capability.
We configured oracle database file system on veritas cluster file system and it is automatically failing-over from node 1 to node 2.
Does Veritas cluster softward have any option to fail-back from node 2 to node 1... (6 Replies)
Discussion started by: Mansoor8810
6 Replies
9. Shell Programming and Scripting
Dear Experts ,
I want to stop and Start tomcat at the time of shutdown and startup of our server . I was trying to stop tomcat with following command
# su - dm -c "/export/home/Finder/FinderWeb/jakarta-tomcat-3.3.1a/bin/shutdown.sh"
but i am getting following error. Please suggest .... (1 Reply)
Discussion started by: Amit.saini333
1 Replies
10. Red Hat
Hi
We have these specific requirements for a bunch of servers we have and cannot seem to get pam to behave in this way. We would like:
PAM locks accounts if pam tally reaches 10.
PAM unlocks the account after 30mins from locking it, and resets the pam_tally.
The key is that we don't... (0 Replies)
Discussion started by: snoop2048
0 Replies
LEARN ABOUT HPUX
pamkrbval
pamkrbval(1m) pamkrbval(1m) NAME
- validates the PAM Kerberos configuration. SYNOPSIS
{ pa32 | pa64 | ia32 | ia64 } [ verbose ] [ CIFS ] DESCRIPTION
verifies the PAM Kerberos related configuration files, and It also checks if the default realm KDC is running. This tool will help the administrator diagnose the problem. performs the following validations: Checks whether the control_flags and the module_types specified for the PAM Kerberos specific entries in the /etc/pam.conf file are valid. Checks whether the PAM Kerberos specific module_paths that are specified in exist. If the module_path name is not absolute it is assumed to be relative to The (i.e Instruction Set Architecture) token is replaced by this tool with for IA 32-bit option( ), or with for IA 64-bit option( ), or with null for PA 32-bit option( ), or with for PA 64-bit option( ). Checks whether the options specified for pam_krb5 library are valid PAM Kerberos options. Validates /etc/pam_user.conf file only if libpam_updbe is configured in /etc/pam.conf file. This validation will be similar to the /etc/pam.conf validation. Validates the syntax of the Kerberos configuration file, /etc/krb5.conf. Validates if the default realm KDC is issuing tickets. Atleast one KDC must reply to the ticket requests for the default realm. Validates the host service principal, in the file, if this file exists. If the keytab entry for this host service principal does not exist in the default keytab file, checks for the host service principal in the KDC. If the host service principal does not exist in the KDC, then ignores the validation and assumes success. If finds the host service principal in the KDC, issues the following warn- ing message: found on KDC but not found in keytab file. NOTE An entry in /etc/pam.conf file is considered to be PAM Kerberos entry if the file name in the module_path begins with An example of a PAM Kerberos entry in /etc/pam.conf is as shown: The machine is considered to be configured with libpam_updbe if the file name in the module_path of an entry in /etc/pam.conf begins with An example of a pam_updbe entry in /etc/pam.conf is as shown: LOGGING logs all messages to stdout. The log categories provided are: These messages are logged when verbose option is set. These messages are logged to notify the user about the erroneous lines in pam configuration files or to notify about the skipping of /etc/pam_user.conf file validation. These messages are logged when any of the above mentioned validation fails. These messages are logged to notify the user about a potentially erroneous configuration on the system that may result in validation failure. These messages are logged when any of the above mentioned validation succeeds. These messages are logged when validation of /etc/krb5.keytab is ignored. These messages are logged to inform the user about the exact problem in the pam configuration files. These messages will give some minimal help to the user to rectify the problem. If there are any or or messages then there is some problem in the appropriate section. The administrator should diagnose the prob- lem. OPTIONS
verbose output { pa32 | pa64 | ia32 | ia64 } Depending on the architecture on which the validation need to be done this option needs to be set. The flags available are as listed below: for PA 32-bit architecture for PA 64-bit architecture for IA 32-bit architecture for IA 64-bit architecture Depending on this flag, in the module_path will be expanded as explained in the Description section of this manpage. Use this option if is configured on the system to enable validation of the keytab entry for Do not use this option if is not configured on the system. RETURN VALUE
returns the following exit codes: Successful configuration validation. Warnings were found during configuration validation. Errors were detected during configuration validation. FILES the kerberos client configuration file the pam configuration file The pam user configuration file The default location for the local host's keytab file AUTHOR
was developed by HP. SEE ALSO
krb5.conf(4), pam(3), pam_krb5(5), pam.conf(4), pam_updbe(5), pam_user.conf(4) pamkrbval(1m)