08-01-2017
Pretty sure it is similar to LInux for this, in pam you have "unlock_time=900".
10 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
Hi,
I am currently working in a security project and I was wondering wether you can help me out. I need to find a way to secure scripts and files in Solaris 10 so they do not contain embedded clear text passwords.
The following is an example of a command that could be issued to determine if... (1 Reply)
Discussion started by: nircob
1 Replies
2. Solaris
I only able to lock user ID with passwd -l username
It seems there is no option for me to unlock ID in solaris?
Is there any command as below?
passwd -u username
Appreciate someome can share with me the way to do it. (1 Reply)
Discussion started by: dwarf007
1 Replies
3. UNIX for Dummies Questions & Answers
Hi I am working in Solaris 10 and I want to monitor logs for every telnet/ssh session that tries to connect to the server. I need these logs to be generated in a file that I can fetch using ftp.
I am a new user and a stepwise detail will be great
BR
saGGee (3 Replies)
Discussion started by: saggee
3 Replies
4. UNIX for Advanced & Expert Users
Hi,
I need to deactivate a user account for some time and then reactivate the user account ...
Can anybody please help me how to do this.....
I don't have root privileges but i have sudo to privileges.
Thanks....
Thread closed. Double post. Continued here. (0 Replies)
Discussion started by: firestar
0 Replies
5. Solaris
Hi,
I need to deactivate a user account for some time and then reactivate the user account ...
Can anybody please help me how to do this.....
I don't have root privileges but i have sudo to privileges.
Thanks.... (3 Replies)
Discussion started by: firestar
3 Replies
6. Solaris
Hi
I need to create a new user account in salaries. Can anyone tell me the cmd to create the new user acc. But the main thing is it should same permissions ,same group etc of already existing group.
For example we have already one user in name “comp” so the newly created user should also have... (3 Replies)
Discussion started by: kkalyan
3 Replies
7. Solaris
Is there an automatic method for adding drivers to Solaris 10? I know there is add_drv, (0 Replies)
Discussion started by: trinityforce
0 Replies
8. UNIX for Advanced & Expert Users
Hi - Please help me to understand the Veritas Cluster fail-over capability.
We configured oracle database file system on veritas cluster file system and it is automatically failing-over from node 1 to node 2.
Does Veritas cluster softward have any option to fail-back from node 2 to node 1... (6 Replies)
Discussion started by: Mansoor8810
6 Replies
9. Shell Programming and Scripting
Dear Experts ,
I want to stop and Start tomcat at the time of shutdown and startup of our server . I was trying to stop tomcat with following command
# su - dm -c "/export/home/Finder/FinderWeb/jakarta-tomcat-3.3.1a/bin/shutdown.sh"
but i am getting following error. Please suggest .... (1 Reply)
Discussion started by: Amit.saini333
1 Replies
10. Red Hat
Hi
We have these specific requirements for a bunch of servers we have and cannot seem to get pam to behave in this way. We would like:
PAM locks accounts if pam tally reaches 10.
PAM unlocks the account after 30mins from locking it, and resets the pam_tally.
The key is that we don't... (0 Replies)
Discussion started by: snoop2048
0 Replies
LEARN ABOUT CENTOS
postlogin-ac
SYSTEM-AUTH-AC(5) File Formats Manual SYSTEM-AUTH-AC(5)
NAME
system-auth-ac, password-auth-ac, smartcard-auth-ac, fingerprint-auth-ac, postlogin-ac - Common configuration files for PAMified services
written by authconfig(8)
SYNOPSIS
/etc/pam.d/system-auth-ac
DESCRIPTION
The purpose of this configuration file is to provide common configuration file for all applications and service daemons calling PAM
library.
The system-auth configuration file is included from all individual service configuration files with the help of the include directive. When
authconfig(8) writes the system PAM configuration file it replaces the default system-auth file with a symlink pointing to system-auth-ac
and writes the configuration to this file. The symlink is not changed on subsequent configuration changes even if it points elsewhere. This
allows system administrators to override the configuration written by authconfig.
The authconfig now writes the authentication modules also into additional PAM configuration files /etc/pam.d/password-auth-ac,
/etc/pam.d/smartcard-auth-ac, and /etc/pam.d/fingerprint-auth-ac. These configuration files contain only modules which perform authentica-
tion with the respective kinds of authentication tokens. For example /etc/pam.d/smartcard-auth[-ac] will not contain pam_unix and pam_ldap
modules and /etc/pam.d/password-auth[-ac] will not contain pam_pkcs11 and pam_fprintd modules.
The file /etc/pam.d/postlogin-ac contains common services to be invoked after login. An example can be a module that encrypts an user's
filesystem or user's keyring and is decrypted by his password.
The PAM configuration files of services which are accessed by remote connections such as sshd or ftpd now include the /etc/pam.d/password-
auth configuration file instead of /etc/pam.d/system-auth.
EXAMPLE
Configure system to use pam_tally2 for configuration of maximum number of failed logins. Also call pam_access to verify if access is
allowed.
Make system-auth symlink point to system-auth-local which contains:
auth requisite pam_access.so
auth requisite pam_tally2.so deny=3 lock_time=30
unlock_time=3600
auth include system-auth-ac
account required pam_tally2.so
account include system-auth-ac
password include system-auth-ac
session include system-auth-ac
BUGS
None known.
SEE ALSO
authconfig(8), authconfig-gtk(8), pam(8), system-auth(5)
Red Hat, Inc. 2010 March 31 SYSTEM-AUTH-AC(5)