We have these specific requirements for a bunch of servers we have and cannot seem to get pam to behave in this way. We would like:
PAM locks accounts if pam tally reaches 10.
PAM unlocks the account after 30mins from locking it, and resets the pam_tally.
The key is that we don't want to have to manually unlock the accounts if a user locks. These are ldap accounts and security policy is controlled elsewhere, and this meets that policy.
Hello,
i configured rhel linux 6 with AD directory to authorize windows users to connect on the system and it works.
i have accounts with high privileges (oracle for example) if an account is created on the AD server i would to block him.
I looked for how to do, for the moment all the... (3 Replies)
Hello,
It is to my understanding that when configuring the Solaris operating system to meet compliance standards, you must configure the "LOCK_AFTER_RETRIES" value in the "/etc/security/policy.conf" file to "YES", and then configure the "RETRIES" parameter in the "/etc/default/login" file to the... (4 Replies)
Hi All,
I want to read the log file for last 30mins logs with time stamps.
Am using below command but, it is not working for me
awk -F - -vDT="$(date --date="30 minutes ago" "+%b %_d %H:%M:%S")" ' DT < $1' log.file >tmp.txt
log file time format is 2016-09-27 14:00:25,192
Use code... (1 Reply)
Hi,
I use a software which can create account on many system or application.
One of resource which is managed by this soft his a server SUSE Linux Enterprise Server 10 (x86_64). patch level 3.
This application which is an IBM application use ssh to launch command to create account in... (3 Replies)
Hi Friends
We have two node trucluster Tru64 4.0F Alpha Servers,In one of Tru64 4.0F Unix Server I am unable to unlock users, when I issue usermod command I will get following error
/usr/sbin/usermod -x administrative_lock_applied=0 username
account manager has exited unexpectedly - please... (0 Replies)
Hi All,
I want to run a script on the hour during a 24 - hour period; easy enough cron will take care of that..however I want the script to only run for only 30mins..
so with the script it knows its 30mins are up so exits.
any ideas?
Any help, greatly appericated.
Thanking you all... (2 Replies)
I frequently rexec into a remote box to run a job, occaisionally I get the the error message "rexecd: Account Disabled" and in the remote box syslog I see "rexecd: PAM - status 28 PAM error message: account is disabled". After a 1/2 hour or so the problem goes away. Anyone shed any light on... (0 Replies)
I only able to lock user ID with passwd -l username
It seems there is no option for me to unlock ID in solaris?
Is there any command as below?
passwd -u username
Appreciate someome can share with me the way to do it. (1 Reply)
pam_pkcs11(8) System Administration tools pam_pkcs11(8)NAME
pam_pkcs11 - PAM Authentication Module for PKCS#11 token libraries
SYNOPSIS
pam_pkcs11.so [debug] [configfile=<configfile>]
DESCRIPTION
This Linux-PAM login module allows a X.509 certificate based user login. The certificate and its dedicated private key are thereby accessed
by means of an appropriate PKCS #11 module. For the verification of the users' certificates, locally stored CA certificates as well as
either online or locally accessible CRLs are used.
CONFIGURATION
The program that needs a PAM service should be configured in /etc/pam.conf or /etc/pam.d/<servicename>.
pam_pkcs11 can be used in the <auth> PAM chain.
For details on how to configure PAM services, see the PAM documentation for your system. This manual does not cover PAM configuration
details. The existing PAM service definitions for other applications on your system is also a good source for examples on how to configure
a PAM service.
FILES
/etc/pam_pkcs11/pam_pkcs11.conf
/usr/lib/pam_pkcs11/*_mapper.so
AUTHOR
Original PAM-pkcs11 was written by Mario Strasser <mast@gmx.net>. Newer versions are from Juan Antonio Martinez <jonsito@teleline.es>.
REPORTING BUGS
Report bugs ideas, comments, bug-fixes and so to: Juan Antonio Martinez <jonsito@teleline.es>
SEE ALSO pam(8), pam_pkcs11.conf(5), PAM Systems Administrator Guide, README.mappers file, PAM-PKCS#11 User Manual.
Mario Strasser 15-Feb-2005 pam_pkcs11(8)