Solved

Locking user accounts

Posted on 2006-07-18
12
1,006 Views
Last Modified: 2013-12-27
Pls provide script for locking user accounts on solaris after 3 failed login attempts.  I couldnt find any direct way to lock user accounts
0
Comment
Question by:rojy_20
12 Comments
 
LVL 48

Accepted Solution

by:
Tintin earned 500 total points
Comment Utility
Use PAM_login_limit from http://www.comsmiths.com.au/pam/
0
 

Author Comment

by:rojy_20
Comment Utility
I donot want to download this utilty as we do have restrictions.  If there are some scripts that I could run; then it would be helpful
0
 
LVL 48

Expert Comment

by:Tintin
Comment Utility
What version of Solaris do you use?  

What are the restrictions?  You can download the source from comsmiths.com.

You could possibly use scripts, but it wouldn't be the easiest of tasks.  Much better to use something that is known to work.
0
 
LVL 10

Expert Comment

by:Nukfror
Comment Utility
One way for sure to work without having to download 3rd party PAM modules is to updade to Solaris 10.  Automagic account lockout has finally been added to Solaris.  But I doubt upgrading Solaris was part of your plan ... ;D
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:rojy_20
Comment Utility
Tintin
We have Versions 8, 9 and 10 running in our environment.  Restrictions are mainly with regard to management approval.  I understand scripts are not easy but its worth a try...

Nukfror
Upgrade to 10??!! Now that will take a decade to get approved ;-)
0
 
LVL 48

Expert Comment

by:Tintin
Comment Utility
Don't you love it when management place all these restrictions to make life more difficult.  They generally make these decisions based upon some vague concept that using third party or open source software is bad.

As for using scripts, the only way you could do it with standard tools is to interegate /var/adm/loginlog, but this only logs entries after 5 successive failed login attempts, so that may or may not be sufficient for your needs.
0
 
LVL 2

Expert Comment

by:advega
Comment Utility
why don't you check the /etc/default/* files !
They are self explanatory with comments above each configurable parameter.

may be there you can find answers to what you need.

regards...
0
 
LVL 48

Expert Comment

by:Tintin
Comment Utility
advega.

There are no Solaris options in the /etc/default/ files to lock an account.
0
 
LVL 48

Expert Comment

by:Tintin
Comment Utility
My first solution works well providing you don't have brain dead management who refuse to install software that actually solves the problem.
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Hello fellow BSD lovers, I've created a patch process for patching openjdk6 for BSD (FreeBSD specifically), although I tried to keep all BSD versions in mind when creating my patch. Welcome to OpenJDK6 on BSD First let me start with a little …
Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc. This document explains the different types of consol…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now