[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Set account lockout parameter in Solaris 10

Posted on 2009-12-16
6
Medium Priority
?
1,408 Views
Last Modified: 2013-12-27
Hello,

I am trying to lockout accounts who with failed logins and Solaris is not locking the account.  I have edited /etc/security/policy.conf and changed LOCK_AFTER_RETRIES=YES.  I also changed the RETRIES variable to 4.  I have tested my account I have unsuccessfully logged in 13 times and I have not received a message that my account is locked out.  Do I need to change something else?


Thanks!
0
Comment
Question by:cburn32
  • 3
  • 3
6 Comments
 
LVL 48

Expert Comment

by:Tintin
ID: 26066496
You don't receive a message your account is locked.  Solaris will lock your account "silently".

0
 

Author Comment

by:cburn32
ID: 26066517
how do I verify that the account is locked??
0
 
LVL 48

Accepted Solution

by:
Tintin earned 2000 total points
ID: 26066552
As the root user, run

passwd -s user

A locked account will have a "LK" status.

You can also show the status of all accounts with

passwd -a -s

To unlock an account, you do

passwd -u user

To lock an account, you do

passwd -l user



0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 

Author Comment

by:cburn32
ID: 26075930
It is not locking the account.   Is their a service I have to restart?  
0
 
LVL 48

Expert Comment

by:Tintin
ID: 26075991
There's nothing to restart.  Those two settings should be just fine.
0
 

Author Closing Comment

by:cburn32
ID: 31668570
I found out my problem.  I was assigning passwords as root which overides the passwd policies.  I ran a force password change on next logon on a particular user and the user had to follow the complexity rules.
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

My previous tech tip, Installing the Solaris OS From the Flash Archive On a Tape (http://www.experts-exchange.com/articles/OS/Unix/Solaris/Installing-the-Solaris-OS-From-the-Flash-Archive-on-a-Tape.html), discussed installing the Solaris Operating S…
I promised to write further about my project, and here I am.  First, I needed to setup the Primary Server.  You can read how in this article: Setup FreeBSD Server with full HDD encryption (http://www.experts-exchange.com/OS/Unix/BSD/FreeBSD/A_3660-S…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.
Suggested Courses
Course of the Month19 days, 13 hours left to enroll

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question