Set account lockout parameter in Solaris 10

Posted on 2009-12-16
Last Modified: 2013-12-27

I am trying to lockout accounts who with failed logins and Solaris is not locking the account.  I have edited /etc/security/policy.conf and changed LOCK_AFTER_RETRIES=YES.  I also changed the RETRIES variable to 4.  I have tested my account I have unsuccessfully logged in 13 times and I have not received a message that my account is locked out.  Do I need to change something else?

Question by:cburn32
    LVL 48

    Expert Comment

    You don't receive a message your account is locked.  Solaris will lock your account "silently".


    Author Comment

    how do I verify that the account is locked??
    LVL 48

    Accepted Solution

    As the root user, run

    passwd -s user

    A locked account will have a "LK" status.

    You can also show the status of all accounts with

    passwd -a -s

    To unlock an account, you do

    passwd -u user

    To lock an account, you do

    passwd -l user


    Author Comment

    It is not locking the account.   Is their a service I have to restart?  
    LVL 48

    Expert Comment

    There's nothing to restart.  Those two settings should be just fine.

    Author Closing Comment

    I found out my problem.  I was assigning passwords as root which overides the passwd policies.  I ran a force password change on next logon on a particular user and the user had to follow the complexity rules.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How to run any project with ease

    Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
    - Combine task lists, docs, spreadsheets, and chat in one
    - View and edit from mobile/offline
    - Cut down on emails

    My previous tech tip, Installing the Solaris OS From the Flash Archive On a Tape (, discussed installing the Solaris Operating S…
    Why Shell Scripting? Shell scripting is a powerful method of accessing UNIX systems and it is very flexible. Shell scripts are required when we want to execute a sequence of commands in Unix flavored operating systems. “Shell” is the command line i…
    Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
    Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    10 Experts available now in Live!

    Get 1:1 Help Now