ClearOs

Randomly there are e-mail accounts that have there password reset. I have done some searching and found out that bots could be attacking the e-mail address, therefore forcing the accounts to be locked out. Is there a way to disable the lockout in ClearOS.
christoforatos1968Asked:
Who is Participating?
 
MazdajaiConnect With a Mentor Commented:
Can you provide the output for the following?
yum install app-password-policies

Open in new window

0
 
TobiasHolmCommented:
Hi!

Open the ClearOS web interface on your browser and go to "Directory - Password Policies" in the menu. You can then disable the "Password Lockout" feature.

Ref: http://www.clearfoundation.com/component/option,com_kunena/Itemid,232/catid,14/func,view/id,35060/

Regards, Tobias
0
 
christoforatos1968Author Commented:
These are the only options located in the Directory-Password Policies. There is no Password Lockout feature.
I am using ClearOS Enterprise5.2.

Minimum Password Length      
Minimum Password Age      
Maximum Password Age      
History Size
Do i need a different version to be able to see Password Lockout feature?
0
Cloud Class® Course: Microsoft Exchange Server

The MCTS: Microsoft Exchange Server 2010 certification validates your skills in supporting the maintenance and administration of the Exchange servers in an enterprise environment. Learn everything you need to know with this course.

 
TobiasHolmCommented:
Try this to add the feature:

yum update app-password-policies

Regards, Tobias
0
 
christoforatos1968Author Commented:
Because i am knew to Linux, how do i add the feature
1. yum install app-password-policies
0
 
TobiasHolmCommented:
You open up a terminal window. And then you type the command for adding the feature:

yum update app-password-policies

Regards, Tobias
0
 
MazdajaiCommented:
Do you have console access to the server? You need to login to the server with root first.
0
 
christoforatos1968Author Commented:
I do not have console access. Do i connect a monitor to the server? And how do i login to the server?
0
 
MazdajaiCommented:
If you don't have console access, you can try to open a ssh session to the server. If you are using Linux, you can type 'ssh server1' in terminal; if you are using Windows, you need to download putty.
0
 
christoforatos1968Author Commented:
So i download putty, log in with the ip address of the server, then run the command 1. yum install app-password-policies. Can you give me feedback on this. Thanks.
0
 
TobiasHolmCommented:
Do you have access to the servers keyboard/screen? Then try to launch the terminal by pressing CTRL+ALT+F2 and CTRL+ALT+F7 to go back to the Web-UI.

Or use ssh or PuTTY from a client as Mazdajai suggested.

Regards, Tobias
0
 
MazdajaiCommented:
The following command checks if you have the new policy installed.
yum install app-password-policies

Open in new window


Once you ran the command, post the output. ClearOS 5.2 should already come with the new policy module.
0
 
TobiasHolmCommented:
>So i download putty, log in with the ip address of the server, then run the command 1. yum install app-password-policies. Can you give me feedback on this. Thanks.

Yes, that's correct.

Regards, Tobias
0
 
TobiasHolmCommented:
This is how it should look like after the update (see attached pic).

Regards, Tobias
After-update.png
0
 
nociSoftware EngineerCommented:
be aware that if passwords are guessable, now the users & intruders will not be locked out and intruders might guess a password.
So ensure that all users pick a non-trivial (dictionary ) passwords.

You may want to look into fail2ban which can scan the ssh  or whatever server logfile and block (arbitrary) time the IP-address the attempt is done from. This may block hack attempts in three times but allow users still to logon.
0
 
TobiasHolmCommented:
christoforatos1968, did you succeeded adding the app-password-policies feature?

Regards, Tobias
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.