asked on
Specific Solaris settings required by Cyberark PAM
I understand that Cyberark (a PAM) & TPAM (another PAM product)
requires in Solaris server, the following settings:
PermitRootLogin = yes (tho CIS benchmark recommends “no”)” for SSH setting
minweeks = 0 for min period before password can be changed (tho CIS recommends minweeks=1)
Any other requirements by Cyberark? Are the following required to be 0 ?
ndd -get /dev/ip ip_strict_dst_multihoming
ndd -get /dev/ip ip6_strict_dst_multihoming
requires in Solaris server, the following settings:
PermitRootLogin = yes (tho CIS benchmark recommends “no”)” for SSH setting
minweeks = 0 for min period before password can be changed (tho CIS recommends minweeks=1)
Any other requirements by Cyberark? Are the following required to be 0 ?
ndd -get /dev/ip ip_strict_dst_multihoming
ndd -get /dev/ip ip6_strict_dst_multihoming
OS SecuritySecurity
Last Comment
sunhux
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
thanks, am aware of the default n CIS recommends value of 1. With 2 unix admins who had left us, I m figuring out why it's set to 0 while practically all other settings (except minweeks n that ssh root restriction) comply to CIS