Solaris user Security implementation
 

Hi gurus,

Need you help here:
How we can implement

• [1]
  Code:

  ---

  User logout After 15 mins of inactivity.

  ---

I have edited /etc/default/login as TIMEOUT=60
But user is not Logged out after 60 sec inactivity. How we can implement this?

• [2]
  Code:

  ---

  LOGIN should be blocked after Max logins attempts

  ---

E.g 3 bad passwords and the user is locked. And it is locked for certain period e.g 20 min.

• [3]
  Code:

  ---

  Last 10 passwords are unique

  ---

The Passwords selected by User must not match his previous passwords (up to last 10 password).

• [4]
  Code:

  ---

  Password selection must be atleast one char from lower, upper, numeric and special chars.

  ---

Password selection is forced to be exactly a regular expression having all above chars.

We have to enforce the security on SUN machine, by implementing above conditions.
Any help will be appriciated.
Thanks and Regards
@Asteroid

I'm not an expert in this field so it's better if you wait for somebody with the proper knowledge to answer your question.

My two cents: take into account that different backends where you store users' info may implement some of the functionality you require and you are not specifying where you plan to manage such information. I mean, are you using local files (/etc/passwd, etc.), NIS/NIS+ or LDAP? In my site, we're using an LDAP implementation (Sun's Java Directory Server) and it provides us with some of the functionality you're planning to implement, such as password complexity requirements.

Waiting for somebody else to answer your question, could you please detail the information you need?

As far as it concerns the TIMEOUT value, it's just not what you mean. The TIMEOUT is:
Bye,
Enrico.

@crisostomo_enrico
Thank you for the reply, in fact we are using local files to hold the security policy.

You can probably implemment this policy through the Solaris Management Console.