I want password policy to be aplicable using pam for example user password should have atleast on upcase character one lowercase and one digit
i found few blogs which gave the steps to edit in /etc/pam.d/system-auth
i also tried the auto lock function in the same file but it didnt worked
is there anything which i forgot do i need to restart anything or do i have to enable pam for authentication

[root@Hitesh_s_mailserver_master ~]# cat /etc/pam.d/system-auth
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required pam_env.so
auth required pam_tally.so no_magic_root
auth sufficient pam_unix.so nullok try_first_pass
auth requisite pam_succeed_if.so uid >= 500 quiet
auth required pam_deny.so

account required pam_unix.so
account required pam_tally.so deny=3 no_magic_root lock_time=180
account sufficient pam_localuser.so
account sufficient pam_succeed_if.so uid < 500 quiet
account required pam_permit.so

password requisite pam_cracklib.so try_first_pass retry=3 type= minlen=8 dcredit=-1 ucredit=-1 lcredit=-1 ocredit=0
password sufficient pam_unix.so md5 shadow nullok try_first_pass use_authtok
password required pam_deny.so

session optional pam_keyinit.so revoke
session required pam_limits.so
session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
session required pam_unix.so
[root@Hitesh_s_mailserver_master ~]#

Hello,

pam_passwdqc is exactly what you need (http://linux.die.net/man/8/pam_passwdqc)

Set Min paramter to achieve your goal

password required pam_passwdqc.so min=

Thanks

Should i disable the previous changes

Yes , try pam_passwdqc in place of pam_cracklib

I tried replacing the cracklib but it gave me an error while resetting password


"passwd: Critical error - immediate abort"

Here's a dumb qn; is pam_passwdqc installed?