LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Other *NIX Forums > Solaris / OpenSolaris
User Name
Password
Solaris / OpenSolaris This forum is for the discussion of Solaris, OpenSolaris, OpenIndiana, and illumos.
General Sun, SunOS and Sparc related questions also go here. Any Solaris fork or distribution is welcome.

Notices


Reply
  Search this Thread
Old 07-03-2010, 02:35 PM   #1
LinuxLover
Member
 
Registered: Feb 2004
Distribution: Centos 7 x86_64 , Rocky Linux 8 (aarch64)
Posts: 196

Rep: Reputation: 32
user lock/unlock by bad tries


Hi,

I am using Solaris 10. My requirement is that if a user 5 time wrong password his account should be lock for specific time period say for 10 minutes .

I am able to define these policies by

Code:
# vi /etc/default/login
   
DISABLETIME=300
RETRIES=5

and in
Code:
# /etc/security/policy 
LOCK_AFTER_RETRIES=YES

Now user is locked if he give 5 time wrong password.

Problem is that he DOES NOT unlock automaticllay as system suppose to unlock him after 5 minutes.And user status remains lock for infinite time and I have to unlock it manualy. How can I solve this.
 
Old 07-04-2010, 04:47 AM   #2
tallship
Member
 
Registered: Jul 2003
Location: On the Beaches of Super Sunny Southern San Clemente, California USA
Distribution: Slackware - duh!
Posts: 534
Blog Entries: 3

Rep: Reputation: 118Reputation: 118
You might set the following:

Code:
UsePAM yes

ChallengeResponseAuthentication=no
If that doesn't work, then in Solaris 10 the password string has *LK* prepended to it, so it can be removed with:

Code:
passwd -u username
restoring the old password. This won't work in Solaris 9 coz *LK* replaces the password string in the second field, instead of just being prepended to it.

If you:

Code:
grep "*LK*" /etc/shadow
it should return the list of locked out users so you can write a script to unlock all of them with 'passwd -u <username>' or 'passwd -uf <username>'. Then run the script via cron according to your interval

'passwd -f <username>' will force the expiry of the password, if you want to force the user to change their passwd at the next login.

Forcing the user to change their password after it being locked out is not a bad idea, IMO, to assist in curbing forgetfulness of passwords.

I hope that helps

Last edited by tallship; 07-04-2010 at 04:53 AM.
 
Old 10-26-2010, 04:45 PM   #3
tallship
Member
 
Registered: Jul 2003
Location: On the Beaches of Super Sunny Southern San Clemente, California USA
Distribution: Slackware - duh!
Posts: 534
Blog Entries: 3

Rep: Reputation: 118Reputation: 118
Did that help out with your problem? Just following up and would like to know since it's not marked as solved
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How to lock/unlock the shared memory created by mmap? john.daker Programming 6 11-19-2008 10:47 PM
How can I lock/unlock passwd file? scorpionaag Linux - Server 2 01-04-2008 09:15 AM
lock and unlock munna_dude Programming 1 05-18-2007 07:03 AM
i need to lock my keyboard and mouse for a short period of time and also unlock them balajitrz Linux - Hardware 3 02-16-2007 01:46 PM
About Lock And Unlock George2 Programming 8 08-24-2005 12:30 AM

LinuxQuestions.org > Forums > Other *NIX Forums > Solaris / OpenSolaris

All times are GMT -5. The time now is 07:51 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration