topic Re: lock a user in Operating System - HP-UX

lock a user

leelangco_1 — Thu, 11 Jun 2009 09:11:32 GMT

how can i lock a user when he type a wrong password 3 times include root ?
and i do not want a trusted system

Re: lock a user

melvyn burnard — Thu, 11 Jun 2009 09:24:54 GMT

which version of HP-UX are you using?
There is the Standard Mode Security Extensions (SMSE) that are in 11iv3, allowing you to set things like that WITHOUT going to trusted system

Re: lock a user

Sunny123_1 — Thu, 11 Jun 2009 09:28:20 GMT

Hi

Check out the following links

http://docs.hp.com/en/5991-8711/5991-8711.pdf

http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=
StdModSecExt

And why you want to include root also??Remember if your root password locks you need to reboot the system.

Regards
Sunny

Re: lock a user

Mel Burslan — Thu, 11 Jun 2009 11:38:36 GMT

If you are willing to do a little leg work (or more appropriately finger work) you can write a script and call it from /etc/profile upon each user's login. In the script, you check the last 3 entries related to this user from the output of lastb command and compare the timestamp to the same from the last command's output. Decide if the last 3 entries were wrong password or not. if they all were wrong, issue the command

passwd -l

(to compare time stamps, I'd strongly suggest making use of caljd.sh script written by no other than Clay Stephenson of this very same forum. Just google the script name and you will find several sites to download it from)