- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Security Audits-Account Locked Excessive Failed Lo...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-18-2011 08:45 AM
тАО01-18-2011 08:45 AM
HP-UX 11 (B.11.23)
Very new to HP-UX so a million thanks,
John
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-18-2011 09:12 AM
тАО01-18-2011 09:12 AM
Re: Security Audits-Account Locked Excessive Failed Logins
If the server is not trusted, then following command will help.
passwd -s
LK shows the account is locked.
If it is trusted, then
/usr/lbin/getprpw
and check for lockout parmater. it should not contain any 1 digit in its value. those all should be 0s.
The only way to lock an account in a non-trusted system is to replace the password with an asterisk (*) - you can visually check /etc/passwd for this.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-18-2011 09:17 AM
тАО01-18-2011 09:17 AM
Re: Security Audits-Account Locked Excessive Failed Logins
/usr/lbin/getprpw johnsmith
and check for lockout parmater. It should not contain any 1 digit in its value. Those all should be 0s. If there is a 1 digit, does that mean the account is locked?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-18-2011 09:21 AM
тАО01-18-2011 09:21 AM
Re: Security Audits-Account Locked Excessive Failed Logins
Will return something like:
Lockout = 0011000
Each character position above denotes a different reason for the account being locked.
From the getprpw man page:
lockout returns the reason for a lockout in a "bit" valued string, where 0 = condition not present, 1 is present. The position, left to right represents:
1 past password lifetime
2 past last login time (inactive account)
3 past absolute account lifetime
4 exceeded unsuccessful login attempts
5 password required and a null password
6 admin lock
7 password is a *
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-18-2011 09:31 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-19-2011 08:13 AM
тАО01-19-2011 08:13 AM
Re: Security Audits-Account Locked Excessive Failed Logins
You are a miracle worker. It worked great. I have a different question which I will include in a new thread concerning su logs and how to view succesfula and unsucessful su.
One more question concerning this topic (otherwise this is a closed thread). Is there a way to run a query based on all users who are locked without having to specifiy user name. I only have 5 users so I can write a script that calls out each by name but wondered if there was a simple way to list all locked/disbaled users.
A million thanks,
John
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-19-2011 10:40 AM
тАО01-19-2011 10:40 AM
Re: Security Audits-Account Locked Excessive Failed Logins
close this thread -))
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-19-2011 10:42 AM
тАО01-19-2011 10:42 AM