- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- User password Security
Operating System - HP-UX
1752577
Members
4390
Online
108788
Solutions
Forums
Categories
Company
Local Language
юдл
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
юдл
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Go to solution
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-17-2009 06:31 AM
тАО02-17-2009 06:31 AM
I have a new HP Integrity RX6600 server, I need to create users to use some applications. I modified the /etc/default/security file to define some password policy:
# Password history depth
PASSWORD_HISTORY_DEPTH=5
# Optional restrictions for new passwords
# PASSWORD_MIN_UPPER_CASE_CHARS=0
PASSWORD_MIN_LOWER_CASE_CHARS=1
PASSWORD_MIN_DIGIT_CHARS=1
# PASSWORD_MIN_SPECIAL_CHARS=2
# Standard and Shadow modes only: number
# of days that passwords are valid
# PASSWORD_MAXDAYS=175
PASSWORD_MINDAYS=90
When i use smh or sam to create user account, i click on 'Modify users security policies', then 'password aging policies' , it has default (enabled) function, something like this:
time between password changes (days): 0
password expiration time (days): 182
Password Expiration warning time (days): 7
password Life time (days): 196
I gave each user a temperaory password, so i need to click on
password age status:
expire password immediately
to expire password as soon as the user log on.
My question is which policy will system follow? the security file or the sam?
thanks for your help
Leah
# Password history depth
PASSWORD_HISTORY_DEPTH=5
# Optional restrictions for new passwords
# PASSWORD_MIN_UPPER_CASE_CHARS=0
PASSWORD_MIN_LOWER_CASE_CHARS=1
PASSWORD_MIN_DIGIT_CHARS=1
# PASSWORD_MIN_SPECIAL_CHARS=2
# Standard and Shadow modes only: number
# of days that passwords are valid
# PASSWORD_MAXDAYS=175
PASSWORD_MINDAYS=90
When i use smh or sam to create user account, i click on 'Modify users security policies', then 'password aging policies' , it has default (enabled) function, something like this:
time between password changes (days): 0
password expiration time (days): 182
Password Expiration warning time (days): 7
password Life time (days): 196
I gave each user a temperaory password, so i need to click on
password age status:
expire password immediately
to expire password as soon as the user log on.
My question is which policy will system follow? the security file or the sam?
thanks for your help
Leah
Solved! Go to Solution.
3 REPLIES 3
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-17-2009 06:43 AM
тАО02-17-2009 06:43 AM
Solution
Hi,
If you have converted the system to trusted mode then the global security policies you define on SAM will be applicable to all the users. You can also define user level security policies in trusted configuration by selecting individual users.
/etc/default/security policies will be applicable to non-trusted systems.
If you have converted the system to trusted mode then the global security policies you define on SAM will be applicable to all the users. You can also define user level security policies in trusted configuration by selecting individual users.
/etc/default/security policies will be applicable to non-trusted systems.
Best wishes,
Ganesh.
Ganesh.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-17-2009 10:53 AM
тАО02-17-2009 10:53 AM
Re: User password Security
It is trusted mode server, so it means i don't even need to modify the security file at all, right?
thanks
Leah
thanks
Leah
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-18-2009 03:02 AM
тАО02-18-2009 03:02 AM
Re: User password Security
>>>It is trusted mode server, so it means i don't even need to modify the security file at all, right?<<<
Not really...There are many parameters you can set in security file which cannot be set on trusted configurations. Like Password history depth,
Number of logins allowed per user, How to behave when user home dir is missing, Password min upper/lower/special characters,
ignorance of /etc/nologin file, etc.
security file will be referred even after the system is converted to trusted. It provides extended security features.
Have a look at the security manual, it describes for each option if it applies for trusted systems.
http://docs.hp.com/en/B3921-60631/security.4.html
Not really...There are many parameters you can set in security file which cannot be set on trusted configurations. Like Password history depth,
Number of logins allowed per user, How to behave when user home dir is missing, Password min upper/lower/special characters,
ignorance of /etc/nologin file, etc.
security file will be referred even after the system is converted to trusted. It provides extended security features.
Have a look at the security manual, it describes for each option if it applies for trusted systems.
http://docs.hp.com/en/B3921-60631/security.4.html
Best wishes,
Ganesh.
Ganesh.
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
News and Events
Support
© Copyright 2024 Hewlett Packard Enterprise Development LP