HPE Community
Operating System - HP-UX
1847184 Members
4324 Online
110263 Solutions
New Discussion

Disable account

 
SILVERSTAR
Frequent Advisor

‎10-13-2004 10:53 PM

‎10-13-2004 10:53 PM

Disable account

Hi,

in a non trusted system, is it possible to disable a user account if the password typed at login is wrong ?

Thanks
Angelo
0 Kudos
Reply
6 REPLIES 6
Cheryl Griffin
Honored Contributor

‎10-13-2004 10:55 PM

‎10-13-2004 10:55 PM

Re: Disable account

That is only a feature of a Trusted system. Standard passwords do not have that feature.
"Downtime is a Crime."
0 Kudos
Reply
Franky_1
Respected Contributor

‎10-13-2004 11:10 PM

‎10-13-2004 11:10 PM

Re: Disable account

Hi,

afaik this is only possible using trusted system (tsconvert)

Regards

Franky
Don't worry be happy
0 Kudos
Reply
Bharat Katkar
Honored Contributor

‎10-13-2004 11:23 PM

‎10-13-2004 11:23 PM

Re: Disable account

Angelo,
If you want you can convert your system into trusted system.
See the attached doc, describing the entire process and different commands assciated with it.

Hope that helps.
Regards,
You need to know a lot to actually know how little you know
0 Kudos
Reply
HGN
Honored Contributor

‎10-14-2004 12:32 AM

‎10-14-2004 12:32 AM

Re: Disable account

Hi

This feature is available in trusted system so you think that is the way to go you can switch over to trusted system.

Rgds

Gopi
0 Kudos
Reply
Petr Simik_1
Valued Contributor

‎10-14-2004 12:54 AM

‎10-14-2004 12:54 AM

Re: Disable account

convert to trusted mode in SAM by

SAM->auditing&security->System security policy

To setup account locking :
SAM-> auditing&security->general user account policies

there you include after how many unsucc attempts is account locked.

Be careffull by entering this option. This can be used hackers to initiate deny-of-services attack. Hacker just type wrong passwd to all your users and it disable all their accounts => your users become angry and everybody will call you.
It's recommended to include delay between attemts - it is possibble here too - it will make job for hacker a little harder.

Enjoy.
Petr
0 Kudos
Reply
Muthukumar_5
Honored Contributor

‎10-14-2004 04:24 AM

‎10-14-2004 04:24 AM

Re: Disable account

We can do lock a user with scripting there. Do audit on lastb output to get bad login informations there. Check the time frame informations there. If they are relative then do disable that user.

I Suggest you not to include root use there. And One more validation is, user login based IP-Address, there are sometime, some one doesnot want another's user may make BAD login's with their account name.

We can get full details of bad logins as lastb -R, disable user login as,

passwd -d and do send informations to that user with mail there.

HTH.
Easy to suggest when don't know about the problem!
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.