- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: system default values on 11i
Categories
Company
Local Language
Forums
Discussions
Knowledge Base
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-30-2003 03:24 AM
09-30-2003 03:24 AM
1. password aging
2. minimum password length
3. # of unsuccessful attempt before the acct. is locked
4. session timeout
If there are no default settings, how can I enforce these security policies? I can't convert to TCB or use pwconv due to the incompatibility with the NIS environment we are using here.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-30-2003 03:26 AM
09-30-2003 03:26 AM
Re: system default values on 11i
Pete
Pete
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-30-2003 03:27 AM
09-30-2003 03:27 AM
Solution2) Not sure - Options are available by using the /etc/default/security file. 'man security' for more info.
3) None - Can't do it in non-trusted mode.
4) check the TMOUT environment variable. I don't think it is set by default. Set the TMOUT in /etc/profile or in the users .profile.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-30-2003 03:31 AM
09-30-2003 03:31 AM
Re: system default values on 11i
man pam
Not sure about using it with NIS
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-30-2003 03:42 AM
09-30-2003 03:42 AM
Re: system default values on 11i
HP-UX is a secureable, not secure out of the box OS. Its up to us admins to lock it down.
The script is a utitity script based on Pete Randall's work.
2. Six characters one as a number is what we have on our 11.00 system and I don't THINK we changed the default.
3. As noted, the TMEOUT variable, which won't work while actually running an application, it will timeout ssh/telnet sessions though.
4. ??
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-30-2003 03:51 AM
09-30-2003 03:51 AM
Re: system default values on 11i
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-30-2003 04:09 AM
09-30-2003 04:09 AM
Re: system default values on 11i
This command is aware of NIS user and group entries. Only local users
and groups may be modified with this command. Attempts to modify an
NIS user or group will result in an error.
As for the script, my admittedly pitiful scripting skills can't figure out what it does!
Pete
Pete
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-30-2003 04:15 AM
09-30-2003 04:15 AM
Re: system default values on 11i
# passwd -r file -n $MINDAYS -x $MAXDAYS $user
If you look at "man passwd", you'll see that there is a "passwd -r nis" option which at least implies that it should work with NIS.
Pete
Pete