Shalom,
There is no mechanism other than scripting to disable accounts on non-trusted systems after three failed login attempts.
Its kind of tricky, because trusted systems look for three consecutive failed logins.
strings /var/adm/btmp | awk '{print $1}' | sort -u > /tmp/checkfile
# You may need to use something other than $1, my HP-9000 servers at home are turned off to converve my bank account(Chasmal Yisrael eg electric company).
After you get check file.
while read -r username
do
badlog=$(strings /var/adm/btmp grep $username | wc -l)
if [ $badlog -ge 3 ] then
passwd -l $username
fi
done < /tmp/checkfile
rm -f /tmp/checkfile
You might want to insert some code to drop the offending user an email. Because this mechanism is unable to check consecutive bad logins like trusted, you must either improve it or I'd recommend setting the threashold higher.
Also, you will need to periodically empty the /var/adm/btmp (might be /var/adm/syslog/btmp) file otherwise eventually all users will disable themselves.
Trusted system is somewhat easier to manage.
SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
