Tags: attempts, boots, fifth, invalid, lock, locking, log, login, logon, number, operating, process, software, solaris, system, time, user, users

Locking Users Out After xx Number of Invalid Log On Attempts

On Software » Solaris Operating System

1,234 words with 1 Comments; publish: Wed, 14 Nov 2007 03:55:00 GMT; (40062.50, « »)

How do lock a user out after lets say 4 invalid logon attempts. When I try the fifth time, the login process boots me off the system, but when I try to login in again with the correct passwd, it let's me in. I have tried adding the variable LOCK_AFTER_RETRIES=yes in the /etc/security/policy.conf file but it does not seem to have any affect. Any ideas?



All Comments

Leave a comment...

    • Hi Keith,

      Check this file /etc/default/login..

      # DISABLETIME If present, and greater than zero, the number of seconds

      # login will wait after RETRIES failed attempts or the PAM framework returns

      # PAM_ABORT. Default is 20. Minimum is 0. No maximum is imposed.



      # RETRIES determines the number of failed logins that will be

      # allowed before login exits.




      # The SYSLOG_FAILED_LOGINS variable is used to determine how many failed

      # login attempts will be allowed by the system before a failed login

      # message is logged, using the syslog(3) LOG_NOTICE facility. For example,

      # if the variable is set to 0, login will log -all- failed login attempts.




      #1; Thu, 05 Jul 2007 23:39:00 GMT