From: Faulconer, Steven M. (STEVEN.M.FAULCONER@saic.com)
Date: Wed Mar 26 2003 - 22:06:22 EST
Hello everyone,
I've spent a little time searching through the archives, but I can't seem to
locate a solution to two questions I have:
Has anyone found any methods to enforce password composition/complexity in a
Solaris environment? We are using versions 2.6 through 9, though will be
moving to 8 and 9 only in the near future (software requirements force us to
maintain a maximum of Solaris 8). By composition / complexity, I mean things
like forcing upper and lower case, use of numeric/symbol characters, and
possibly a method to do a dictionary check on the password. The dictionary
check would be nice to ensure that the password, or any part of the
password, is not a common English word, and is optional to my needs, but
would be a bonus.
My other query is about auto-lockouts after a number of invalid login
attempts. I know about the /etc/default/login, but that doesn't really suite
my needs. I'd like it so that if there are three bad password attempts on a
given account within a given, arbitrary, amount of time, the account is
locked from further use until administrator intervention. This can be done
in Windows NT/2000 (sorry for mentioning the 'W' word), so I hope there is a
method to do this in Solaris as well. We are currently using static
passwd/shadow files on each system, though we are working on migrating to
LDAP for authentication across Windows and Solaris to get a single
username/password-type setup.
Any information/assistance would be greatly appreciated, even if its
commercial software products, the more options available, the better.
Thank you.
Steven Faulconer
SAIC
321-751-3222
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:26:04 EDT