> Is there anyway you set the amount of times a user ties to login and fails,
> then the account is locked out !
As far as I am aware, there is no built-in mechanism for this. The
creation of /var/adm/loginlog will cause login to log all instances of
five or more login failures. One could use this as basis for an automated
Having said that, locking accounts because of some number of login
failures is inventing a DOS condition. A more sophisticated approach would
be better, like having an increasing delay between allowed login attempts.
I don't know if Solaris 7 or 8 have improved this area.
I can amuse to see entries appear in loginlog and call the user offering
to help with their login problem.
Quote:> Also when trying to use Password aging on a 2.6 server, even if I try and
> create a new user, and then add password aging, I keep getting 'Password
> aging is disabled'
How are you trying to enable aging?
Take a look at passwd(1). There are three switches for setting the aging
parameters. This is also more flexible that putting the *WEEKS lines in
/etc/default/passwd, since you have a resolution of days rather than