search for: maxexpired

...39 - 99 years 1939 thru 1999 * histexpire Defines the period of time in weeks that a user * will not be able to reuse a password. * Possible values: an integer value between 0 and 260. * 26 (approximately 6 months) is the recommended value. * * maxexpired Defines the maximum number of weeks after maxage that an expired * password can be changed by a user. The default is -1, which * is equivalent to unlimited. Range: -1 to 52. maxage must * be greater than 0 for maxexpired to be enforced. (root is *...

...} + + /* + * Check AIX password expiry. Only check when running as root. + * Unpriv'ed users can't access /etc/security/passwd or + * /etc/security/user so passwdexpired will always fail. + */ + if (geteuid() == 0) { + char *msg, *user = pw->pw_name; + int result, maxage, result2, maxexpired; + struct userpw *upw; + + /* + * Check if password has been expired too long. In this case, + * passwdexpired still returns 1 but /bin/passwd will fail + * while still returning a successiful status, allowing the + * login. So, we deny these login attempts here. + */ + upw = getuser...

...} + + /* + * Check AIX password expiry. Only check when running as root. + * Unpriv'ed users can't access /etc/security/passwd or + * /etc/security/user so passwdexpired will always fail. + */ + if (geteuid() == 0) { + char *msg, *user = pw->pw_name; + int result, maxage, result2, maxexpired; + struct userpw *upw; + + /* + * Check if password has been expired too long. In this case, + * passwdexpired still returns 1 but /bin/passwd will fail + * while still returning a successiful status, allowing the + * login. So, we deny these login attempts here. + */ + upw = getuser...

.../order.eu Changes since OpenSSH 3.7.1: ============================ * sshd(8) now supports forced changes of expired passwords via /usr/bin/passwd or keyboard-interactive authentication. Note for AIX: sshd will now deny password access to accounts with passwords expired longer than their maxexpired attribute. For details, see the AIX section in README.platform. * ssh(1) now uses untrusted cookies for X11-Forwarding. Some X11 applications might need full access to the X11 server, see ForwardX11Trusted in ssh(1) and xauth(1) for more information. * ssh(1) now supports sending applicati...

.../order.eu Changes since OpenSSH 3.7.1: ============================ * sshd(8) now supports forced changes of expired passwords via /usr/bin/passwd or keyboard-interactive authentication. Note for AIX: sshd will now deny password access to accounts with passwords expired longer than their maxexpired attribute. For details, see the AIX section in README.platform. * ssh(1) now uses untrusted cookies for X11-Forwarding. Some X11 applications might need full access to the X11 server, see ForwardX11Trusted in ssh(1) and xauth(1) for more information. * ssh(1) now supports sending applicati...

...bin/no_shell gecos=Functional Account - XPLAN login=false su=false rlogin=false daemon=true admin=false sugroups=ALL admgroups= tpath=nosak ttys=ALL expires=0 auth1=SYSTEM auth2=NONE umask=22 registry=files SYSTEM=compat logintimes= loginretries=3 pwdwarntime=4 account_locked=true minage=1 maxage=6 maxexpired=7 minalpha=2 minother=1 mindiff=2 maxrepeats=4 minlen=8 histexpire=0 histsize=4 pwdchecks= dictionlist=/usr/share/dict/words core_compress=on core_path=on core_pathname=/tmp/cores core_naming=on fsize=-1 cpu=-1 data=262144 stack=65536 core=2097151 rss=65536 nofiles=2000 unsuccessful_login_count=0 r...

...expires = 0 registry = WINBIND or compat SYSTEM = "WINBIND or compat" logintimes = pwdwarntime = 0 account_locked = false loginretries = 0 histexpire = 0 histsize = 0 minage = 0 maxage = 0 maxexpired = -1 minalpha = 0 minother = 0 minlen = 0 mindiff = 0 maxrepeats = 8 dictionlist = pwdchecks = Daemon.log in /var/log shows that it is missing a shared object. I could not compile 3.6.0 manually to get this shared object Feb 24 16...

hi all when starting kphone, it tries to register with asterisk but fails after a while. The SIP entry in * for this user is below. This is identical to the other SIP entries. The other SIP clients are MSN messenger plus one snom. these work fine. See SIP debug output attached as 'screen-exchange' thanks roy [roy] type=friend ;insecure=yes username=roy ;secret=password host=dynamic

Hi there, I have just compiled up 3.6.1p2 both with and without Darren Tuckers passexpire patch. However, with the patch applied /etc/nologin isn't displayed to users (on AIX 5.1 / PSSP) The patched vesion seems to fail with "illegal user" - some parts of a debug 3 log... debug1: userauth-request for user ade45 service ssh-connection method none debug1: attempt 0 failures 0

...022 expires = 0 registry = WINBIND or compat SYSTEM = "WINBIND or compat" logintimes = pwdwarntime = 0 account_locked = false loginretries = 0 histexpire = 0 histsize = 0 minage = 0 maxage = 0 maxexpired = -1 minalpha = 0 minother = 0 minlen = 0 mindiff = 0 maxrepeats = 8 dictionlist = pwdchecks = Daemon.log in /var/log shows that it is missing a shared object. I could not compile 3.6.0 manually to get this shared object Feb 24 16:42:38 b...

...expires = 0 registry = WINBIND or compat SYSTEM = "WINBIND or compat" logintimes = pwdwarntime = 0 account_locked = false loginretries = 0 histexpire = 0 histsize = 0 minage = 0 maxage = 0 maxexpired = -1 minalpha = 0 minother = 0 minlen = 0 mindiff = 0 maxrepeats = 8 dictionlist = pwdchecks = Daemon.log in /var/log shows that it is missing a shared object. I could not compile 3.6.0 manually to get this shared object Feb 24 16...

...io2 home=/home/wernher shell=/bin/sh login=true su=true rlogin=true daemon=true admin=false sugroups=ALL admgroups= tpath=nosak ttys=ALL expires=0 auth1=SYSTEM auth2=NONE umask=22 registry=LDAP SYSTEM=KRB5LDAP OR compat logintimes= loginretries=0 pwdwarntime=0 account_locked=false minage=0 maxage=0 maxexpired=-1 minalpha=0 minloweralpha=0 minupperalpha=0 minother=0 mindigit=0 minspecialchar=0 mindiff=0 maxrepeats=8 minlen=0 histexpire=0 histsize=0 pwdchecks= dictionlist= default_roles= fsize=2097151 cpu=-1 data=262144 stack=65536 core=2097151 rss=65536 nofiles=2000 time_last_login=1483494078 time_last_u...

...tpath = nosak umask = 022 expires = 0 SYSTEM = "WINBIND" logintimes = pwdwarntime = 0 account_locked = false loginretries = 0 histexpire = 0 histsize = 0 minage = 0 maxage = 0 maxexpired = -1 minalpha = 0 minother = 0 minlen = 0 mindiff = 0 maxrepeats = 8 dictionlist = pwdchecks = Test your authentication by issuing a telnet to the aix box and login using your Active Directory credentials. ____________________________...

...tpath = nosak umask = 027 expires = 0 SYSTEM = "WINBIND or compat" logintimes = pwdwarntime = 0 account_locked = false loginretries = 5 histexpire = 0 histsize = 4 minage = 0 maxage = 12 maxexpired = -1 minalpha = 1 minother = 1 minlen = 8 mindiff = 0 maxrepeats = 4 dictionlist = pwdchecks = $ echo password | kinit ad...@UK.DOMAIN.NET Password for ad...@UK.DOMAIN.NET: Done! New ticket is stored in cache file //krb5cc_root $ klist -e Cr...

Hi All I'm trying to intergrate samba server with ADS on AIX 6.1 TL04, for last one week, with idmap / winbind but no satisfactory results. I have gone through various links at samba.org relating to winbind, idmapper and followed http://pware.hvcc.edu/ for precompiled binaries and http://pware.hvcc.edu/AIX-Samba.pdf which is for AIX 6.1 TL03 though. I have found the samba which is provided

...tpath = nosak umask = 027 expires = 0 SYSTEM = "WINBIND or compat" logintimes = pwdwarntime = 0 account_locked = false loginretries = 5 histexpire = 0 histsize = 4 minage = 0 maxage = 12 maxexpired = -1 minalpha = 1 minother = 1 minlen = 8 mindiff = 0 maxrepeats = 4 dictionlist = pwdchecks = $ echo password | kinit ad...@UK.DOMAIN.NET Password for ad...@UK.DOMAIN.NET: Done! New ticket is stored in cache file //krb5cc_root $ klist -e Cr...

...in/ksh gecos= login=true su=true rlogin=true daemon=true admin=false sugroups=ALL admgroups= tpath=nosak ttys=ALL expires=0 auth1=SYSTEM auth2=NONE umask=77 registry=WINBIND SYSTEM=WINBIND OR WINBIND[UNAVAIL] OR compat logintimes= loginretries=5 pwdwarntime=0 account_locked=false minage=1 maxage=13 maxexpired=-1 minalpha=1 minother=1 mindiff=1 maxrepeats=2 minlen=8 histexpire=0 histsize=8 pwdchecks= dictionlist=/usr/share/dict/words fsize=-1 cpu=-1 data=524288 stack=524288 core=2097151 rss=524288 nofiles=-1 time_last_login=1264076318 time_last_unsuccessful_login=1263895814 tty_last_login=/dev/pts/2 tty_...