Mailing Lists: Apple Mailing Lists
Image of Mac OS face in stamp
 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Fed-Talk] Password issues - Leopard

The rules imposed on us do not permit it to be treated as a single-user system.

We are using pwpolicy to set the password lifetime, but the user receives no notification of pending password expiration, and when it is expired, is not requested by OS X to change it.

Thanks for the ideas, though.

- Mike

 

From: Peter Link [mailto:email@hidden]
Sent: Wednesday, October 29, 2008 12:08 PM
To: Rich Trouton
Cc: Groberg, Michael N; email@hidden Talk
Subject: Re: [Fed-Talk] Password issues - Leopard

 

Does NISPOM have a section for standalone (single-user) systems? If so, is it as restrictive as networked computers? 

 

Our policy allows for a different set of requirements for standalone systems where extensive technical protection measures may be inappropriate. Our DAA makes the final call on these.

 

pwpolicy works a lot better on Leopard but doesn't do everything OSXServer does and you can use OSXServer's Workgroup Manager application to manage local users on a standalone system to satisfy other requirements.

 

 

On Oct 29, 2008, at 8:52 AM, Rich Trouton wrote:



How are you forcing password changes then, if this isn't on OS X Server? Are you using pwpolicy?

Thanks,
Rich

On Oct 29, 2008, at 9:23 AM, Groberg, Michael N wrote:


Thanks. >From the documentation, it says the script most run on OS Server,

and these machines are "standalone"

- Mike

 

-----Original Message-----

From: Rich Trouton [mailto:email@hidden]

Sent: Wednesday, October 29, 2008 8:36 AM

To: Groberg, Michael N

Cc: email@hidden

Subject: Re: [Fed-Talk] Password issues - Leopard

 

For the password notification, you may want to check out pwMonitor:

 

http://sibr.com/utilities/pwMonitor.html

 

Thanks,

Rich

 

On Oct 29, 2008, at 5:52 AM, Groberg, Michael N wrote:

 

We are trying to configure a system to be compliant with the security

rules (NISPOM, etc) and have two questions.

The system is stand-alone (i.e., neither connected to a MAC server nor

to AD).

 

1) Does anyone have a script or other method for informing a user 14

days in advance of when the user's password will expire?

 

2) In our testing, when the user's password needs to be changed we

have

not seen any prompt to force a change. The account just gets locked

out.

Any suggestions for fixing this?

 

Thanks for any ideas.

 

- Mike Groberg

_______________________________________________

Do not post admin requests to the list. They will be ignored.

Fed-talk mailing list      (email@hidden)

Help/Unsubscribe/Update your Subscription:

http://lists.apple.com/mailman/options/fed-talk/rtrouton%

40mail.nih.gov

 

This email sent to email@hidden

 

---

 

Rich Trouton (Contractor)

LAN Support

email@hidden

-----------------------------------------------------------

National Human Genome Research Institute

National Institutes of Health - Bethesda, MD

 

Office number:

(240) 506-7993

 

NIH Help Desk:

(301) 496-4357

 

NIH support request website:

http://ithelpdesk.nih.gov/Support/

 

The best way to get in touch with me is through email.

 

 

 


---

Rich Trouton (Contractor)
LAN Support
email@hidden
-----------------------------------------------------------
National Human Genome Research Institute
National Institutes of Health — Bethesda, MD

Office number:
(240) 506-7993

NIH Help Desk:
(301) 496-4357

NIH support request website:
http://ithelpdesk.nih.gov/Support/

The best way to get in touch with me is through email.



_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
http:// lists.apple.com/mailman/options/fed-talk/email@hidden

This email sent to email@hidden

 

Peter Link

Cyber Security Analyst

Cyber Security Program

Lawrence Livermore National Laboratory

PO Box 808, L-315

Livermore, CA 94550

 

 

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/fed-talk/email@hidden

This email sent to email@hidden
References: 
 >[Fed-Talk] Password issues - Leopard (From: "Groberg, Michael N" <email@hidden>)
 >Re: [Fed-Talk] Password issues - Leopard (From: Rich Trouton <email@hidden>)
 >RE: [Fed-Talk] Password issues - Leopard (From: "Groberg, Michael N" <email@hidden>)
 >Re: [Fed-Talk] Password issues - Leopard (From: Rich Trouton <email@hidden>)
 >Re: [Fed-Talk] Password issues - Leopard (From: Peter Link <email@hidden>)



Visit the Apple Store online or at retail locations.
1-800-MY-APPLE

Contact Apple | Terms of Use | Privacy Policy

Copyright © 2007 Apple Inc. All rights reserved.