Re: [Fed-Talk] Macs getting Flagged (UNCLASSIFIED)
Re: [Fed-Talk] Macs getting Flagged (UNCLASSIFIED)
- Subject: Re: [Fed-Talk] Macs getting Flagged (UNCLASSIFIED)
- From: "Timothy J. Miller" <email@hidden>
- Date: Fri, 16 Nov 2007 12:05:06 -0600
The new soon-to-be-released JTF-GNO CTO relating to PKI
implementation sets a new password policy. 14 characters minimum
with a new set of character rules as well. Just FYI.
-- Tim
On Nov 16, 2007, at 11:29 AM, James Alcasid wrote:
By default their are no global policy defaults for passwords on MacOSX
Client and Server.
For what you are trying to accomplish check the man pages on pwpolicy.
What you are trying to accomplish might look something like this as an
example:
sudo pwpolicy - a the_dmin_username -setglobalpolicy "minChars=8
maxMinutesUntilChangePassword=129600"
I believe DoD specifies a min of 9 characters with two upper AND
lower case
alphas, two numerals and two special characters expiring every
sixty days.
It would be best to consult with your local ISO in regards to this.
Leopard ships with version 3.0.25b of Samba.
I would advise against using any kind of peer to peer file sharing
if you
have a server to exchange files to and from.
--
James Alcasid | VTI
Department of Veterans Affairs
email@hidden
From: "Blankenship, Bob J Mr CTR USA IMCOM"
<email@hidden>
Date: Fri, 16 Nov 2007 10:17:29 -0600
To: Apple Fed Talk <email@hidden>
Conversation: Macs getting Flagged (UNCLASSIFIED)
Subject: [Fed-Talk] Macs getting Flagged (UNCLASSIFIED)
Classification: UNCLASSIFIED
Caveats: NONE
The Macs in our building are getting flagged on a network scan
report.
The areas we are getting flagged are password length does not meet
minimum requirements of 8 characters and password age cannot be
over 90
days. We can change our passwords and that may fix the 90-day problem
but my password is 11 characters long so it already meets the minimum
length requirement. Not sure why I am getting flagged on this one
unless
it because of the shared folders I have set up. Is there somewhere
on a
control panel to set the minimum password length?
The other area is "account lockout threshold" and the duration of how
many minutes before the account becomes unlocked and how many times a
user can attempt to log in before they are locked out. Anyone have
suggestions on how do we change this?
The last item is Multi heap buffer overflows. They say to fix this
problem by upgrading to Samba 3.0.25 or later. Anyone know if Leopard
has this version of Samba or later? Might be a way for me to get
some OS
upgrades.
We have Personal File Sharing, Windows Sharing, and Printer Sharing
turned on. I think the Windows Sharing uses Samba but not sure.
I wouldn't be surprised if somehow all this is not directly related
Samba and Windows Sharing.
Any suggestions will be appreciated.
Thanks
Bob Blankenship
Classification: UNCLASSIFIED
Caveats: NONE
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
40va.gov
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden