Re: [Fed-Talk] cannot change max login attempts (10.4 Server)
Re: [Fed-Talk] cannot change max login attempts (10.4 Server)
- Subject: Re: [Fed-Talk] cannot change max login attempts (10.4 Server)
- From: email@hidden
- Date: Thu, 30 Sep 2010 13:39:08 -0400
While I can't address the reason that Rob is using 10.4, my personal
experience was that 10.5 was substantially slower on my PPC laptop than
104. After upgrading, I partially regretted it despite the additional
features, due to the slow down.
Joe
From: "Link, Peter R." <email@hidden>
To: "email@hidden" <email@hidden>
Cc: Fed Talk <email@hidden>
Date: 09/30/2010 13:32
Subject: Re: [Fed-Talk] cannot change max login attempts (10.4 Server)
I'm not sure this ever really worked under 10.4. I know many of the
arguments to the pwpolicy command weren't implemented this far back
(except maybe in the server).
Why are you still running 10.4? 10.5 can run on PPC hardware, if that's
what you're running, and has a lot of these commands updated.
On Sep 30, 2010, at 10:24 AM, Valentine, Ruth Ann B. wrote:
> I have had varying success with pwpolicy. Sometimes it works,
sometimes it doesn't...... depends on the weather, I think. I noticed
that you are not specifiying a -n (node). That may be it.
>
> Ruth Ann Valentine
> The MITRE Corp.
> email@hidden
>
> -----Original Message-----
> From: fed-talk-bounces+ruthann=email@hidden [
mailto:fed-talk-bounces+ruthann=email@hidden] On Behalf Of
email@hidden
> Sent: Thursday, September 30, 2010 12:36 PM
> To: email@hidden
> Subject: [Fed-Talk] cannot change max login attempts (10.4 Server)
>
>
> I'm trying to set the maximum number of login attempts on my 10.4
server. I'm using a OD Master configuration.
>
> I entered the following command:
>
> # sudo pwpolicy -a diradmin -setglobalpolicy "usingHistory=12
canModifyPasswordforSelf=1 usingExpirationDate=0
usingHardExpirationDate=0 requiresAlpha=1 requiresNumeric=1
expirationDateGMT=12/31/69 hardExpireDateGMT=12/31/69
maxMinutesUntilChangePassword=86400 maxMinutesUntilDisabled=0
maxMinutesOfNonUse=86400 maxFailedLoginAttempts=5 minChars=12 maxChars=0
passwordCannotBeName=1 requiresMixedCase=1 requiresSymbol=1
newPasswordRequired=0 minutesUntilFailedLoginReset=15
notGuessablePattern=1"
>
> Everything seemed to be set correctly except for the
"maxFailedLoginAttempts=5" part. The policy still reads:
>
> # pwpolicy -getglobalpolicy
> [...] maxFailedLoginAttempts=0 [...]
>
> I also tried using the Server Admin GUI under Open Directory, Policy,
Passwords. I can check the box for the max login attempts and enter a
number. After I click "Save" it reverts to unchecked and a gray, and
"pwpolicy" still reports maxFailedLoginAttempts=0
>
> Is this a known bug or limitation in 10.4, or am I doing something
wrong?
>
> --
> Rob
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Fed-talk mailing list (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
>
> This email sent to email@hidden
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Fed-talk mailing list (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
>
> This email sent to email@hidden
>
Peter Link
Cyber Security Analyst
Cyber Security Program
Lawrence Livermore National Laboratory
PO Box 808, L-315
Livermore, CA 94550
email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden