Changing Password Complexity in Solaris 10 6-06
I'm trying to change the password complexity so that my passwords don't require a numeric or special character in the first six characters of a password, the smc console when adding users seems to ignore any change I make in /etc/default/passwd even after rebooting, I can live with in the first 8 but not 6 , any help will be appreciated.TIA
My mistake!! Excuse me!! :-)
# rmformat
Looking for devices...
1. Logical Node: /dev/rdsk/c0t0d0p0
Physical Node: /pci@0,0/pci-ide@1f,1/ide@0/sd@0,0
Connected Device: HL-DT-ST DVD-ROM GDR8163B 0D20
Device Type: DVD Reader
2. Logical Node: /dev/rdsk/c3t0d0p0
Physical Node: /pci@0,0/pci1028,179@1d,7/storage@5/disk@0,0
Connected Device: JetFlash TS128MJF2A 1.00
Device Type: Removable
# mount -F pcfs /dev/dsk/c3t0d0p0:c /rmdisk/
# mount
/rmdisk on /dev/dsk/c3t0d0p0:c read/write/setuid/devices/nohidden/nofoldcase/dev=d81090 on lun nov 27 16:52:03 2006
# df -h
/dev/dsk/c3t0d0p0:c 120M 3,6M 116M 4% /rmdisk
Now I'm able to access the pendrive, hooray :-))
Finally, curious question: what's the ":c" in the device ??
Thank you very much!!
Mensaje editado por:
ibantxuyn
Similar Messages
-
Password complexity not taking effect in solaris 10 u9
Hi,
I am testing the password complexity in solaris 10 u9 machine, But what ever parameters i gave for password parameters, like password length, username check etc, in /etc/default/passwd file , those are not getting affected
Then i replaced the /usr/lib/security/pam_authtok_check.so.1 with the u10 version and tried changing the passwd of one user, it was working fine, with u6 /usr/lib/security/pam_authtok_check.so.1 also it was working fine,
Is it an OS bug..? if so, what is the fix..?Hi,
You can use Profilemanager in Mountain Lion to manage clients and set presets per client or user. It's inside the server.app for ios en osx as well
Are your clients running mountain lion? Otherwise download workgroupmanager for mountain lion and see whether that will work for your environment.
Let me know!
Jeffrey -
Hello.
in Solaris 10 i need auditing process create, delete, privilege escalation, set and change password and etc... from users account and group.
I set settings:
in file syslog.conf:
*.info;mail.none;cron.none;audit.notice @IP-Remote-syslog-server-SIEM
in file /etc/security/audit_control:
dir:/var/audit
flags:lo,ad,ex,cc,am,no,fc,fd
minfree:20
naflags:lo
plugin:name=audit_syslog.so;p_flags=lo,ad,ex,cc,am,no
in file /etc/security/audit_user:
root:lo,ad:no
Now I see in the logs only the fact of a connection via SSH and run processes on behalf of users. Creation. delete users, change passwords for some reason do not is logged.
Many users. For each individual write permissions in the file /etc/security/audit_user not possible, it is likely to forget any new user (or there is a possibility in this file one line to describe the audits for all accounts?)
Where is the mistake?You are most likely hitting Bug 15779000 user/role/groupadd/mod/del don't audit their use.
And the fix is only available in S11.2.
-- Renaud -
Windows 8.1 Password Complexity issue
Hi All,
We are running an AD Domain based on Server 2008 R2 and all of our Clients are Windows 8.1 with all of the latest security patches installed (last WSUS updates at 10-09-14)
I am having an issues getting the Password must meet complexity requirements
setting to work.
I have applied it both at the Default Domain Policy Level and created another GPO that specifically Enables this option but it still won't work, the strange thing is that all the other password policy settings are working just fine.
When running rsop.msc on my machine I can verify that the GPO settings have applied and the password complexity requirement is set to Enabled.
As I mentioned before, the Password length requirement is working, I tried changing my password to cat and got the message that it did not meet requirements but i could change it to catcat which obviously doesn't meet password complexity requirements but
does meet the 6 character length minimum that we have set.
The even stranger thing is that this was working about 2 weeks ago when we first enabled it, I tested it and all was working as it should so does anyone know if any of this months Windows or Server updates that come down in WSUS have broken or changed the
way this setting worked?
*** I tried to post some pictures to show what i have set but i get the message Body text cannot contain images or links until we are able to verify your account so apologies for the lack of images showing what i have done.Am 07.10.2014 um 04:10 schrieb "Ali McMillan":
> When running rsop.msc on my machine I can verify that the GPO settings
> have applied and the password complexity requirement is set to Enabled.
To check PW policies in a domain, run rsop on the PDC emulator. That's
the only domain controller in the domain that will apply password
policies to doimain accounts.
Martin
Mal ein
GUTES Buch über GPOs lesen?
NO THEY ARE NOT EVIL, if you know what you are doing:
Good or bad GPOs?
And if IT bothers me - coke bottle design refreshment :)) -
How to disable change password in finder while connecting to a network computer?
Hi folks,
I'd like to disable the Change Password option that shows when I want to connect into a network computer:
- Both users (client and server) are already running with parental controls set to "prevent(s) the user from changing their password in the Users & Groups preference pane".
Thanks in advance.Hi,
I am also facing the same issue and I am not able to su to root user as the password is expired. and the user I am currently logged in does not have permission to change the root password. I just want to know how I can change the root password now? I am connected to my SPARC Solaris 10 T1000 server through hyperterminal.
The worst thing is that, I do not have IP to the server through which I can try ssh to the server and change the password. Please let me know the solution if you know.
Thanks in advance. -
Reg; password reset in solaris
Hi,
Can anyone help me to reset one of my login password in solaris server .
Actually, my password got expired and unix team has reset the password based on my request.Thereafter they have warned me to chnage the password using password -r, but I am unable to do so.
Can any one help me in giving the complete command.
I have tried twice in two ways, but no use --
1) passwd -r username
2)passwd -r existingpasswd
But both the ways, No luck.
can anyone share the exact coomand.please
With regards,
SriniHi,
I dont have root password.
I have tried both ways, noluck
sd1db01:oradb$ passwd oradb
passwd: Unsupported nsswitch entry for "passwd:". Use "-r repository ".
Unexpected failure. Password file/table unchanged.
sd1db01:oradb$ passwd
passwd: Changing password for oradb
passwd: Unsupported nsswitch entry for "passwd:". Use "-r repository ".
Unexpected failure. Password file/table unchanged.
sd1db01:oradb$
With Regards,
Srini -
Will remote users be impacted by password complexity in AD?
How does Password Complexity affect remote user once the password has expired? When they attempt to
connect via Windows 7 Remote Desktop Connection to our shared drives, they will get the notification but how to change it since the machine is not connected to the domain? Since we also use MS Exchange, I read one workaround was to change the password via
the Exchange Webmail. Would that be accurate? Thanks!Hi
We have just rolled out a new MDM platform which uses Active Sync in our Exchange 2010 environment. We've had a number of issues when users change their AD password on their desktop computer.
The most alarming one however is some users are experiencing delays of over a week before their phone prompts them to update their e-mail account password to match their new AD password.
I understand from the research I've done that Exchange Active Sync is designed in this manner, such that it holds the session keys open for up to 24 hours, but usually resets within an hour or two, so that the old and new passwords are both accepted for
a short time.
But a week is excessive. In fact, I had one user who was NEVER prompted to update their password, and was still receiving e-mail 9 days after changing their AD pass. As a test, I did an IISRESET on both our Exchange CAS-role servers, and his phone immediately
prompted him to update his pass and denied email delivery until he did so.
Clearly there is something wrong with our IIS configuration, this can't be by design, can it? Are there some specific settings in IIS that is causing the sessions to stay open for weeks? Or do I need to setup a scheduled task to reset IIS every 8 hours (that
seems a tad ridiculous). This must be a security concern?
Same issue before you starting using the MDM product?
Twitter!: Please Note: My Posts are provided “AS IS” without warranty of any kind, either expressed or implied. -
AIP-SSM20:Can't change password -- Please help
I reset the password using hw-module command. But now I can't change the default password of cisco. it is rejecting any password combination i tried, uppercase, lower case, numbers, and non-alphanumerics. It is probably the password requrement policy I put in before. How can I get around this or restore default confiration?
thank you.
login: cisco
Password:
You are required to change your password immediately (password aged)
Changing password for cisco
(current) password:
New password:
BAD PASSWORD: is too simple
New password:
BAD PASSWORD: is too simple
New password:
Mod Card Type Model Serial No.
1 ASA 5500 Series Security Services Module-20 ASA-SSM-20 JAF1204AQHT
Mod MAC Address Range Hw Version Fw Version Sw Version
1 001e.7a36.7aba to 001e.7a36.7aba 1.0 1.0(11)2 7.0(5a)E4
Mod SSM Application Name Status SSM Application Version
1 IPS Up 7.0(5a)E4
Mod Status Data Plane Status Compatibility
1 Up UpI got it. It took a 24 character long complex passowrd. When Ifinelly got in, I checked password requirement . All the settings were to the defaults. it suprise me quite.
thank you Mohammad. -
Hello all,
I have a problem that I can't find the solution to. I have found others with the same problem but the answers provided to them were not the exact situation I am in currently. Please read all the text and see if you can answer this...
I downloaded a copy of Windows Server 2012 R2. I am installing it on a stand alone PRE OWNED server which is a Dell R900 quad quad core server with 16gb ram and 500gb drive. The drive has been initialized and configured perfectly and windows server has been
loaded.
Upon the start of it, the screen appears that tells you to change your password for the admin account. Upon putting ANY (and I do mean ANY) password in there regardless of the complexity, the machine comes back with ..." The password you typed does
not meet the password complexity requirements set by the administrator for your network or group. Get the requirements from your administrator, and then type a new password."
I have tried new drives with no luck, I have tried everything that one can try on this (except the right thing of course). My guess is that the machine retained some crazy complex password file and stored it in an EEprom on board. If this was a factory fresh
machine, I would guess that this wouldn't be an issue as there was no file created yet that the machine is running it's scripted denial from. So... Does anyone have the exact method for eradicating this file or changing the domain controller or file that
controls this complexity problem WITHOUT HAVING TO LOG INTO THE MACHINE since as I said, you can't log into it. I even tried to go in through Linux to find the password in the SAM and since it's a new copy of windows, and there is no passwords in there, it
couldn't find the file since the admin acct wasn't set up yet (but that domain controller is working it's butt off and keeping me out I tell ya! lol)
Any help would be appreciated more than you know! ...ScottHello Phillip,
Thanks for the reply! Yes, the drive was put in the machine with no other drives (500gb SAS) and installed/initialized without incident. The DVD was put in the DVD drive and the OS was installed on the machine. As the machine starts up again after
install (reboots) the text comes up that says that you have to change the password on the administrator account due to this being the first install of the OS. I put in a password, and then put it in again, then get the statement about the password being entered
doesn't meet the complexity level set on the domain controller and to contact the admin of the network. I then looked up what that was referring to and used a series of passwords that should have worked as they matched the exact complexity that windows stated
in their tech knowledge base. Such as ... P@ssw0rd and another like Pass\/\/0rd!! as well as quite a few others with various names and symbols. Each time meeting or exceeding the 8 chars with upper and lower case with symbols
present. Each and every time that complexity statement in yellow comes up.
I tried changing and initializing 2 more disks and downloading another copy of windows server 2012 R2 and tried it all again. Still the exact same thing. I have never seen anything like this before. I have installed windows server 2003 and 2008 in the past
many times without errors like this but this one really has me beat as to what is wrong.
I read a tidbit on a way to go to DOS and take some files from the DVD and copy them to certain locations on the drive the OS is installed on. That is supposed to write over the files that provide the complexity issues but where ever I saw it, they didn't
go into detail as to what exactly to do. I know others have had the same problem in the past but every answer I can see either doesn't address the question or provides the wrong answer altogether.
That's why I am posting here in a last ditch effort to save this project since the same exact problem is happening when I tried to install windows server 2008 R2 as well. I thought I may be able to just go with 2008 and get that running without the issue
but when I wipe the drives completely, and reinstall onto the drive the 2008 version, the exact same thing comes up.
If you have a solution, I would love to hear it! Thanks again...Scott -
Users Cannot Change Passwords on a Server 2012 R2 RDS Farm
Hello I have a Server 2012 R2 RDS Farm consisting of 1 server that has connection broker and gateway configured and 4 RDS Session Hosts. The works great I even have a separate remote app farm to distribute the apps to the servers, my main issue is passwords
and the lack of the EU ability to change these, listed below are my symptoms.
Users password has expired denied logon instantly with no ability to change password.
User tries to change password whilst in 30 day warning period using ctrl alt end the user is advised the password does not meet complexity requirements I have checked this and they do meet them.
Expired passwords can be changed via the RDWeb site however this is not an option for us.
ChrisHi,
Firstly, based on my knowledge, remote users may have to change their passwords before expired. If not, they have to use OWA or logon on locally to change their passwords.
Regarding the issue, please let us know if the following policies are enabled in your domain.
Enforce password history
Minimum password age
Also, does a local domain user have the same issue?
Thanks.
Jeremy Wu
TechNet Community Support -
How to disable password complexity
Ok, I have XE 10g installed with Apex 4.1 ...
The windows 2008 R2 server has Password Complexity Policy Disabled....
How do I disable Password Complexity in the Oracle Apex 4.1 it asking me to
change the admin password on initial loggin after I just changed in SQLPLUS ...
Another Great New Feature... I can see I'm never going to be able to upgrade pass 10g and 4.02 at
this rate....
Thank you....See:
http://docs.oracle.com/cd/E23903_01/doc/doc.41/e21678/adm_mg_service_set.htm#AEADM204
The first time you have to set a complex password. After changing the settings, you can change it to a simple password. -
How to disable password complexity via command
hello
i have spent hours searching to find a command or script (powershell, cmd, VB, registry...) to disable group policy password complexity. few solutions has been delivered on the net but none of them works.
i wonder how what a pity if we can't do such simple thing in Microsoft windows
i really need that because i have created a script which contains many lines which automates windows customization which i always need in my classrooms for testing & teaching purposes
thanks in advancedThe answer is in your question: group policy password complexity. http://technet.microsoft.com/en-us/library/cc875814.aspx#ECAA
On a non-domain joined pc, this is governed by local policy.
Note that if your domain is on functional level 2008 or up, you can use fine grained password policies to have a different password policy on the systems your are deploying. http://technet.microsoft.com/en-us/library/cc770394(v=ws.10).aspx
There
is no (supported) way to change the password policy applied to a computer. That is intended in the design because password complexity is one of the keys to protect against bruteforce attacks.
Why wouldn't your script be able to handle password complexity rules? I would recommend tackling this in
your script, not in password policy.
MCP/MCSA/MCTS/MCITP
hi SenneVL
i don't understand your sentence: "Why wouldn't your script be able to handle
password complexity rules? I would recommend tackling this in your script, not in password policy."
i exactly need a way to disable password complexity via an script. what script can do that
? as far as i searched, no script -
How to disable password complexity rules at application express 4.2 installation?
Please, provide me how to disable password complexity rules at application express 4.2 installation.
Best Regards,
MoustafaAccording to the manual you need to check "Configuring Password Protection" in Oracle Database Security Guide
In the security guide http://docs.oracle.com/cd/B28359_01/network.111/b28531.pdf, section 3-9/p61, you'll see you need to alter the script UTLPWDMG.SQL. You''l find the script in ORA_HOME/rdbms/admin.
You'll need to change the script to your own liking. -
Users Unable to Change Password
Small Business 2011 Standard with Windows 7 Pro workstations - all fully updated.
We have an issue where none of the users can change their passwords. They receive a message saying that the password
doesn't meet the length, complexity or history requirements of the domain.
I know (at least in my case) that the password hasn't been used before and there is no problem with the length
and complexity. I've even tried switching off the password policies in the SBS Console with no success.
Apart from the SBS Console is there anywhere else I should be looking that has a higher priority than the console?
TIAWe are using SBS 2008 (SP2), and we too are having this problem. Have done all the necessary GP changes. Have done gpupdate /force. As test user, I seem to be unable to change password at all (originally "minimum age" was 1 day, if that is somehow
still in force might explain why); my end user has waited longer than that, she reports she can change her password but never back to anything in her history (original default was, I think, 24 passwords, might explain).
While rsop on domain and clients/rdc shows:
Policy Policy Setting
Enforce password history 0 passwords remembered
Maximum password age 42 days
Minimum password age 0 days
Minimum password length 0 characters
Password must meet complexity requirements Disabled
Store passwords using reversible encryption Disabled
Anybody any ideas now??? :(
EDIT: Hmmm, net accounts /domain gives me:
Force user logoff how long after time expires?: Never
Minimum password age (days): 2
Maximum password age (days): Unlimited
Minimum password length: 0
Length of password history maintained: 24
Lockout threshold: 50
Lockout duration (minutes): 10
Lockout observation window (minutes): 10
Computer role: PRIMARY
The command completed successfully.
Those settings would explain my problem, then!
I can see that net accounts will allow me to alter this stuff, from the command-line, I guess that is what I need to do?
NET ACCOUNTS
[/FORCELOGOFF:{minutes | NO}]
[/MINPWLEN:length]
[/MAXPWAGE:{days | UNLIMITED}]
[/MINPWAGE:days]
[/UNIQUEPW:number]
[/DOMAIN] -
Adding a change password link in a custom portlet
Hi,
Does anyone know how to add a change password link in a custom portlet? the custom nav UI we have does not show the my account link, we want to hide this complexity for external users, but we still want them to be able to change their password.
I am expirimenting with using the following link, which seems to work fine, but was wondering if there was a more elegant way to do it using pt: tags?
<pt:transformer pt:fixurl="off" xmlns:pt='http://www.plumtree.com/xmlschemas/ptui/'/>Change]http://servername/portal/server.pt?space=ChangePassword&&control=EditorStart&editorType=10">ChangePassword</a><pt:transformer pt:fixurl="on" xmlns:pt='http://www.plumtree.com/xmlschemas/ptui/'/>
ThanksHrm... this does get ugly... This has come up a few times w/ our users as well, so I am definitely interested in seeing what can be done.
I don't see any sort of pre-built tag to let you access this directly. To your point, I only found the general account editing / access link - not one directly to password reset.
Couple of questions / notes
I tried your option and while it works, I'm concerned by the redirect back to the account page. That seems to violate your requirements on hiding the account options info. When the user hits finish / cancel they're taken to the main "My Account" page.Have you considered securing the other activity spaces so they're not visible from the "My Account" page? Then you could use the built-in tags. Not ideal, I know, but if you're going to be routed back to that screen anyway once you finish/cancel your password change...Have you considered just writing the password reset funtionality into your app? I did this a while back and it was actually pretty simple. Then you can have complete control over the behavior.How I wrote password reset...
You know the userid in this case, so things are MUCH easier (no need to search to find the specific user)Assumption: users are stored in the plumtree database auth sourceUse the native API (com.plumtree.server). I don't know if you need to impersonate a full admin or not... my code doesGet a handle on the userReset the password with the "SetPassword" methodStore the changeSemi-functional code below - note how you'd never want to store your admin userid / password in here like this (or have it blank...)
'//create an admin connection Dim ptAdminSession As IPTSession = New Session ptAdminSession.Connect("administrator", "", Nothing)
Dim sNewPassword As String = ""
'//start user impersonation Dim ptUserSessionTemp As IPTSession = ptAdminSession.ImpersonateUser(iUserID)
'//open the user for editing Dim oUser As IPTUser = ptAdminSession.GetUsers().Open(iUserID, True)
'//reset the password oUser.SetPassword(sNewPassword)
'//mungle with server context Dim mySC As IPTServerContext = oUser.GetInterfaces("IPTServerContext") mySC.Store() mySC.UnlockObject()
Maybe you are looking for
-
What do i buy to hook up my ibook....
what do i buy to hook up my ibook g4 into my tv using the A/V plug?? do i hook up the --(Apple Mini-DVI to Video Adapter) to my ibook then hook up the --(Apple AV Cable for iBook) to the adapter??.... thanks for the help...
-
What is the best standard SoundFont file for SB Audigy
There are 2 soundfont files come with the installation software. They are CT2MGM.SF2 and CT4MGM.SF2. CT2MGM.SF2 has a smaller file size (2 MB) but has a newer soundfont version (v 2.) while CT4MGM.SF2 has a larger file size (4 MB) but has an older so
-
Just upgraded to iPhone OS 3.1 NO apps launch
I just upgraded my 3GS to 3.1 and the only apps that run are the built-in ones: iPod, Mail, Phone, etc. 100% of my purchased apps fail to launch! I have more than 50 apps installed. Apps like Remote (made by Apple). I've tried hard rebooting the phon
-
I can´t connect to Oracle 8i with OBPM10.3: java.sql.SQLException java.sql.SQLException at fuego.connector.impl.DriverManagerHack.getConnection(DriverManagerHack.java:62) at fuego.connector.impl.BaseJDBCConnector.createJDBConnection(BaseJDB
-
Hi , I am trying to create a BDC for routing opertaions update . During recording for a Screen ( that has subscreens )i get this : BDC_SUBSCR SAPLCPDO 1210GENERAL. I wanted to know Is there a special way to populate the subscreen fields ? I jus