Date: Wed, 16 Jun 2010 13:00:07 -0500 From: "Kaydo" <kaydo@xxxxxxxx> To: "'General Red Hat Linux discussion list'" <redhat-list@xxxxxxxxxx> Subject: RE: Pam_Tally2 User Lockouts. (Kaydo) Message-ID: <69A317DF835840E0A6DC156A15EB249D@xxxxxxxxxxxxxxxxxxxxx> Content-Type: text/plain; charset="US-ASCII" >Thank you for the response Peter but faillog is for the pam_tally module >and not pam_tally2. >- Kaydo The pam_tally2 utility can be used to unlock user accounts as follows: # /sbin/pam_tally2 --user username --reset Without the reset, it lists the failures. /sbin/pam_tally2 --user fubar Login Failures Latest failure From fubar 0 Peter -----Original Message----- From: Peter Shulkin Sent: Wednesday, June 16, 2010 1:19 PM To: 'redhat-list@xxxxxxxxxx' Subject: RE: Pam_Tally2 User Lockouts. (Kaydo) ---------------------------------------------------------------------- Message: 1 Date: Tue, 15 Jun 2010 15:15:59 -0500 From: "Kaydo" <kaydo@xxxxxxxx> To: "'General Red Hat Linux discussion list'" <redhat-list@xxxxxxxxxx> Subject: Pam_Tally2 User Lockouts. Message-ID: <FE71C7ADF9DF4916A0784165E03F187E@xxxxxxxxxxxxxxxxxxxxx> Content-Type: text/plain; charset="US-ASCII" >Hi, >I've configured user lockouts using the pam_tally2 module but I have a >question. Is there a command that I can run that will tell me whether a >user's account is locked out from this module or not? If I run passwd -S ><user> it doesn't say that the account is locked, I'm thinking this only >works if the account was locked using usermod -L. I know I can use >pam_tally2 command to see the failed login counts, but it would be great if >there were a command that would directly tell me if a user was locked out >due to this module. Anybody know of such a command? >Thanks guys, Of course, you know about the faillog program. Faillog -u userid tells you if that userid is locked out, and faillog -u userid -r resets the account. Check the man pages for more info. Peter ________________________________________________ >Kenrick Bramble, Systems Manager >Administrative Systems Dept | 713-348-8645 | <mailto:kaydo@xxxxxxxx> >kaydo@xxxxxxxx Rice University | 6100 Main Street | Houston, TX 77005 >"Never seem more learned than the people you are with. Wear your learning >like a pocket watch and keep it hidden. Do not pull it out to count the >hours, but give the time when you are asked." >-- Lord Chesterfield -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
