AIX

AIX

Connect with fellow AIX users and experts to gain knowledge, share insights, and solve problems.


#Power
 View Only

  • 1.  Criterias for account getting locked

    Posted Wed June 23, 2010 09:32 AM

    Originally posted by: SystemAdmin


    Hi, what are the different possible criterias for unix user account getting locked in AIX?

    From the system logs, it looks like multiple login attempts with incorrect password is not the only reason for account getting locked. Meaning, even if the log shows a few successful login attempts and zero unsuccessful login attempts, the account still gets locked.

    Excerpt from log: (grep -v "Failed none for invalid user" | grep -v "failed login attempt" | grep -v "Failed password for invalid user)
    Jun 18 16:50:02 mytestserver auth|security:info sshd884972: Login restricted for myuser: 3004-303 There have been too many unsuccessful login attempts;
    please see \tthe system administrator.
    Jun 18 17:04:44 mytestserver auth|security:info sshd716870: Accepted password for myuser from xx.xx.xx.xx port 2753 ssh2
    Jun 18 17:05:28 mytestserver auth|security:info sshd958718: Accepted password for myuser from xx.xx.xx.xx port 1375 ssh2
    Jun 18 17:11:24 mytestserver auth|security:info sshd1363968: Accepted password for myuser from xx.xx.xx.xx port 1291 ssh2
    Jun 18 17:13:47 mytestserver auth|security:info sshd1269902: Accepted password for myuser from xx.xx.xx.xx port 3605 ssh2
    Jun 18 17:18:34 mytestserver auth|security:info sshd1269920: Accepted password for myuser from xx.xx.xx.xx port 3162 ssh2
    Jun 18 17:18:53 mytestserver auth|security:info sshd786586: Accepted password for myuser from xx.xx.xx.xx port 1398 ssh2
    Jun 18 17:19:09 mytestserver auth|security:info sshd721044: Accepted password for myuser from xx.xx.xx.xx port 3173 ssh2
    Jun 18 18:46:50 mytestserver auth|security:info sshd1413280: Login restricted for myuser: 3004-303 There have been too many unsuccessful login attempts;
    please see \tthe system administrator.
    #AIX-Forum


  • 2.  Re: Criterias for account getting locked

    Posted Wed June 23, 2010 11:42 AM

    Originally posted by: shargus


    Do a lsuser -f myuser and see what unsuccessful_login_count says. If it's greater than loginretries, the account gets locked.

    I'm guessing something is trying to log in using some other means besides ssh.
    #AIX-Forum


  • 3.  Re: Criterias for account getting locked

    Posted Thu June 24, 2010 02:58 AM

    Originally posted by: SystemAdmin


    Here is the output of lsuser:

    $ lsuser -f myuser
    myuser:
    id=209
    pgrp=app
    groups=app,staff
    home=/home/myuser
    shell=/usr/bin/ksh
    gecos=744/I/064867//Ankit Doshi,123456,ABC,REQ123456
    roles=

    $
    #AIX-Forum


  • 4.  Re: Criterias for account getting locked

    Posted Wed July 18, 2012 10:10 PM

    Originally posted by: JonoP


    HI there,

    to be able to see the "unsuccessful_login_count" and the "loginretries" you need to be logged on as root when you run the

    "lsuser -f myuser" command.

    Thanks Jono.
    #AIX-Forum


Related Content