How To Avoid Locking Local Accounts When Using the PAM "pam_tally" Plug-in
(Doc ID 1967351.1)
Last updated on JUNE 09, 2020
Applies to:Linux OS - Version Oracle Linux 5.0 to Oracle Linux 7.8 with Unbreakable Enterprise Kernel [4.14.35] [Release OL5 to OL7U8]
Oracle Cloud Infrastructure - Version N/A and later
This document describes how to avoid locking local accounts from pam_tally.
1.Please test on test environment before applying any changes to a production system as a misconfigured PAM might block all account logins.
2. The below examples assume changes will be applied system-wide by editing /etc/pam.d/system-auth. Exceptions could also be deployed on a service-by-service basis by editing the service-specific configurfation file, e.g. only for sshd /etc/pam.d/sshd.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document
|EXAMPLE 1 - Avoid Blocking An Indivitual Account|
EXAMPLE 2 -Avoid Blocking the Members of a Group