Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [password-management]

Procedures, policies and constraints on password entry, lifetime, change, strength, and storage. An essential part of access management, together with policies on other forms of authentication.

154 questions
4
votes
2 answers

Can I set up application specific passwords on Ubuntu?

I've got a Ubuntu virtual server that I use for webhosting and other stuff. I've been thinking about moving mail onto it, but I'd like to secure it more against the threat of losing my smartphone. Google has 2 step verification systems that allow…
jldugger
  • 14,122
  • 19
  • 73
  • 129
4
votes
3 answers

how can i configure active directory to make passwords expire at midnight?

When a user changes his password, it's typically sometime during the day. This means that a password expiration date set to last change + n days will result in the password expiring during the day. How can I force the passwords to expire at midnight…
anonymous
  • 41
  • 1
  • 1
  • 2
4
votes
3 answers

Central password storage tool that multiple users can access with privilege levels

Working in web development I am in charge of a large array of passwords for various servers, CMSs, etc, etc. At the moment these are stored on paper in a safe, which is cumbersome and an enormous list. Often my colleagues will also need access to…
Treffynnon
  • 249
  • 4
  • 12
4
votes
2 answers

Enforcing that passwords contain a certain mixture of characters on Red Hat Linux or CentOS

On Red Hat Linux or CentOS, how can one enforce that passwords consist of a mixture of alphabetical and numerical or special characters?
Mike Barnett
3
votes
2 answers

Lock user account in LDAP (without using ppolicy)

In this answer, is was suggested that the UNIX way of adding a ! in front of the password field would work. I claim that this is not a clean solution. It will not make logins impossible, but merely it changes the password to the literal content of…
Lasse Kliemann
  • 318
  • 2
  • 9
3
votes
10 answers

Steps to take to protect against the "unthinkable"

We have two sysadmins who know the passwords to all our systems. If the "unthinkable" happened (AKA "they both went under a bus") there is currently no way for the remaining team members to obtain administrator access to the systems. What steps or…
jwaddell
  • 133
  • 4
3
votes
1 answer

Allow self password change using LDAP(s) with Samba4

I am trying to create a webapp to allow users to change their own passwords in Samba4 (perhaps, also in AD), using LDAP(s). But when I try to modify the user password using this code: dn: ........ changetype: modify replace: unicodePwd unicodePwd:…
okelet
  • 161
  • 5
3
votes
3 answers

How to allow a group to change user passwords?

I have the following openldap server configuration: access to attrs=userPassword by self write by anonymous auth by set="[cn=users,ou=Group,dc=my-company,dc=de]/memberUid & user/uid" write by * none # Allow everybody adding and…
Tim Büthe
  • 342
  • 2
  • 5
  • 16
3
votes
1 answer

Forcing a password change on OpenBSD

On OpenBSD 5.6 I need to provision a number of user accounts with default passwords. I would like users, upon their first SSH login, to be forced to change their passwords from the default. On CentOS and Debian I can do this using chage -d 0…
J.C.
  • 131
  • 5
3
votes
1 answer

The ipmitool conundrum

We have been trying to migrate to a better password management system on our server. The problem was that all this days we were using a proprietary algorithm to create a hash (a decryptable hash). In keeping with advances in Linux, we have decided…
Arpith
  • 274
  • 6
  • 17
3
votes
2 answers

Developing a Password Sync Plugin for Active Directory

Recently i came across through password sync plug-ins provided by many identity management provider vendors (Tivoli, Oracle, CA) they provide a password sync plug-in which we will install on every active directory domain controller. Then we will…
Dungeon Hunter
  • 221
  • 1
  • 4
  • 16
3
votes
3 answers

Lock Workstation Glitch? (AD/Windows XP)

I was playing with a lab setup recently (Windows 2003 R2 x32 SP2, Windows XP SP3, Active Directory) and noticed that if I locked the workstation, the following strange behaviour appeared: I have a lockout policy that says that an account is locked…
Adam Brand
  • 6,057
  • 2
  • 28
  • 40
3
votes
2 answers

Centralised Password Management Software

Currently, the company I work for has nothing in the way of password management - everything is in a big excel spreadsheet that everyone has access to. Obviously this has a whole rash of issues attached to it, namely: Staff have access to passwords…
LiamW
  • 33
  • 3
3
votes
2 answers

Centrally managing logins to lots of linux machines

We have a growing collection of servers, both physical and virtual, which we need to login into. Login is usually with SSH, using an RSA key pair rather than a password (which is switched off in SSH settings). Right now we're setting our passwords…
Marcus Downing
  • 778
  • 10
  • 18
3
votes
4 answers

Password expiration notice for Active Directory

Are there any tools/apps/scripts out there that will do password expiry notification for Windows 2008 Active Directory credentials? This is needed for our web apps that use Active Directory for LDAP authentication. The problem is those apps do not…
keithosu
  • 336
  • 2
  • 15
1 2 3
10 11