[Cialug] Sarbanes-Oxley related issues
Barry Von Ahsen
barry at vonahsen.com
Thu Aug 18 15:20:27 CDT 2005
Yea for government mandated busywork!
I've gotten nearly everything done except two (pam can do a lot, I'm not
surprised, but I'd never needed to check):
User must change password on initial login - I could write a script to
set chage to 1 if they haven't logged in, and to $max_pass_age after,
but is there a better way?
and
Disable user accounts after 30 days idle - I have chage -m 0 -M 65 -I 5
<user> which will disable an account 5 days after the password expires,
which is close enough for me, but probably not for the SEC
anybody else gone through this joy?
-barry
More information about the Cialug
mailing list