Password aging for local accounts.

Support for security such as Firewalls and securing linux
Post Reply
Posts: 24
Joined: 2013/03/08 15:07:48

Password aging for local accounts.

Post by jxfish2 » 2020/09/25 20:02:22

To whom it may concern,

We are using single sign-on via Active Directory (AD).

AD has password aging set for each of those users and groups connecting to our Linux servers.

But, on a few of our servers, we have isolated local UserID's configured.

I know that I can set password aging for each of these specific accounts, individually.

But, our corporate security department wants to set password aging for ALL locally created users on our servers, via /etc/login.defs.

I need to know if we configure /etc/login.defs to handle password aging on the local servers, will that affect the users who login via Active Directory credential.

Will setting a servers default password aging parameters inside of /etc/login.defs interfere, or conflict with Active Directory?

As we may only have a few one-off local user accounts, I would almost prefer to set them manually, individually, per userID.

But, our security team is worried that we might miss something, if a new local userID is created, and we are not on top of it.

Again, would setting a servers default password aging via the /etc/login.defs file conflict or interfere with Active Directory users on our servers?

Post Reply

Return to “CentOS 7 - Security Support”