http://communities.vmware.com/community/vmtn/general/security?view=discussions Most recent forum messages en Tue, 30 Jun 2009 12:47:59 GMT Clearspace 1.10.12 (http://jivesoftware.com/products/clearspace/) 2009-06-30T12:47:59Z en http://communities.vmware.com/message/1298600?tstart=0#1298600 Hello,<br /> <br /> Moved to the Security forum.<br /> <br /> You need to use different controls within your LDAP server. However you can use pam_tally.so and pam_cracklib.so to improve your local security for passwords.. <br /> <br /> One option is:<br /> <br /> <pre class="jive-pre"><code class="jive-code jive-plain">esxcfg-auth --usecrack=3 14 2 2 2 2 </code></pre><br /> <br /> First entry is '3' retries for a password attempt.<br /> <br /> <br>Best regards, <br /> Edward L. Haletky VMware Communities User Moderator, VMware vExpert 2009, <a class="jive-link-external" href="http://www.virtualizationpractice.com">Virtualization Practice Analyst</a><br>Now Available: <a class="jive-link-external" href="http://www.astroarch.com/wiki/index.php/VMware_Virtual_Infrastructure_Security">'VMware vSphere(TM) and Virtual Infrastructure Security: Securing the Virtual Environment'</a><br>Also available <a class="jive-link-external" href="http://www.astroarch.com/wiki/index.php/VMWare_ESX_Server_in_the_Enterprise">'VMWare ESX Server in the Enterprise'</a><br><a class="jive-link-external" href="http://www.astroarch.com/wiki/index.php/Blog_Roll">SearchVMware Pro</a>|<a class="jive-link-external" href="http://www.astroarch.com/blog">Blue Gears</a>|<a class="jive-link-external" href="http://www.astroarch.com/wiki/index.php/Top_Virtualization_Security_Links">Top Virtualization Security Links</a>|<a class="jive-link-external" href="http://www.astroarch.com/wiki/index.php/Virtualization_Security_Round_Table_Podcast">Virtualization Security Round Table Podcast</a> Tue, 30 Jun 2009 12:47:59 GMT Texiwill http://communities.vmware.com/message/1298600?tstart=0#1298600 2009-06-30T12:47:59Z 4 months, 3 weeks ago http://communities.vmware.com/message/1288551?tstart=0#1288551 I do not have if this control exist in the pam_ldap version with ESX 3.5.<br /> <br /> But you can apply this control on your LDAP server.<br /> During password change, the backend will reject the password.<br /> <br /> Andre Thu, 18 Jun 2009 18:37:37 GMT AndreTheGiant http://communities.vmware.com/message/1288551?tstart=0#1288551 2009-06-18T18:37:37Z 5 months, 1 week ago 1 http://communities.vmware.com/message/1288453?tstart=0#1288453 <br /> Howdy,<br /> <p /> ESX v3.5 can use LDAP for authentication - so far so good. I have a requriement to maintain "password minimum difference = 3" Does ESX server have this setting?<br /> <p /> Thank you in advance,<br /> <p /> Bill Burke Thu, 18 Jun 2009 17:26:01 GMT btrcmptr http://communities.vmware.com/message/1288453?tstart=0#1288453 2009-06-18T17:26:01Z 5 months, 1 week ago 2