I haven't seen this come across before so HOPEFULLY its not in
the archives. ;)
According to the Security manual (3.2C) the default security
system logs failed logins in /var/adm/syslog.dated/<date>/auth.log
I have enhanced security enabled as well. I noticed it when some
users were complaining about accounts being locked, but when I
checked the auth log there was no failed login for that user. I tested
it myself, account will lock due to failure but there is no record
of it at all. I do get logs for failed su and root logins, however.
My guess is I have something NOT enabled or configured.
Help? :)
Melvin
Received on Fri Oct 25 1996 - 16:56:24 NZDT