Failed Login Message - Sun DS5.2

[jaytco]

I have just configured my Sun DS 5.2 server (Solaris 10 11/06, DS 5.2 2005Q4). One of my requirements is to report to the user, in (both dtlogin via a console, and telnet, ssh via the session window) the last successful login information similar to the output from the 'last' command. I'm not sure if ldap will have that information or not, so the last command may work.

Ie “Last login: Fri Mar 30 13:53:31 2007 from 172.16.4.14”

Problem 2 is the unsuccessful attempts. I know that ldap keeps this information, so I need to figure out how to pull the data, and report it to the user.

Ie. "There have been 2 unsuccessful login attempts since your last login".

My thinking is that I can create/use a pam module to capture the failed login attempts from ldap. A couple obstacles that I see. One, I have never written a pam module, 2 I need to pull the data prior to it being reset in ldap (for the current successful login). Two, report it after the user has a session. No need in reporting the errors if the user failed to login again. Similar to reporting password expiration warnings. For dtlogin, it could be a popup or just an entry to /dev/console (as I have a permanent console window displayed on the desktop)

If you have any idea, it would be appreciated.

Thanks,
Jay