Open SUSE 11 Account Lock Out After 'X' Attempts

OK, I’m not really a newbie, but I definitely no expert either. I’ve been surfing the web trying to find a good tutorial on locking out users after three failed logon attempts. At present I’ve reset everything in the /etc/pam.d directory back to the default state. What I have accomplished so far:

pam-config -d --pwcheck
pam-config -a --cracklib
pam-config -a --cracklib-minlen=14
pam-config -a --cracklib-lcredit=-1
pam-config -a --cracklib-ucredit=-1
pam-config -a --cracklib-dcredit=-2
pam-config -a --cracklib-ocredit=-2
pam-config -a --pwhistory
pam-config -a --pwhistory-remember=5

This sets up all my password requirements and this works. Now I need to crack getting the account to lockout after three failed attempts. Let me know what files you need to see in the pam.d directory and I’ll paste them in. Any help you can give me would be greatly appreciated!

Okay - I guess I’m getting smarter…I solved my own problem and here is the solution for anyone who has the same issue:

Platform: Open SUSE 11

Modify the /etc/pam.d/login file to reflect:

auth required pam_tally2.so onerr=fail no_magic_root
account required pam_tally2.so per_user deny=3 no_magic_root reset

In order to make this work, you need to put these two entries at the very top (directly underneath the first comment) in the /etc/pam.d/login file or it won’t work.