I setup the system_auth file to lock / deny accounts after 3 failed attempts. Accounts now lock after failed attempts but I can not unlock them. I tried to use the command faillog -u testuser -r but the response is the cursor just drops to the next screen.

Am I typing the correct command entry or is there a GUI interface? When I viewed the account under Users and Groups utility nothing is checked as locked or disabled.

Any help would be appreciated. A million thanks
John

Check out the man page for passwd. I think you're looking for:

passwd -u <user name>

After I posted my question I went back and found that yep, - u passwd "username" was the trick. Thanks. What I also found out that the problem I had was not so a simple locking themselves and me unlocking their account. Previous to the problem I edited the /etc/pam.d/system-auth file so user who failed to login directly to the system properly with the correct password 3 times would have their local account locked. The changes I made worked but when I performed the command -u passwd command it appeared to work but the users still got the "Authentication Failed" after typing in the correct password. I went back to the /etc/pam.d/system-auth file, with root, and removed the changes and users could login. I found another site that swears there comment would work but before I make the same mistake twice what do you think of the lines below?

auth required /lib/security/$ISA/pam_tally.so onerr=fail no_magic_root

account required /lib/security/$ISA/pam_tally.so per_user deny=5 no_magic_root reset