diff --git a/docs/templates/template_reference.md b/docs/templates/template_reference.md
index e2d253e9467..7f36d09ecca 100644
--- a/docs/templates/template_reference.md
+++ b/docs/templates/template_reference.md
@@ -612,6 +612,30 @@ When the remediation is applied duplicate occurrences of `key` are removed.
     - **app** - optional. If not set the check will use the default text `The respective application or service`.
       If set, the `app` is used within sentences like: "`application` is configured correctly and configuration file exists"
 
+#### pam_account_password_faillock
+-   Checks if the pam_faillock is enabled in PAM and if the specified
+    parameter is correctly configured either in /etc/security/faillock.conf
+    or directly in /etc/pam.d/* files.
+
+    The allowed interval for the faillock parameter is defined by
+    template parameters `variable_lower_bound` and `variable_upper_bound`.
+    The boundaries are inclusive (lower <= parameter value <= upper) and
+    can be set as:
+    - `use_ext_variable`: use value in external XCCDF variable defined by `ext_variable`
+    - number: literal number
+    - undefined: no boundary
+
+-   Parameters:
+    -   **description** - Description of rule
+    -   **prm_name** - name of faillock parameter
+    -   **prm_regex_conf** - regex for faillock parameter in /etc/security/faillock.conf
+    -   **prm_regex_pamd** - regex for faillock parameter in /etc/pam.d/*
+    -   **variable_lower_bound** - lower boundary for allowed parameter value
+    -   **variable_upper_bound** - upper boundary for allowed parameter value
+    -   **ext_variable** - external XCCDG variable used to define interval boundaries and
+                           the value used in the remediation.
+
+
 #### pam_options
 -   Checks if the parameters or arguments of a given Linux-PAM (Pluggable
     Authentication Modules) module in a given PAM configuration file
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml
index f18c0a14fec..52107ee4843 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml
@@ -97,4 +97,4 @@ template:
     ext_variable: var_accounts_passwords_pam_faillock_deny
     description: Lockout account after failed login attempts.
     variable_upper_bound: use_ext_variable
-    variable_lower_bound: 0
+    variable_lower_bound: 1
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/authselect_modified_pam.fail.sh
deleted file mode 100644
index b3232cc93ec..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/authselect_modified_pam.fail.sh
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-# remediation = none
-
-SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
-
-# This modification will break the integrity checks done by authselect.
-if ! $(grep -q "^[^#].*pam_pwhistory\.so.*remember=" $SYSTEM_AUTH_FILE); then
-	sed -i "/^password.*requisite.*pam_pwquality\.so/a password    requisite     pam_pwhistory.so" $SYSTEM_AUTH_FILE
-else
-   sed -i "s/\(.*pam_pwhistory\.so.*remember=\)[[:digit:]]\+\s\(.*\)/\1/g" $SYSTEM_AUTH_FILE
-fi
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_expected_pam_files.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_expected_pam_files.pass.sh
deleted file mode 100644
index bbf97fa2ac0..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_expected_pam_files.pass.sh
+++ /dev/null
@@ -1,6 +0,0 @@
-#!/bin/bash
-# packages = authconfig
-# platform = Oracle Linux 7,multi_platform_fedora
-# variables = var_accounts_passwords_pam_faillock_deny=3
-
-authconfig --enablefaillock --faillockargs="deny=3" --update
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_lenient_pam_files.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_lenient_pam_files.fail.sh
deleted file mode 100644
index cb1ca930499..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_lenient_pam_files.fail.sh
+++ /dev/null
@@ -1,6 +0,0 @@
-#!/bin/bash
-# packages = authconfig
-# platform = Oracle Linux 7,multi_platform_fedora
-# variables = var_accounts_passwords_pam_faillock_deny=3
-
-authconfig --enablefaillock --faillockargs="deny=5" --update
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_stricter_pam_files.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_stricter_pam_files.pass.sh
deleted file mode 100644
index 54729a3144b..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_stricter_pam_files.pass.sh
+++ /dev/null
@@ -1,6 +0,0 @@
-#!/bin/bash
-# packages = authconfig
-# platform = Oracle Linux 7,multi_platform_fedora
-# variables = var_accounts_passwords_pam_faillock_deny=3
-
-authconfig --enablefaillock --faillockargs="deny=2" --update
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/ubuntu_commented_values.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/ubuntu_commented_values.fail.sh
deleted file mode 100644
index 9b10313e9f8..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/ubuntu_commented_values.fail.sh
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/bash
-# platform = multi_platform_ubuntu
-# variables = var_accounts_passwords_pam_faillock_deny=10
-
-source ubuntu_common.sh
-
-echo "#deny=1" > /etc/security/faillock.conf
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/ubuntu_common.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/ubuntu_common.sh
deleted file mode 100644
index 532926d2701..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/ubuntu_common.sh
+++ /dev/null
@@ -1,24 +0,0 @@
-#!/bin/bash
-
-cat << EOF > /usr/share/pam-configs/faillock
-Name: Enable pam_faillock to deny access
-Default: yes
-Priority: 0
-Auth-Type: Primary
-Auth:
-    [default=die]                   pam_faillock.so authfail
-EOF
-
-cat << EOF > /usr/share/pam-configs/faillock_notify
-Name: Notify of failed login attempts and reset count upon success
-Default: yes
-Priority: 1024
-Auth-Type: Primary
-Auth:
-    requisite                       pam_faillock.so preauth
-Account-Type: Primary
-Account:
-    required                        pam_faillock.so
-EOF
-
-DEBIAN_FRONTEND=noninteractive pam-auth-update
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/ubuntu_correct.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/ubuntu_correct.pass.sh
deleted file mode 100644
index 6edc7e7af1f..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/ubuntu_correct.pass.sh
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/bash
-# platform = multi_platform_ubuntu
-# variables = var_accounts_passwords_pam_faillock_deny=10
-
-source ubuntu_common.sh
-
-echo "deny=1" > /etc/security/faillock.conf
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/ubuntu_correct_pamd.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/ubuntu_correct_pamd.pass.sh
deleted file mode 100644
index f1d9a7266c5..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/ubuntu_correct_pamd.pass.sh
+++ /dev/null
@@ -1,26 +0,0 @@
-#!/bin/bash
-# platform = multi_platform_ubuntu
-# variables = var_accounts_passwords_pam_faillock_deny=10
-
-cat << EOF > /usr/share/pam-configs/faillock
-Name: Enable pam_faillock to deny access
-Default: yes
-Priority: 0
-Auth-Type: Primary
-Auth:
-    [default=die]                   pam_faillock.so authfail deny=1
-EOF
-
-cat << EOF > /usr/share/pam-configs/faillock_notify
-Name: Notify of failed login attempts and reset count upon success
-Default: yes
-Priority: 1024
-Auth-Type: Primary
-Auth:
-    requisite                       pam_faillock.so preauth deny=1
-Account-Type: Primary
-Account:
-    required                        pam_faillock.so
-EOF
-
-DEBIAN_FRONTEND=noninteractive pam-auth-update
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/ubuntu_missing_pamd.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/ubuntu_missing_pamd.fail.sh
deleted file mode 100644
index 3fbb16cdc5c..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/ubuntu_missing_pamd.fail.sh
+++ /dev/null
@@ -1,5 +0,0 @@
-#!/bin/bash
-# platform = multi_platform_ubuntu
-# variables = var_accounts_passwords_pam_faillock_deny=10
-
-echo "deny=1" > /etc/security/faillock.conf
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/ubuntu_wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/ubuntu_wrong_value.fail.sh
deleted file mode 100644
index b185d221714..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/ubuntu_wrong_value.fail.sh
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/bash
-# platform = multi_platform_ubuntu
-# variables = var_accounts_passwords_pam_faillock_deny=10
-
-source ubuntu_common.sh
-
-echo "deny=999" > /etc/security/faillock.conf
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/authselect_modified_pam.fail.sh
deleted file mode 100644
index b3232cc93ec..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/authselect_modified_pam.fail.sh
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-# remediation = none
-
-SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
-
-# This modification will break the integrity checks done by authselect.
-if ! $(grep -q "^[^#].*pam_pwhistory\.so.*remember=" $SYSTEM_AUTH_FILE); then
-	sed -i "/^password.*requisite.*pam_pwquality\.so/a password    requisite     pam_pwhistory.so" $SYSTEM_AUTH_FILE
-else
-   sed -i "s/\(.*pam_pwhistory\.so.*remember=\)[[:digit:]]\+\s\(.*\)/\1/g" $SYSTEM_AUTH_FILE
-fi
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/conflicting_settings_authselect.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/conflicting_settings_authselect.fail.sh
deleted file mode 100644
index 9a553893cbe..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/conflicting_settings_authselect.fail.sh
+++ /dev/null
@@ -1,29 +0,0 @@
-#!/bin/bash
-# packages = authselect,pam
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-
-pam_files=("password-auth" "system-auth")
-
-authselect create-profile testingProfile --base-on minimal
-
-CUSTOM_PROFILE_DIR="/etc/authselect/custom/testingProfile"
-
-authselect select --force custom/testingProfile
-
-truncate -s 0 /etc/security/faillock.conf
-
-echo "fail_interval = 900" > /etc/security/faillock.conf
-
-{{{ bash_pam_faillock_enable() }}}
-
-for file in ${pam_files[@]}; do
-    if grep -qP "auth.*faillock\.so.*preauth" $CUSTOM_PROFILE_DIR/$file; then
-        sed -i "/^\s*auth.*faillock\.so.*preauth/ s/$/fail_interval=900/" \
-            "$CUSTOM_PROFILE_DIR/$file"
-    else 
-        sed -i "0,/^\s*auth.*/i auth required pam_faillock.so preauth fail_interval=900" \
-        "$CUSTOM_PROFILE_DIR/$file"
-    fi
-done
-
-authselect apply-changes
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_conflicting_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_conflicting_settings.fail.sh
deleted file mode 100644
index 0b67e0e02af..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_conflicting_settings.fail.sh
+++ /dev/null
@@ -1,16 +0,0 @@
-#!/bin/bash
-# packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-# remediation = none
-# variables = var_accounts_passwords_pam_faillock_fail_interval=900
-
-authselect select sssd --force
-authselect enable-feature with-faillock
-# This test scenario simulates conflicting settings in pam and faillock.conf files.
-# It means that authselect is not properly configured and may have a unexpected behaviour. The
-# authselect integrity check will fail and the remediation will be aborted in order to preserve
-# intentional changes. In this case, an informative message will be shown in the remediation report.
-sed -i --follow-symlinks 's/\(pam_faillock.so \(preauth silent\|authfail\)\).*$/\1 fail_interval=900/g' /etc/pam.d/system-auth /etc/pam.d/password-auth
-> /etc/security/faillock.conf
-echo "fail_interval = 900" >> /etc/security/faillock.conf
-echo "silent" >> /etc/security/faillock.conf
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_disabled.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_disabled.fail.sh
deleted file mode 100644
index 9d4320fbb4e..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_disabled.fail.sh
+++ /dev/null
@@ -1,11 +0,0 @@
-#!/bin/bash
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-# packages = authselect
-# variables = var_accounts_passwords_pam_faillock_fail_interval=900
-
-if [ -f /usr/sbin/authconfig ]; then
-    authconfig --disablefaillock --update
-else
-    authselect select sssd --force
-    authselect disable-feature with-faillock
-fi
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_expected_faillock_conf.pass.sh
deleted file mode 100644
index 82bf9fa75bb..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_expected_faillock_conf.pass.sh
+++ /dev/null
@@ -1,10 +0,0 @@
-#!/bin/bash
-# packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-# variables = var_accounts_passwords_pam_faillock_fail_interval=900
-
-authselect select sssd --force
-authselect enable-feature with-faillock
-> /etc/security/faillock.conf
-echo "fail_interval = 900" >> /etc/security/faillock.conf
-echo "silent" >> /etc/security/faillock.conf
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_expected_pam_files.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_expected_pam_files.pass.sh
deleted file mode 100644
index 552078405cc..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_expected_pam_files.pass.sh
+++ /dev/null
@@ -1,6 +0,0 @@
-#!/bin/bash
-# packages = authconfig
-# platform = Oracle Linux 7,multi_platform_fedora
-# variables = var_accounts_passwords_pam_faillock_fail_interval=900
-
-authconfig --enablefaillock --faillockargs="fail_interval=900" --update
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_lenient_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_lenient_faillock_conf.fail.sh
deleted file mode 100644
index 74236e2fba7..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_lenient_faillock_conf.fail.sh
+++ /dev/null
@@ -1,10 +0,0 @@
-#!/bin/bash
-# packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-# variables = var_accounts_passwords_pam_faillock_fail_interval=900
-
-authselect select sssd --force
-authselect enable-feature with-faillock
-> /etc/security/faillock.conf
-echo "fail_interval = 300" >> /etc/security/faillock.conf
-echo "silent" >> /etc/security/faillock.conf
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_lenient_pam_files.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_lenient_pam_files.fail.sh
deleted file mode 100644
index f1d331f5da1..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_lenient_pam_files.fail.sh
+++ /dev/null
@@ -1,6 +0,0 @@
-#!/bin/bash
-# packages = authconfig
-# platform = Oracle Linux 7,multi_platform_fedora
-# variables = var_accounts_passwords_pam_faillock_fail_interval=900
-
-authconfig --enablefaillock --faillockargs="fail_interval=300" --update
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
deleted file mode 100644
index ef2461160c2..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
+++ /dev/null
@@ -1,18 +0,0 @@
-#!/bin/bash
-# packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-# remediation = none
-# variables = var_accounts_passwords_pam_faillock_fail_interval=900
-
-authselect select sssd --force
-authselect enable-feature with-faillock
-# Ensure the parameters only in /etc/security/faillock.conf
-sed -i --follow-symlinks 's/\(pam_faillock.so \(preauth silent\|authfail\)\).*$/\1/g' /etc/pam.d/system-auth /etc/pam.d/password-auth
-> /etc/security/faillock.conf
-echo "fail_interval = 900" >> /etc/security/faillock.conf
-echo "silent" >> /etc/security/faillock.conf
-
-# Multiple instances of pam_unix.so in auth section may, intentionally or not, interfere
-# in the expected behaviour of pam_faillock.so. Remediation does not solve this automatically
-# in order to preserve intentional changes.
-echo "auth        sufficient       pam_unix.so" >> /etc/pam.d/password-auth
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_multiple_pam_unix_pam_files.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_multiple_pam_unix_pam_files.fail.sh
deleted file mode 100644
index eaf164272ad..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_multiple_pam_unix_pam_files.fail.sh
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/bin/bash
-# packages = authconfig
-# platform = Oracle Linux 7,multi_platform_fedora
-# remediation = none
-# variables = var_accounts_passwords_pam_faillock_fail_interval=900
-
-authconfig --enablefaillock --faillockargs="fail_interval=900" --update
-
-# Multiple instances of pam_unix.so in auth section may, intentionally or not, interfere
-# in the expected behaviour of pam_faillock.so. Remediation does not solve this automatically
-# in order to preserve intentional changes.
-echo "auth        sufficient       pam_unix.so" >> /etc/pam.d/password-auth
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_not_required_pam_files.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_not_required_pam_files.fail.sh
deleted file mode 100644
index 30e04472962..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_not_required_pam_files.fail.sh
+++ /dev/null
@@ -1,20 +0,0 @@
-#!/bin/bash
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-# packages = authselect
-# remediation = none
-# variables = var_accounts_passwords_pam_faillock_fail_interval=900
-
-# This test scenario manually modify the pam_faillock.so entries in auth section from
-# "required" to "sufficient". This makes pam_faillock.so behave differently than initially
-# intentioned. We catch this, but we can't safely remediate in an automated way.
-if [ -f /usr/sbin/authconfig ]; then
-    authconfig --enablefaillock --faillockargs="fail_interval=900" --update
-else
-    authselect select sssd --force
-    authselect enable-feature with-faillock
-    sed -i --follow-symlinks 's/\(pam_faillock.so \(preauth silent\|authfail\)\).*$/\1 fail_interval=900/g' /etc/pam.d/system-auth /etc/pam.d/password-auth
-fi
-sed -i --follow-symlinks 's/\(^\s*auth\s*\)\(\s.*\)\(pam_faillock\.so.*$\)/\1 sufficient \3/g' /etc/pam.d/system-auth /etc/pam.d/password-auth
-if [ -f /etc/security/faillock.conf ]; then
-    > /etc/security/faillock.conf
-fi
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_stricter_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_stricter_faillock_conf.pass.sh
deleted file mode 100644
index c71a12afe36..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_stricter_faillock_conf.pass.sh
+++ /dev/null
@@ -1,10 +0,0 @@
-#!/bin/bash
-# packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-# variables = var_accounts_passwords_pam_faillock_fail_interval=900
-
-authselect select sssd --force
-authselect enable-feature with-faillock
-> /etc/security/faillock.conf
-echo "fail_interval = 1200" >> /etc/security/faillock.conf
-echo "silent" >> /etc/security/faillock.conf
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_stricter_pam_files.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_stricter_pam_files.pass.sh
deleted file mode 100644
index 3697ba2b0d9..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_stricter_pam_files.pass.sh
+++ /dev/null
@@ -1,6 +0,0 @@
-#!/bin/bash
-# packages = authconfig
-# platform = Oracle Linux 7,multi_platform_fedora
-# variables = var_accounts_passwords_pam_faillock_fail_interval=900
-
-authconfig --enablefaillock --faillockargs="fail_interval=1200" --update
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/ubuntu_commented_values.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/ubuntu_commented_values.fail.sh
deleted file mode 100644
index a865d7efd18..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/ubuntu_commented_values.fail.sh
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/bash
-# platform = multi_platform_ubuntu
-# variables = var_accounts_passwords_pam_faillock_fail_interval=800
-
-source ubuntu_common.sh
-
-echo "#fail_interval=900" > /etc/security/faillock.conf
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/ubuntu_common.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/ubuntu_common.sh
deleted file mode 100644
index 532926d2701..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/ubuntu_common.sh
+++ /dev/null
@@ -1,24 +0,0 @@
-#!/bin/bash
-
-cat << EOF > /usr/share/pam-configs/faillock
-Name: Enable pam_faillock to deny access
-Default: yes
-Priority: 0
-Auth-Type: Primary
-Auth:
-    [default=die]                   pam_faillock.so authfail
-EOF
-
-cat << EOF > /usr/share/pam-configs/faillock_notify
-Name: Notify of failed login attempts and reset count upon success
-Default: yes
-Priority: 1024
-Auth-Type: Primary
-Auth:
-    requisite                       pam_faillock.so preauth
-Account-Type: Primary
-Account:
-    required                        pam_faillock.so
-EOF
-
-DEBIAN_FRONTEND=noninteractive pam-auth-update
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/ubuntu_correct.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/ubuntu_correct.pass.sh
deleted file mode 100644
index 0be3daea347..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/ubuntu_correct.pass.sh
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/bash
-# platform = multi_platform_ubuntu
-# variables = var_accounts_passwords_pam_faillock_fail_interval=800
-
-source ubuntu_common.sh
-
-echo "fail_interval=900" > /etc/security/faillock.conf
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/ubuntu_correct_pamd.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/ubuntu_correct_pamd.pass.sh
deleted file mode 100644
index 7b43417e5f7..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/ubuntu_correct_pamd.pass.sh
+++ /dev/null
@@ -1,26 +0,0 @@
-#!/bin/bash
-# platform = multi_platform_ubuntu
-# variables = var_accounts_passwords_pam_faillock_fail_interval=800
-
-cat << EOF > /usr/share/pam-configs/faillock
-Name: Enable pam_faillock to deny access
-Default: yes
-Priority: 0
-Auth-Type: Primary
-Auth:
-    [default=die]                   pam_faillock.so authfail fail_interval=900
-EOF
-
-cat << EOF > /usr/share/pam-configs/faillock_notify
-Name: Notify of failed login attempts and reset count upon success
-Default: yes
-Priority: 1024
-Auth-Type: Primary
-Auth:
-    requisite                       pam_faillock.so preauth fail_interval=900
-Account-Type: Primary
-Account:
-    required                        pam_faillock.so
-EOF
-
-DEBIAN_FRONTEND=noninteractive pam-auth-update
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/ubuntu_missing_pamd.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/ubuntu_missing_pamd.fail.sh
deleted file mode 100644
index 1983fb4e6ff..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/ubuntu_missing_pamd.fail.sh
+++ /dev/null
@@ -1,5 +0,0 @@
-#!/bin/bash
-# platform = multi_platform_ubuntu
-# variables = var_accounts_passwords_pam_faillock_fail_interval=800
-
-echo "fail_interval=900" > /etc/security/faillock.conf
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/ubuntu_wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/ubuntu_wrong_value.fail.sh
deleted file mode 100644
index 88fc852a76c..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/ubuntu_wrong_value.fail.sh
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/bash
-# platform = multi_platform_ubuntu
-# variables = var_accounts_passwords_pam_faillock_fail_interval=800
-
-source ubuntu_common.sh
-
-echo "fail_interval=100" > /etc/security/faillock.conf
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/authselect_modified_pam.fail.sh
deleted file mode 100644
index b3232cc93ec..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/authselect_modified_pam.fail.sh
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
-# remediation = none
-
-SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
-
-# This modification will break the integrity checks done by authselect.
-if ! $(grep -q "^[^#].*pam_pwhistory\.so.*remember=" $SYSTEM_AUTH_FILE); then
-	sed -i "/^password.*requisite.*pam_pwquality\.so/a password    requisite     pam_pwhistory.so" $SYSTEM_AUTH_FILE
-else
-   sed -i "s/\(.*pam_pwhistory\.so.*remember=\)[[:digit:]]\+\s\(.*\)/\1/g" $SYSTEM_AUTH_FILE
-fi
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/conflicting_settings_authselect.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/conflicting_settings_authselect.fail.sh
deleted file mode 100644
index d547b0e3562..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/conflicting_settings_authselect.fail.sh
+++ /dev/null
@@ -1,30 +0,0 @@
-#!/bin/bash
-# packages = authselect,pam
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
-
-pam_files=("password-auth" "system-auth")
-
-authselect create-profile testingProfile --base-on minimal
-
-CUSTOM_PROFILE_DIR="/etc/authselect/custom/testingProfile"
-
-authselect select --force custom/testingProfile
-
-truncate -s 0 /etc/security/faillock.conf
-
-echo "unlock_time=600" > /etc/security/faillock.conf
-
-{{{ bash_pam_faillock_enable() }}}
-
-for file in ${pam_files[@]}; do
-    if grep -qP "auth.*faillock\.so.*preauth" $CUSTOM_PROFILE_DIR/$file; then
-        sed -i "/^\s*auth.*faillock\.so.*preauth/ s/$/unlock_time=600/" \
-            "$CUSTOM_PROFILE_DIR/$file"
-    else 
-        sed -i "0,/^\s*auth.*/i auth required pam_faillock.so preauth unlock_time=600" \
-        "$CUSTOM_PROFILE_DIR/$file"
-    fi
-done
-
-
-authselect apply-changes
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_conflicting_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_conflicting_settings.fail.sh
deleted file mode 100644
index 057348eb4e7..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_conflicting_settings.fail.sh
+++ /dev/null
@@ -1,16 +0,0 @@
-#!/bin/bash
-# packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-# remediation = none
-# variables = var_accounts_passwords_pam_faillock_unlock_time=600
-
-authselect select sssd --force
-authselect enable-feature with-faillock
-# This test scenario simulates conflicting settings in pam and faillock.conf files.
-# It means that authselect is not properly configured and may have a unexpected behaviour. The
-# authselect integrity check will fail and the remediation will be aborted in order to preserve
-# intentional changes. In this case, an informative message will be shown in the remediation report.
-sed -i --follow-symlinks 's/\(pam_faillock.so \(preauth silent\|authfail\)\).*$/\1 unlock_time=600/g' /etc/pam.d/system-auth /etc/pam.d/password-auth
-> /etc/security/faillock.conf
-echo "unlock_time=600" >> /etc/security/faillock.conf
-echo "silent" >> /etc/security/faillock.conf
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_disabled.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_disabled.fail.sh
deleted file mode 100644
index bfcc7d4a43c..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_disabled.fail.sh
+++ /dev/null
@@ -1,11 +0,0 @@
-#!/bin/bash
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-# packages = authselect
-# variables = var_accounts_passwords_pam_faillock_unlock_time=600
-
-if [ -f /usr/sbin/authconfig ]; then
-    authconfig --disablefaillock --update
-else
-    authselect select sssd --force
-    authselect disable-feature with-faillock
-fi
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_expected_pam_files.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_expected_pam_files.pass.sh
deleted file mode 100644
index 643f503f1ac..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_expected_pam_files.pass.sh
+++ /dev/null
@@ -1,6 +0,0 @@
-#!/bin/bash
-# packages = authconfig
-# platform = Oracle Linux 7,multi_platform_fedora
-# variables = var_accounts_passwords_pam_faillock_unlock_time=600
-
-authconfig --enablefaillock --faillockargs="unlock_time=600" --update
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_lenient_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_lenient_faillock_conf.fail.sh
deleted file mode 100644
index 838ab7c536f..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_lenient_faillock_conf.fail.sh
+++ /dev/null
@@ -1,10 +0,0 @@
-#!/bin/bash
-# packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-# variables = var_accounts_passwords_pam_faillock_unlock_time=600
-
-authselect select sssd --force
-authselect enable-feature with-faillock
-> /etc/security/faillock.conf
-echo "unlock_time=300" >> /etc/security/faillock.conf
-echo "silent" >> /etc/security/faillock.conf
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_lenient_pam_files.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_lenient_pam_files.fail.sh
deleted file mode 100644
index a45ea873de1..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_lenient_pam_files.fail.sh
+++ /dev/null
@@ -1,6 +0,0 @@
-#!/bin/bash
-# packages = authconfig
-# platform = Oracle Linux 7,multi_platform_fedora
-# variables = var_accounts_passwords_pam_faillock_unlock_time=600
-
-authconfig --enablefaillock --faillockargs="unlock_time=300" --update
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
deleted file mode 100644
index b7b1532bb97..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
+++ /dev/null
@@ -1,18 +0,0 @@
-#!/bin/bash
-# packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-# remediation = none
-# variables = var_accounts_passwords_pam_faillock_unlock_time=600
-
-authselect select sssd --force
-authselect enable-feature with-faillock
-# Ensure the parameters only in /etc/security/faillock.conf
-sed -i --follow-symlinks 's/\(pam_faillock.so \(preauth silent\|authfail\)\).*$/\1/g' /etc/pam.d/system-auth /etc/pam.d/password-auth
-> /etc/security/faillock.conf
-echo "unlock_time=600" >> /etc/security/faillock.conf
-echo "silent" >> /etc/security/faillock.conf
-
-# Multiple instances of pam_unix.so in auth section may, intentionally or not, interfere
-# in the expected behaviour of pam_faillock.so. Remediation does not solve this automatically
-# in order to preserve intentional changes.
-echo "auth        sufficient       pam_unix.so" >> /etc/pam.d/password-auth
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_multiple_pam_unix_pam_files.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_multiple_pam_unix_pam_files.fail.sh
deleted file mode 100644
index d7d727671b4..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_multiple_pam_unix_pam_files.fail.sh
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/bin/bash
-# packages = authconfig
-# platform = Oracle Linux 7,multi_platform_fedora
-# remediation = none
-# variables = var_accounts_passwords_pam_faillock_unlock_time=600
-
-authconfig --enablefaillock --faillockargs="unlock_time=600" --update
-
-# Multiple instances of pam_unix.so in auth section may, intentionally or not, interfere
-# in the expected behaviour of pam_faillock.so. Remediation does not solve this automatically
-# in order to preserve intentional changes.
-echo "auth        sufficient       pam_unix.so" >> /etc/pam.d/password-auth
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_not_required_pam_files.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_not_required_pam_files.fail.sh
deleted file mode 100644
index eff1bd32c19..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_not_required_pam_files.fail.sh
+++ /dev/null
@@ -1,20 +0,0 @@
-#!/bin/bash
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle
-# packages = authselect
-# remediation = none
-# variables = var_accounts_passwords_pam_faillock_unlock_time=600
-
-# This test scenario manually modify the pam_faillock.so entries in auth section from
-# "required" to "sufficient". This makes pam_faillock.so behave differently than initially
-# intentioned. We catch this, but we can't safely remediate in an automated way.
-if [ -f /usr/sbin/authconfig ]; then
-    authconfig --enablefaillock --faillockargs="unlock_time=600" --update
-else
-    authselect select sssd --force
-    authselect enable-feature with-faillock
-    sed -i --follow-symlinks 's/\(pam_faillock.so \(preauth silent\|authfail\)\).*$/\1 unlock_time=600/g' /etc/pam.d/system-auth /etc/pam.d/password-auth
-fi
-sed -i --follow-symlinks 's/\(^\s*auth\s*\)\(\s.*\)\(pam_faillock\.so.*$\)/\1 sufficient \3/g' /etc/pam.d/system-auth /etc/pam.d/password-auth
-if [ -f /etc/security/faillock.conf ]; then
-    > /etc/security/faillock.conf
-fi
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_stricter_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_stricter_faillock_conf.pass.sh
deleted file mode 100644
index a57645eb10a..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_stricter_faillock_conf.pass.sh
+++ /dev/null
@@ -1,10 +0,0 @@
-#!/bin/bash
-# packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-# variables = var_accounts_passwords_pam_faillock_unlock_time=600
-
-authselect select sssd --force
-authselect enable-feature with-faillock
-> /etc/security/faillock.conf
-echo "unlock_time=900" >> /etc/security/faillock.conf
-echo "silent" >> /etc/security/faillock.conf
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_stricter_pam_files.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_stricter_pam_files.pass.sh
deleted file mode 100644
index 3db1d3acf87..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_stricter_pam_files.pass.sh
+++ /dev/null
@@ -1,6 +0,0 @@
-#!/bin/bash
-# packages = authconfig
-# platform = Oracle Linux 7,multi_platform_fedora
-# variables = var_accounts_passwords_pam_faillock_unlock_time=600
-
-authconfig --enablefaillock --faillockargs="unlock_time=900" --update
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/ubuntu_commented_values.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/ubuntu_commented_values.fail.sh
deleted file mode 100644
index 0825090b42d..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/ubuntu_commented_values.fail.sh
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/bash
-# platform = multi_platform_ubuntu
-# variables = var_accounts_passwords_pam_faillock_unlock_time=300
-
-source ubuntu_common.sh
-
-echo "#unlock_time=1000" > /etc/security/faillock.conf
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/ubuntu_common.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/ubuntu_common.sh
deleted file mode 100644
index 532926d2701..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/ubuntu_common.sh
+++ /dev/null
@@ -1,24 +0,0 @@
-#!/bin/bash
-
-cat << EOF > /usr/share/pam-configs/faillock
-Name: Enable pam_faillock to deny access
-Default: yes
-Priority: 0
-Auth-Type: Primary
-Auth:
-    [default=die]                   pam_faillock.so authfail
-EOF
-
-cat << EOF > /usr/share/pam-configs/faillock_notify
-Name: Notify of failed login attempts and reset count upon success
-Default: yes
-Priority: 1024
-Auth-Type: Primary
-Auth:
-    requisite                       pam_faillock.so preauth
-Account-Type: Primary
-Account:
-    required                        pam_faillock.so
-EOF
-
-DEBIAN_FRONTEND=noninteractive pam-auth-update
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/ubuntu_correct.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/ubuntu_correct.pass.sh
deleted file mode 100644
index 7ace223da97..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/ubuntu_correct.pass.sh
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/bash
-# platform = multi_platform_ubuntu
-# variables = var_accounts_passwords_pam_faillock_unlock_time=300
-
-source ubuntu_common.sh
-
-echo "unlock_time=1000" > /etc/security/faillock.conf
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/ubuntu_correct_pamd.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/ubuntu_correct_pamd.pass.sh
deleted file mode 100644
index 884fdcd6baa..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/ubuntu_correct_pamd.pass.sh
+++ /dev/null
@@ -1,26 +0,0 @@
-#!/bin/bash
-# platform = multi_platform_ubuntu
-# variables = var_accounts_passwords_pam_faillock_unlock_time=300
-
-cat << EOF > /usr/share/pam-configs/faillock
-Name: Enable pam_faillock to deny access
-Default: yes
-Priority: 0
-Auth-Type: Primary
-Auth:
-    [default=die]                   pam_faillock.so authfail unlock_time=900
-EOF
-
-cat << EOF > /usr/share/pam-configs/faillock_notify
-Name: Notify of failed login attempts and reset count upon success
-Default: yes
-Priority: 1024
-Auth-Type: Primary
-Auth:
-    requisite                       pam_faillock.so preauth unlock_time=900
-Account-Type: Primary
-Account:
-    required                        pam_faillock.so
-EOF
-
-DEBIAN_FRONTEND=noninteractive pam-auth-update
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/ubuntu_missing_pamd.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/ubuntu_missing_pamd.fail.sh
deleted file mode 100644
index 89e4d1a4a78..00000000000
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/ubuntu_missing_pamd.fail.sh
+++ /dev/null
@@ -1,5 +0,0 @@
-#!/bin/bash
-# platform = multi_platform_ubuntu
-# variables = var_accounts_passwords_pam_faillock_unlock_time=300
-
-echo "unlock_time=1000" > /etc/security/faillock.conf
diff --git a/shared/macros/20-test-scenarios.jinja b/shared/macros/20-test-scenarios.jinja
index db1f03220eb..879d61a5d69 100644
--- a/shared/macros/20-test-scenarios.jinja
+++ b/shared/macros/20-test-scenarios.jinja
@@ -10,3 +10,103 @@ sed -i "s%^ExecStartPost=.*%ExecStartPost=-/sbin/auditctl%" /usr/lib/systemd/sys
   {{% endif %}}
 {{%- endmacro -%}}
 
+
+{{#
+This macro is used by pam_account_password_faillock template to initialize
+the external variable and parameter value to a desired state.
+
+:param state:         correct, stricter, lenient_high, lenient_low
+:type state: str
+#}}
+
+{{%- macro tests_init_faillock_vars(state) -%}}
+
+PRM_NAME={{{ PRM_NAME }}}
+{{% if state not in ["correct", "stricter", "lenient_high", "lenient_low"] %}}
+echo "Unsupported value for argument 'state': {{{ state }}}"
+exit 2
+
+{{% elif VARIABLE_UPPER_BOUND == "use_ext_variable" and VARIABLE_LOWER_BOUND == "use_ext_variable" %}}
+{{% if state == "correct" %}}
+# variables = {{{ EXT_VARIABLE }}}=5
+TEST_VALUE=5
+{{% elif state == "stricter" %}}
+# variables = {{{ EXT_VARIABLE }}}=5
+TEST_VALUE=5
+{{% elif state == "lenient_high" %}}
+# variables = {{{ EXT_VARIABLE }}}=5
+TEST_VALUE=6
+{{% elif state == "lenient_low" %}}
+# variables = {{{ EXT_VARIABLE }}}=5
+TEST_VALUE=4
+{{% endif %}}
+
+{{% elif VARIABLE_UPPER_BOUND == "use_ext_variable" and VARIABLE_LOWER_BOUND is number %}}
+{{% if state == "correct" %}}
+# variables = {{{ EXT_VARIABLE }}}={{{ VARIABLE_LOWER_BOUND }}}
+TEST_VALUE={{{ VARIABLE_LOWER_BOUND }}}
+{{% elif state == "stricter" %}}
+# variables = {{{ EXT_VARIABLE }}}={{{ VARIABLE_LOWER_BOUND + 2 }}}
+TEST_VALUE={{{ VARIABLE_LOWER_BOUND + 1 }}}
+{{% elif state == "lenient_high" %}}
+# variables = {{{ EXT_VARIABLE }}}={{{ VARIABLE_LOWER_BOUND }}}
+TEST_VALUE={{{ VARIABLE_LOWER_BOUND + 1 }}}
+{{% elif state == "lenient_low" %}}
+# variables = {{{ EXT_VARIABLE }}}={{{ VARIABLE_LOWER_BOUND }}}
+TEST_VALUE={{{ VARIABLE_LOWER_BOUND - 1 }}}
+{{% endif %}}
+
+{{% elif VARIABLE_UPPER_BOUND == "use_ext_variable" and VARIABLE_LOWER_BOUND is none %}}
+{{% if state == "correct" %}}
+# variables = {{{ EXT_VARIABLE }}}=5
+TEST_VALUE=5
+{{% elif state == "stricter" %}}
+# variables = {{{ EXT_VARIABLE }}}=5
+TEST_VALUE=4
+{{% elif state == "lenient_high" %}}
+# variables = {{{ EXT_VARIABLE }}}=5
+TEST_VALUE=6
+{{% elif state == "lenient_low" %}}
+# there is no lower limit so the test should be not-applicable
+# check = none
+{{% endif %}}
+
+{{% elif VARIABLE_LOWER_BOUND == "use_ext_variable" and VARIABLE_UPPER_BOUND is number %}}
+{{% if state == "correct" %}}
+# variables = {{{ EXT_VARIABLE }}}={{{ VARIABLE_UPPER_BOUND | default(100) }}}
+TEST_VALUE={{{ VARIABLE_UPPER_BOUND | default(100) }}}
+{{% elif state == "stricter" %}}
+# variables = {{{ EXT_VARIABLE }}}={{{ VARIABLE_UPPER_BOUND | default(100) - 2 }}}
+TEST_VALUE={{{ VARIABLE_UPPER_BOUND | default(100) - 1 }}}
+{{% elif state == "lenient_high" %}}
+# variables = {{{ EXT_VARIABLE }}}={{{ VARIABLE_UPPER_BOUND }}}
+TEST_VALUE={{{ VARIABLE_UPPER_BOUND + 1 }}}
+{{% elif state == "lenient_low" %}}
+# variables = {{{ EXT_VARIABLE }}}={{{ VARIABLE_UPPER_BOUND }}}
+TEST_VALUE={{{ VARIABLE_UPPER_BOUND - 1 }}}
+{{% endif %}}
+
+{{% elif VARIABLE_LOWER_BOUND == "use_ext_variable" and VARIABLE_UPPER_BOUND is none %}}
+{{% if state == "correct" %}}
+# variables = {{{ EXT_VARIABLE }}}=5
+TEST_VALUE=5
+{{% elif state == "stricter" %}}
+# variables = {{{ EXT_VARIABLE }}}=5
+TEST_VALUE=6
+{{% elif state == "lenient_high" %}}
+# there is no upper limit so the test should be not-applicable
+# check = none
+{{% elif state == "lenient_low" %}}
+# variables = {{{ EXT_VARIABLE }}}=5
+TEST_VALUE=4
+{{% endif %}}
+
+{{% else %}}
+echo "The combination of template parameters is not supported by the test:"
+echo "  variable_upper_bound={{{ VARIABLE_UPPER_BOUND }}}"
+echo "  variable_lower_bound={{{ VARIABLE_LOWER_BOUND }}}"
+echo "  ext_variable={{{ EXT_VARIABLE }}}"
+exit 2
+{{% endif %}}
+{{%- endmacro -%}}
+
diff --git a/shared/templates/pam_account_password_faillock/ansible.template b/shared/templates/pam_account_password_faillock/ansible.template
index 5e1161920e5..52ff31b34bd 100644
--- a/shared/templates/pam_account_password_faillock/ansible.template
+++ b/shared/templates/pam_account_password_faillock/ansible.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_all
+# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
 # reboot = false
 # strategy = restrict
 # complexity = low
diff --git a/shared/templates/pam_account_password_faillock/oval.template b/shared/templates/pam_account_password_faillock/oval.template
index 915905aedd3..c98ebeda316 100644
--- a/shared/templates/pam_account_password_faillock/oval.template
+++ b/shared/templates/pam_account_password_faillock/oval.template
@@ -242,10 +242,10 @@
       id="test_accounts_passwords_pam_faillock_{{{ PRM_NAME }}}_parameter_pamd_{{{ file_stem }}}"
       comment="Check the expected {{{ PRM_NAME }}} value in {{{ file_stem }}}-auth">
     <ind:object object_ref="object_accounts_passwords_pam_faillock_{{{ PRM_NAME }}}_parameter_pamd_{{{ file_stem }}}"/>
-    {{% if VARIABLE_UPPER_BOUND is defined and VARIABLE_UPPER_BOUND != "none" %}}
+    {{% if VARIABLE_UPPER_BOUND is not none %}}
     <ind:state state_ref="state_accounts_passwords_pam_faillock_{{{ PRM_NAME }}}_parameter_upper_bound"/>
     {{% endif %}}
-    {{% if VARIABLE_LOWER_BOUND is defined and VARIABLE_LOWER_BOUND != "none" %}}
+    {{% if VARIABLE_LOWER_BOUND is not none %}}
     <ind:state state_ref="state_accounts_passwords_pam_faillock_{{{ PRM_NAME }}}_parameter_lower_bound"/>
     {{% endif %}}
   </ind:textfilecontent54_test>
@@ -266,34 +266,28 @@
   <external_variable id="{{{ EXT_VARIABLE }}}" datatype="int"
                      comment="external variable to use" version="1"/>
 
-  {{% if VARIABLE_UPPER_BOUND is defined and VARIABLE_UPPER_BOUND != "none" %}}
+  {{% if VARIABLE_UPPER_BOUND is not none %}}
   <ind:textfilecontent54_state
       version="1"
       id="state_accounts_passwords_pam_faillock_{{{ PRM_NAME }}}_parameter_upper_bound">
     {{% if VARIABLE_UPPER_BOUND == "use_ext_variable" %}}
     <ind:subexpression datatype="int" operation="less than or equal"
 		       var_ref="{{{ EXT_VARIABLE }}}"/>
-    {{% elif VARIABLE_UPPER_BOUND is number %}}
-    <ind:subexpression datatype="int" operation="less than">{{{ VARIABLE_UPPER_BOUND }}}</ind:subexpression>
     {{% else %}}
-    <ind:subexpression datatype="int" operation="less than or equal"
-		       var_ref="{{{ VARIABLE_UPPER_BOUND }}}"/>
+    <ind:subexpression datatype="int" operation="less than or equal">{{{ VARIABLE_UPPER_BOUND }}}</ind:subexpression>
     {{% endif %}}
   </ind:textfilecontent54_state>
   {{% endif %}}
 
-  {{% if VARIABLE_LOWER_BOUND is defined and VARIABLE_LOWER_BOUND != "none" %}}
+  {{% if VARIABLE_LOWER_BOUND is not none %}}
   <ind:textfilecontent54_state
       version="1"
       id="state_accounts_passwords_pam_faillock_{{{ PRM_NAME }}}_parameter_lower_bound">
     {{% if VARIABLE_LOWER_BOUND == "use_ext_variable" %}}
     <ind:subexpression datatype="int" operation="greater than or equal"
 		       var_ref="{{{ EXT_VARIABLE }}}"/>
-    {{% elif VARIABLE_LOWER_BOUND is number %}}
-    <ind:subexpression datatype="int" operation="greater than">{{{ VARIABLE_LOWER_BOUND }}}</ind:subexpression>
     {{% else %}}
-    <ind:subexpression datatype="int" operation="greater than or equal"
-		       var_ref="{{{ VARIABLE_LOWER_BOUND }}}"/>
+    <ind:subexpression datatype="int" operation="greater than or equal">{{{ VARIABLE_LOWER_BOUND }}}</ind:subexpression>
     {{% endif %}}
   </ind:textfilecontent54_state>
   {{% endif %}}
@@ -307,10 +301,10 @@
 			      id="test_accounts_passwords_pam_faillock_{{{ PRM_NAME }}}_parameter_faillock_conf"
 			      comment="Check the expected {{{ PRM_NAME }}} value in /etc/security/faillock.conf">
     <ind:object object_ref="object_accounts_passwords_pam_faillock_{{{ PRM_NAME }}}_parameter_faillock_conf"/>
-    {{% if VARIABLE_UPPER_BOUND is defined and VARIABLE_UPPER_BOUND != "none" %}}
+    {{% if VARIABLE_UPPER_BOUND is not none %}}
     <ind:state state_ref="state_accounts_passwords_pam_faillock_{{{ PRM_NAME }}}_parameter_upper_bound"/>
     {{% endif %}}
-    {{% if VARIABLE_LOWER_BOUND is defined and VARIABLE_LOWER_BOUND != "none" %}}
+    {{% if VARIABLE_LOWER_BOUND is not none %}}
     <ind:state state_ref="state_accounts_passwords_pam_faillock_{{{ PRM_NAME }}}_parameter_lower_bound"/>
     {{% endif %}}
   </ind:textfilecontent54_test>
diff --git a/shared/templates/pam_account_password_faillock/template.py b/shared/templates/pam_account_password_faillock/template.py
new file mode 100644
index 00000000000..654209336c1
--- /dev/null
+++ b/shared/templates/pam_account_password_faillock/template.py
@@ -0,0 +1,16 @@
+def preprocess(data, lang):
+    if data.get("ext_variable") is None:
+        errmsg = ("The template instance of the rule {0} requires the "
+                  "ext_variable to be defined".format(_rule_id))
+        raise ValueError(errmsg)
+
+    for var in ["variable_upper_bound", "variable_lower_bound"]:
+        data[var] = data.get(var, None)
+        if data.get(var) is not None and \
+           data.get(var) != "use_ext_variable" and \
+           type(data.get(var)) != int:
+            errmsg = ("The template instance of the rule {0} requires the "
+                      "parameter {1} is either 'use_ext_variable' or "
+                      "a number or undefined".formate(_rule_id, var))
+            raise ValueError(errmsg)
+    return data
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/conflicting_settings_authselect.fail.sh b/shared/templates/pam_account_password_faillock/tests/conflicting_settings_authselect.fail.sh
similarity index 66%
rename from linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/conflicting_settings_authselect.fail.sh
rename to shared/templates/pam_account_password_faillock/tests/conflicting_settings_authselect.fail.sh
index 24f5731f63d..91890c28fbc 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/conflicting_settings_authselect.fail.sh
+++ b/shared/templates/pam_account_password_faillock/tests/conflicting_settings_authselect.fail.sh
@@ -2,9 +2,12 @@
 # packages = authselect,pam
 # platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
 
+{{{ tests_init_faillock_vars("correct") }}}
+
 pam_files=("password-auth" "system-auth")
 
-authselect create-profile testingProfile --base-on minimal
+authselect create-profile testingProfile --base-on minimal || \
+    authselect create-profile testingProfile --base-on local
 
 CUSTOM_PROFILE_DIR="/etc/authselect/custom/testingProfile"
 
@@ -12,16 +15,16 @@ authselect select --force custom/testingProfile
 
 truncate -s 0 /etc/security/faillock.conf
 
-echo "deny = 3" > /etc/security/faillock.conf
+echo "$PRM_NAME = $TEST_VALUE" > /etc/security/faillock.conf
 
 {{{ bash_pam_faillock_enable() }}}
 
 for file in ${pam_files[@]}; do
     if grep -qP "auth.*faillock\.so.*preauth" $CUSTOM_PROFILE_DIR/$file; then
-        sed -i "/^\s*auth.*faillock\.so.*preauth/ s/$/deny=3/" \
+        sed -i "/^\s*auth.*faillock\.so.*preauth/ s/$/$PRM_NAME=$TEST_VALUE/" \
             "$CUSTOM_PROFILE_DIR/$file"
     else 
-        sed -i "0,/^\s*auth.*/i auth required pam_faillock.so preauth deny=3" \
+        sed -i "0,/^\s*auth.*/i auth required pam_faillock.so preauth $PRM_NAME=$TEST_VALUE" \
         "$CUSTOM_PROFILE_DIR/$file"
     fi
 done
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_conflicting_settings.fail.sh b/shared/templates/pam_account_password_faillock/tests/pam_faillock_conflicting_settings.fail.sh
similarity index 78%
rename from linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_conflicting_settings.fail.sh
rename to shared/templates/pam_account_password_faillock/tests/pam_faillock_conflicting_settings.fail.sh
index aa3ca061de7..e9f8a06f48d 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_conflicting_settings.fail.sh
+++ b/shared/templates/pam_account_password_faillock/tests/pam_faillock_conflicting_settings.fail.sh
@@ -2,7 +2,8 @@
 # packages = authselect
 # platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
 # remediation = none
-# variables = var_accounts_passwords_pam_faillock_deny=3
+
+{{{ tests_init_faillock_vars("correct") }}}
 
 authselect select sssd --force
 authselect enable-feature with-faillock
@@ -10,7 +11,7 @@ authselect enable-feature with-faillock
 # It means that authselect is not properly configured and may have a unexpected behaviour. The
 # authselect integrity check will fail and the remediation will be aborted in order to preserve
 # intentional changes. In this case, an informative message will be shown in the remediation report.
-sed -i --follow-symlinks 's/\(pam_faillock.so \(preauth silent\|authfail\)\).*$/\1 deny=3/g' /etc/pam.d/system-auth /etc/pam.d/password-auth
+sed -i --follow-symlinks 's/\(pam_faillock.so \(preauth silent\|authfail\)\).*$/\1 '$PRM_NAME'='$TEST_VALUE'/g' /etc/pam.d/system-auth /etc/pam.d/password-auth
 > /etc/security/faillock.conf
-echo "deny = 3" >> /etc/security/faillock.conf
+echo "$PRM_NAME = $TEST_VALUE" >> /etc/security/faillock.conf
 echo "silent" >> /etc/security/faillock.conf
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_disabled.fail.sh b/shared/templates/pam_account_password_faillock/tests/pam_faillock_disabled.fail.sh
similarity index 84%
rename from linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_disabled.fail.sh
rename to shared/templates/pam_account_password_faillock/tests/pam_faillock_disabled.fail.sh
index 67c1b593bdb..b1a88e37a65 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_disabled.fail.sh
+++ b/shared/templates/pam_account_password_faillock/tests/pam_faillock_disabled.fail.sh
@@ -1,7 +1,8 @@
 #!/bin/bash
 # platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle
 # packages = authselect
-# variables = var_accounts_passwords_pam_faillock_deny=3
+
+{{{ tests_init_faillock_vars("correct") }}}
 
 if [ -f /usr/sbin/authconfig ]; then
     authconfig --disablefaillock --update
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_expected_faillock_conf.pass.sh b/shared/templates/pam_account_password_faillock/tests/pam_faillock_expected_faillock_conf.pass.sh
similarity index 73%
rename from linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_expected_faillock_conf.pass.sh
rename to shared/templates/pam_account_password_faillock/tests/pam_faillock_expected_faillock_conf.pass.sh
index e770e300f52..b5d27377a4c 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_expected_faillock_conf.pass.sh
+++ b/shared/templates/pam_account_password_faillock/tests/pam_faillock_expected_faillock_conf.pass.sh
@@ -1,10 +1,11 @@
 #!/bin/bash
 # packages = authselect
 # platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-# variables = var_accounts_passwords_pam_faillock_deny=3
+
+{{{ tests_init_faillock_vars("correct") }}}
 
 authselect select sssd --force
 authselect enable-feature with-faillock
 > /etc/security/faillock.conf
-echo "deny = 3" >> /etc/security/faillock.conf
+echo "$PRM_NAME = $TEST_VALUE" >> /etc/security/faillock.conf
 echo "silent" >> /etc/security/faillock.conf
diff --git a/shared/templates/pam_account_password_faillock/tests/pam_faillock_expected_pam_files.pass.sh b/shared/templates/pam_account_password_faillock/tests/pam_faillock_expected_pam_files.pass.sh
new file mode 100644
index 00000000000..1e315064228
--- /dev/null
+++ b/shared/templates/pam_account_password_faillock/tests/pam_faillock_expected_pam_files.pass.sh
@@ -0,0 +1,7 @@
+#!/bin/bash
+# packages = authconfig
+# platform = Oracle Linux 7,multi_platform_fedora
+
+{{{ tests_init_faillock_vars("correct") }}}
+
+authconfig --enablefaillock --faillockargs="$PRM_NAME=$TEST_VALUE" --update
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_expected_faillock_conf.pass.sh b/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_high_faillock_conf.fail.sh
similarity index 71%
rename from linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_expected_faillock_conf.pass.sh
rename to shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_high_faillock_conf.fail.sh
index 1840cae45af..d900ff868db 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_expected_faillock_conf.pass.sh
+++ b/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_high_faillock_conf.fail.sh
@@ -1,10 +1,11 @@
 #!/bin/bash
 # packages = authselect
 # platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-# variables = var_accounts_passwords_pam_faillock_unlock_time=600
+
+{{{ tests_init_faillock_vars("lenient_high") }}}
 
 authselect select sssd --force
 authselect enable-feature with-faillock
 > /etc/security/faillock.conf
-echo "unlock_time=600" >> /etc/security/faillock.conf
+echo "$PRM_NAME = $TEST_VALUE" >> /etc/security/faillock.conf
 echo "silent" >> /etc/security/faillock.conf
diff --git a/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_high_pam_files.fail.sh b/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_high_pam_files.fail.sh
new file mode 100644
index 00000000000..0cdaee7c0f3
--- /dev/null
+++ b/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_high_pam_files.fail.sh
@@ -0,0 +1,7 @@
+#!/bin/bash
+# packages = authconfig
+# platform = Oracle Linux 7,multi_platform_fedora
+
+{{{ tests_init_faillock_vars("lenient_high") }}}
+
+authconfig --enablefaillock --faillockargs="$PRM_NAME=$TEST_VALUE" --update
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_lenient_faillock_conf.fail.sh b/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_low_faillock_conf.fail.sh
similarity index 73%
rename from linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_lenient_faillock_conf.fail.sh
rename to shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_low_faillock_conf.fail.sh
index fd57152b8c4..bcb8d10028b 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_lenient_faillock_conf.fail.sh
+++ b/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_low_faillock_conf.fail.sh
@@ -1,10 +1,11 @@
 #!/bin/bash
 # packages = authselect
 # platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-# variables = var_accounts_passwords_pam_faillock_deny=3
+
+{{{ tests_init_faillock_vars("lenient_low") }}}
 
 authselect select sssd --force
 authselect enable-feature with-faillock
 > /etc/security/faillock.conf
-echo "deny = 5" >> /etc/security/faillock.conf
+echo "$PRM_NAME = $TEST_VALUE" >> /etc/security/faillock.conf
 echo "silent" >> /etc/security/faillock.conf
diff --git a/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_low_pam_files.fail.sh b/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_low_pam_files.fail.sh
new file mode 100644
index 00000000000..4b1e2802627
--- /dev/null
+++ b/shared/templates/pam_account_password_faillock/tests/pam_faillock_lenient_low_pam_files.fail.sh
@@ -0,0 +1,7 @@
+#!/bin/bash
+# packages = authconfig
+# platform = Oracle Linux 7,multi_platform_fedora
+
+{{{ tests_init_faillock_vars("lenient_low") }}}
+
+authconfig --enablefaillock --faillockargs="$PRM_NAME=$TEST_VALUE" --update
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh b/shared/templates/pam_account_password_faillock/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
similarity index 88%
rename from linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
rename to shared/templates/pam_account_password_faillock/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
index efb57601cb9..56f9acccc80 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
+++ b/shared/templates/pam_account_password_faillock/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
@@ -2,14 +2,15 @@
 # packages = authselect
 # platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
 # remediation = none
-# variables = var_accounts_passwords_pam_faillock_deny=3
+
+{{{ tests_init_faillock_vars("correct") }}}
 
 authselect select sssd --force
 authselect enable-feature with-faillock
 # Ensure the parameters only in /etc/security/faillock.conf
 sed -i --follow-symlinks 's/\(pam_faillock.so \(preauth silent\|authfail\)\).*$/\1/g' /etc/pam.d/system-auth /etc/pam.d/password-auth
 > /etc/security/faillock.conf
-echo "deny = 3" >> /etc/security/faillock.conf
+echo "$PRM_NAME = $TEST_VALUE" >> /etc/security/faillock.conf
 echo "silent" >> /etc/security/faillock.conf
 
 # Multiple instances of pam_unix.so in auth section may, intentionally or not, interfere
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_multiple_pam_unix_pam_files.fail.sh b/shared/templates/pam_account_password_faillock/tests/pam_faillock_multiple_pam_unix_pam_files.fail.sh
similarity index 77%
rename from linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_multiple_pam_unix_pam_files.fail.sh
rename to shared/templates/pam_account_password_faillock/tests/pam_faillock_multiple_pam_unix_pam_files.fail.sh
index 51d94b3333b..5947d7d67a1 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_multiple_pam_unix_pam_files.fail.sh
+++ b/shared/templates/pam_account_password_faillock/tests/pam_faillock_multiple_pam_unix_pam_files.fail.sh
@@ -2,9 +2,10 @@
 # packages = authconfig
 # platform = Oracle Linux 7,multi_platform_fedora
 # remediation = none
-# variables = var_accounts_passwords_pam_faillock_deny=3
 
-authconfig --enablefaillock --faillockargs="deny=3" --update
+{{{ tests_init_faillock_vars("correct") }}}
+
+authconfig --enablefaillock --faillockargs="$PRM_NAME=$TEST_VALUE" --update
 
 # Multiple instances of pam_unix.so in auth section may, intentionally or not, interfere
 # in the expected behaviour of pam_faillock.so. Remediation does not solve this automatically
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_not_required_pam_files.fail.sh b/shared/templates/pam_account_password_faillock/tests/pam_faillock_not_required_pam_files.fail.sh
similarity index 78%
rename from linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_not_required_pam_files.fail.sh
rename to shared/templates/pam_account_password_faillock/tests/pam_faillock_not_required_pam_files.fail.sh
index e3ec96da080..4e4f06004f0 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_not_required_pam_files.fail.sh
+++ b/shared/templates/pam_account_password_faillock/tests/pam_faillock_not_required_pam_files.fail.sh
@@ -2,17 +2,18 @@
 # platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle
 # packages = authselect
 # remediation = none
-# variables = var_accounts_passwords_pam_faillock_deny=3
+
+{{{ tests_init_faillock_vars("correct") }}}
 
 # This test scenario manually modify the pam_faillock.so entries in auth section from
 # "required" to "sufficient". This makes pam_faillock.so behave differently than initially
 # intentioned. We catch this, but we can't safely remediate in an automated way.
 if [ -f /usr/sbin/authconfig ]; then
-    authconfig --enablefaillock --faillockargs="deny=3" --update
+    authconfig --enablefaillock --faillockargs="$PRM_NAME=$TEST_VALUE" --update
 else
     authselect select sssd --force
     authselect enable-feature with-faillock
-    sed -i --follow-symlinks 's/\(pam_faillock.so \(preauth silent\|authfail\)\).*$/\1 deny=3/g' /etc/pam.d/system-auth /etc/pam.d/password-auth
+    sed -i --follow-symlinks 's/\(pam_faillock.so \(preauth silent\|authfail\)\).*$/\1 '$PRM_NAME'='$TEST_VALUE'/g' /etc/pam.d/system-auth /etc/pam.d/password-auth
 fi
 sed -i --follow-symlinks 's/\(^\s*auth\s*\)\(\s.*\)\(pam_faillock\.so.*$\)/\1 sufficient \3/g' /etc/pam.d/system-auth /etc/pam.d/password-auth
 if [ -f /etc/security/faillock.conf ]; then
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_stricter_faillock_conf.pass.sh b/shared/templates/pam_account_password_faillock/tests/pam_faillock_stricter_faillock_conf.pass.sh
similarity index 73%
rename from linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_stricter_faillock_conf.pass.sh
rename to shared/templates/pam_account_password_faillock/tests/pam_faillock_stricter_faillock_conf.pass.sh
index 595b85192da..00846218152 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_stricter_faillock_conf.pass.sh
+++ b/shared/templates/pam_account_password_faillock/tests/pam_faillock_stricter_faillock_conf.pass.sh
@@ -1,10 +1,11 @@
 #!/bin/bash
 # packages = authselect
 # platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
-# variables = var_accounts_passwords_pam_faillock_deny=3
+
+{{{ tests_init_faillock_vars("stricter") }}}
 
 authselect select sssd --force
 authselect enable-feature with-faillock
 > /etc/security/faillock.conf
-echo "deny = 2" >> /etc/security/faillock.conf
+echo "$PRM_NAME = $TEST_VALUE" >> /etc/security/faillock.conf
 echo "silent" >> /etc/security/faillock.conf
diff --git a/shared/templates/pam_account_password_faillock/tests/pam_faillock_stricter_pam_files.pass.sh b/shared/templates/pam_account_password_faillock/tests/pam_faillock_stricter_pam_files.pass.sh
new file mode 100644
index 00000000000..8d52f968e26
--- /dev/null
+++ b/shared/templates/pam_account_password_faillock/tests/pam_faillock_stricter_pam_files.pass.sh
@@ -0,0 +1,7 @@
+#!/bin/bash
+# packages = authconfig
+# platform = Oracle Linux 7,multi_platform_fedora
+
+{{{ tests_init_faillock_vars("stricter") }}}
+
+authconfig --enablefaillock --faillockargs="$PRM_NAME=$TEST_VALUE" --update
diff --git a/shared/templates/pam_account_password_faillock/tests/ubuntu_commented_values.fail.sh b/shared/templates/pam_account_password_faillock/tests/ubuntu_commented_values.fail.sh
new file mode 100644
index 00000000000..6983c7c371e
--- /dev/null
+++ b/shared/templates/pam_account_password_faillock/tests/ubuntu_commented_values.fail.sh
@@ -0,0 +1,8 @@
+#!/bin/bash
+# platform = multi_platform_ubuntu
+
+{{{ tests_init_faillock_vars("correct") }}}
+
+{{{ bash_enable_pam_faillock_directly_in_pam_files() }}}
+
+echo "#$PRM_NAME=$TEST_VALUE" > /etc/security/faillock.conf
diff --git a/shared/templates/pam_account_password_faillock/tests/ubuntu_correct.pass.sh b/shared/templates/pam_account_password_faillock/tests/ubuntu_correct.pass.sh
new file mode 100644
index 00000000000..1d9c8ca036c
--- /dev/null
+++ b/shared/templates/pam_account_password_faillock/tests/ubuntu_correct.pass.sh
@@ -0,0 +1,8 @@
+#!/bin/bash
+# platform = multi_platform_ubuntu
+
+{{{ tests_init_faillock_vars("correct") }}}
+
+{{{ bash_enable_pam_faillock_directly_in_pam_files() }}}
+
+echo "$PRM_NAME=$TEST_VALUE" > /etc/security/faillock.conf
diff --git a/shared/templates/pam_account_password_faillock/tests/ubuntu_correct_pamd.pass.sh b/shared/templates/pam_account_password_faillock/tests/ubuntu_correct_pamd.pass.sh
new file mode 100644
index 00000000000..c65c647089f
--- /dev/null
+++ b/shared/templates/pam_account_password_faillock/tests/ubuntu_correct_pamd.pass.sh
@@ -0,0 +1,9 @@
+#!/bin/bash
+# platform = multi_platform_ubuntu
+
+{{{ tests_init_faillock_vars("correct") }}}
+
+{{{ bash_enable_pam_faillock_directly_in_pam_files() }}}
+
+sed -i 's/\(.*pam_faillock.so.*\)/\1 '$PRM_NAME'='$TEST_VALUE'/g' /etc/pam.d/common-auth
+
diff --git a/shared/templates/pam_account_password_faillock/tests/ubuntu_correct_stricter.pass.sh b/shared/templates/pam_account_password_faillock/tests/ubuntu_correct_stricter.pass.sh
new file mode 100644
index 00000000000..20f3dc84980
--- /dev/null
+++ b/shared/templates/pam_account_password_faillock/tests/ubuntu_correct_stricter.pass.sh
@@ -0,0 +1,8 @@
+#!/bin/bash
+# platform = multi_platform_ubuntu
+
+{{{ tests_init_faillock_vars("stricter") }}}
+
+{{{ bash_enable_pam_faillock_directly_in_pam_files() }}}
+
+echo "$PRM_NAME=$TEST_VALUE" > /etc/security/faillock.conf
diff --git a/shared/templates/pam_account_password_faillock/tests/ubuntu_empty_faillock_conf.fail.sh b/shared/templates/pam_account_password_faillock/tests/ubuntu_empty_faillock_conf.fail.sh
new file mode 100644
index 00000000000..6e03271b6d2
--- /dev/null
+++ b/shared/templates/pam_account_password_faillock/tests/ubuntu_empty_faillock_conf.fail.sh
@@ -0,0 +1,8 @@
+#!/bin/bash
+# platform = multi_platform_ubuntu
+
+{{{ tests_init_faillock_vars("correct") }}}
+
+{{{ bash_enable_pam_faillock_directly_in_pam_files() }}}
+
+echo > /etc/security/faillock.conf
diff --git a/shared/templates/pam_account_password_faillock/tests/ubuntu_lenient_high.fail.sh b/shared/templates/pam_account_password_faillock/tests/ubuntu_lenient_high.fail.sh
new file mode 100644
index 00000000000..3eac17028ee
--- /dev/null
+++ b/shared/templates/pam_account_password_faillock/tests/ubuntu_lenient_high.fail.sh
@@ -0,0 +1,8 @@
+#!/bin/bash
+# platform = multi_platform_ubuntu
+
+{{{ tests_init_faillock_vars("lenient_high") }}}
+
+{{{ bash_enable_pam_faillock_directly_in_pam_files() }}}
+
+echo "$PRM_NAME=$TEST_VALUE" > /etc/security/faillock.conf
diff --git a/shared/templates/pam_account_password_faillock/tests/ubuntu_lenient_low.fail.sh b/shared/templates/pam_account_password_faillock/tests/ubuntu_lenient_low.fail.sh
new file mode 100644
index 00000000000..fbb76961a61
--- /dev/null
+++ b/shared/templates/pam_account_password_faillock/tests/ubuntu_lenient_low.fail.sh
@@ -0,0 +1,8 @@
+#!/bin/bash
+# platform = multi_platform_ubuntu
+
+{{{ tests_init_faillock_vars("lenient_low") }}}
+
+{{{ bash_enable_pam_faillock_directly_in_pam_files() }}}
+
+echo "$PRM_NAME=$TEST_VALUE" > /etc/security/faillock.conf
diff --git a/shared/templates/pam_account_password_faillock/tests/ubuntu_missing_pamd.fail.sh b/shared/templates/pam_account_password_faillock/tests/ubuntu_missing_pamd.fail.sh
new file mode 100644
index 00000000000..edfa5613095
--- /dev/null
+++ b/shared/templates/pam_account_password_faillock/tests/ubuntu_missing_pamd.fail.sh
@@ -0,0 +1,6 @@
+#!/bin/bash
+# platform = multi_platform_ubuntu
+
+{{{ tests_init_faillock_vars("correct") }}}
+
+echo "$PRM_NAME=$TEST_VALUE" > /etc/security/faillock.conf
diff --git a/shared/templates/pam_account_password_faillock/tests/ubuntu_multiple_pam_unix.fail.sh b/shared/templates/pam_account_password_faillock/tests/ubuntu_multiple_pam_unix.fail.sh
new file mode 100644
index 00000000000..7937ecf2862
--- /dev/null
+++ b/shared/templates/pam_account_password_faillock/tests/ubuntu_multiple_pam_unix.fail.sh
@@ -0,0 +1,13 @@
+#!/bin/bash
+# platform = multi_platform_ubuntu
+# remediation = none
+
+{{{ tests_init_faillock_vars("correct") }}}
+
+{{{ bash_enable_pam_faillock_directly_in_pam_files() }}}
+
+# Multiple instances of pam_unix.so in auth section may, intentionally or not, interfere
+# in the expected behaviour of pam_faillock.so. Remediation does not solve this automatically
+# in order to preserve intentional changes.
+
+sed -i '/# end of pam-auth-update config/i\auth        sufficient       pam_unix.so' /etc/pam.d/common-auth
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/ubuntu_wrong_value.fail.sh b/shared/templates/pam_account_password_faillock/tests/ubuntu_wrong_value.fail.sh
similarity index 100%
rename from linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/ubuntu_wrong_value.fail.sh
rename to shared/templates/pam_account_password_faillock/tests/ubuntu_wrong_value.fail.sh