- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: SECURITY CONFIGURATION
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-27-2012 04:06 AM
04-27-2012 04:06 AM
Hi guys,
Im configuring security parameters on some hpux v2 servers and as per the client request, they want to have dormant account disabled after some period of days and through my research i came across this command "usermod –f 10 username" but this command is usded on individual users but they want to configure it like they have on their Sun Solaris boxes where by a script is been writen on the system that will bind any user that is created on the system. So can i have a script in hpux that i can put in a file that will disable dormant account after some period of time without using this command on the individual users ??
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-09-2012 09:26 PM
05-09-2012 09:26 PM
Re: SECURITY CONFIGURATION
Is this system with default, enhanced or trusted security?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-10-2012 03:37 AM
05-10-2012 03:37 AM
Re: SECURITY CONFIGURATION
hio boss,
if i may understand you clearly there is one security configuration that require me changing the system into trusted mode which i deed so curently the system is in a trusted mode.hope ive given you the information you need.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-10-2012 08:28 AM
05-10-2012 08:28 AM
SolutionIn trusted mode, global default values for account aging parameters are stored in /tcb/files/auth/system/default.
The easiest way to modify the defaults would be to use SAM (Auditing and Security -> System Security Policies -> General User Account Policies -> Lock Inactive Accounts), but you also could use the /usr/lbin/modprdef command:
/usr/lbin/modprdef -m llog=10
See also: "man prpwd", "man security", "man modprpw", "man getprpw".
In trusted mode, each user can optionally have custom settings that override the system-wide defaults. Only root (or some user authorized to use Restricted SAM, or a RBAC-privileged user if you use RBAC) can configure those custom settings. For example, if the CEO (account: bigboss) requires a different aging time value, you could run:
/usr/lbin/modprpw -m llog=20 bigboss
Setting any modprpw attribute to "-1" means "use the system-wide defaults for this user".