https://community.hpe.com/t5/operating-system-hp-ux/password-options-in-hpux-10-20/m-p/3493968#M215480 Hi Darren &amp; Bill,<BR />What is the patch no. for SAM ? and both the systems are not trusted means /tcb directory doesn't exists.<BR />Regards,<BR />Mahadev Tue, 01 Mar 2005 00:57:19 GMT Mahadev Pednekar 2005-03-01T00:57:19Z https://community.hpe.com/t5/operating-system-hp-ux/password-options-in-hpux-10-20/m-p/3493961#M215473 Hi,<BR />I have a server installed with HPUX 10.20 and when trying to change the password of user through SAM, I am not able to get checkbox for "Force Password Change At Next Logon" in password option window. Is there any patch required for this issue ?.<BR /><BR />Regards,<BR />Mahadev Sun, 27 Feb 2005 09:47:38 GMT https://community.hpe.com/t5/operating-system-hp-ux/password-options-in-hpux-10-20/m-p/3493961#M215473 Mahadev Pednekar 2005-02-27T09:47:38Z https://community.hpe.com/t5/operating-system-hp-ux/password-options-in-hpux-10-20/m-p/3493962#M215474 Hi Mahadev,<BR /><BR />Can you try the passwd -f option to Force user to change password upon next login by expiring the current password.<BR /><BR />Regards,<BR />Syam<BR /> Sun, 27 Feb 2005 10:02:23 GMT https://community.hpe.com/t5/operating-system-hp-ux/password-options-in-hpux-10-20/m-p/3493962#M215474 Ranjith_5 2005-02-27T10:02:23Z https://community.hpe.com/t5/operating-system-hp-ux/password-options-in-hpux-10-20/m-p/3493963#M215475 The location for changing specific user security policies (such as requiring a password change at next login) are found at:<BR /> <BR />SAM -&gt; Accounts for Users.. -&gt; Users<BR /> <BR />Select the user, then select:<BR /> <BR />Actions -&gt; Modify Security Policies... -&gt; Password Aging Policies<BR /> <BR />Then check the box for: Expire Password Immediately<BR /> <BR />Expiring the password will force the user to change their password at the next login. Sun, 27 Feb 2005 20:16:51 GMT https://community.hpe.com/t5/operating-system-hp-ux/password-options-in-hpux-10-20/m-p/3493963#M215475 Bill Hassell 2005-02-27T20:16:51Z https://community.hpe.com/t5/operating-system-hp-ux/password-options-in-hpux-10-20/m-p/3493964#M215476 Mahadev,<BR /><BR />I dont think you can set the policies unless you make the system trusted. The options that Mr.Bill pointed, can only be used after making the system trusted.<BR /><BR />Regards,<BR />Syam Mon, 28 Feb 2005 03:55:38 GMT https://community.hpe.com/t5/operating-system-hp-ux/password-options-in-hpux-10-20/m-p/3493964#M215476 Ranjith_5 2005-02-28T03:55:38Z https://community.hpe.com/t5/operating-system-hp-ux/password-options-in-hpux-10-20/m-p/3493965#M215477 Hi Syam,<BR />You are right, set up polices can be done only when system is trusted. I havn't tried with passwd -f option. But the question is why that check box is not appearing where else check box is appearing in another server with o/s 10.2. Is there any patch required for this.<BR />regds,<BR />Mahadev Mon, 28 Feb 2005 04:12:59 GMT https://community.hpe.com/t5/operating-system-hp-ux/password-options-in-hpux-10-20/m-p/3493965#M215477 Mahadev Pednekar 2005-02-28T04:12:59Z https://community.hpe.com/t5/operating-system-hp-ux/password-options-in-hpux-10-20/m-p/3493966#M215478 Hi Mahadev,<BR /><BR />I'd advise you to ensure that your SAM and trusted patches are the latest versions. Please also bear in mind that 10.20 is an obsolete operating system, so you shouldn't expect any future patches.<BR /><BR />regards,<BR /><BR />Darren. Mon, 28 Feb 2005 07:58:21 GMT https://community.hpe.com/t5/operating-system-hp-ux/password-options-in-hpux-10-20/m-p/3493966#M215478 Darren Prior 2005-02-28T07:58:21Z https://community.hpe.com/t5/operating-system-hp-ux/password-options-in-hpux-10-20/m-p/3493967#M215479 Security policies are meaningless on a standard system. Your system must be Trustted for any of the policies to be displayed. The only way to force a password change on the next login (for a standard system is to change the password aging manually in the passwd file. Change the aging component to: .. as in:<BR /> <BR />billh:ul5dmLHEJxNfw,A203:103:20<BR /> <BR />to<BR /> <BR /> <BR />billh:ul5dmLHEJxNfw,..:103:20<BR /> <BR />Your other system which does have the password expiration option may have the directory /tcb...if so, then that system is indeed Trusted. Mon, 28 Feb 2005 16:49:16 GMT https://community.hpe.com/t5/operating-system-hp-ux/password-options-in-hpux-10-20/m-p/3493967#M215479 Bill Hassell 2005-02-28T16:49:16Z https://community.hpe.com/t5/operating-system-hp-ux/password-options-in-hpux-10-20/m-p/3493968#M215480 Hi Darren &amp; Bill,<BR />What is the patch no. for SAM ? and both the systems are not trusted means /tcb directory doesn't exists.<BR />Regards,<BR />Mahadev Tue, 01 Mar 2005 00:57:19 GMT https://community.hpe.com/t5/operating-system-hp-ux/password-options-in-hpux-10-20/m-p/3493968#M215480 Mahadev Pednekar 2005-03-01T00:57:19Z https://community.hpe.com/t5/operating-system-hp-ux/password-options-in-hpux-10-20/m-p/3493969#M215481 Mahadev,<BR /><BR />Can you tell me the method you are following to get this options pls.<BR /><BR />the tcb directory is created during the process of trusting. So check whether the other machine is trusted. You can see your /etc/passwd file to verify this.<BR /><BR />#cat /etc/passwd wiil give the similar output as follows. Means All the users will be having * in the password field instead of encrypted characters.<BR /><BR />root:*:0:3::/:/sbin/sh<BR />daemon:*:1:5::/:/usr/bin/false<BR />bin:*:2:2::/usr/bin:/usr/bin/false<BR />sys:*:3:3::/:/usr/bin/false<BR />adm:*:4:4::/var/adm:/usr/bin/false<BR />uucp:*:5:3::/var/spool/uucppublic:/usr/bin/false<BR />lp:*:9:7::/var/spool/lp:/usr/bin/false<BR />nuucp:*:11:11::/var/spool/uucppublic:/usr/bin/false<BR />hpdb:*:27:1:ALLBASE:/:/usr/bin/false<BR />www:*:30:1::/:/usr/bin/false<BR /><BR />See SAM cumulative patch is installed / not.<BR /><BR />#show_patches|grep -i sam<BR /><BR />verify too <BR />#check_patches<BR /><BR />Cumulative sam patches for hp 10.20 are still available @ itrc.See this.Check all are there in your system.search in ITRC patch database.<BR /><BR /><BR /><BR />Regards,<BR />Syam Tue, 01 Mar 2005 02:20:37 GMT https://community.hpe.com/t5/operating-system-hp-ux/password-options-in-hpux-10-20/m-p/3493969#M215481 Ranjith_5 2005-03-01T02:20:37Z https://community.hpe.com/t5/operating-system-hp-ux/password-options-in-hpux-10-20/m-p/3493970#M215482 Mahadev,<BR /><BR />I could find something. Force password change options will be available only in non-trusted systems as per my observations. Check whether your system is trusted or not. Else you will need to remove trusting for this option to make available.<BR /><BR />Reply with your observations.<BR /><BR />Regards,<BR />Syam Tue, 01 Mar 2005 02:33:11 GMT https://community.hpe.com/t5/operating-system-hp-ux/password-options-in-hpux-10-20/m-p/3493970#M215482 Ranjith_5 2005-03-01T02:33:11Z https://community.hpe.com/t5/operating-system-hp-ux/password-options-in-hpux-10-20/m-p/3493971#M215483 Hi Mahadev,<BR /><BR />The latest patches for SAM and trusted for 10.20 are PHCO_8246, PHCO_8247, PHCO_12236, PHCO_17218, PHCO_22268. Please read the patch text for each of these, and also check for any required dependencies. There may well be other patches that you require too.<BR /><BR />regards,<BR /><BR />Darren. Tue, 01 Mar 2005 05:04:00 GMT https://community.hpe.com/t5/operating-system-hp-ux/password-options-in-hpux-10-20/m-p/3493971#M215483 Darren Prior 2005-03-01T05:04:00Z https://community.hpe.com/t5/operating-system-hp-ux/password-options-in-hpux-10-20/m-p/3493972#M215484 Hi Syam &amp; Darren,<BR />Both the systems are not trusted and verified by Syam method, also SAM cumulative patches are installed on both systems. As per Darren except PHCO_17218 &amp; PHCO_22268 all patches are installed on both the system. I have verified the patches by command <BR />#swlist -l fileset|grep -i <PATCH no.="">.<BR /><BR />regds,<BR />Mahadev</PATCH> Wed, 02 Mar 2005 03:09:47 GMT https://community.hpe.com/t5/operating-system-hp-ux/password-options-in-hpux-10-20/m-p/3493972#M215484 Mahadev Pednekar 2005-03-02T03:09:47Z