https://community.hpe.com/t5/operating-system-hp-ux/password-aging-expiration-causing-lockout-in-database-session/m-p/4263900#M734262 OS: HP-UX B.11.23 U ia64<BR />Security: Trusted System<BR /><BR />I'm running into an issue with password aging. Issue is that the password expiration time will occur while the user is logged in (yes - they ignore the change password prompting) which will cause the database authentication to fail and locks their database/application. What I want to know is if it is possible to set the expiration time to be 12am – so when the user logs in on the day of expiration – they will be forced to change it right then. I understand I can add logic to check and set all this in the login scripts – however, I’d prefer to do this in the security settings.<BR /><BR />Thanks!<BR /> Fri, 05 Sep 2008 15:32:08 GMT Geoff Lawson 2008-09-05T15:32:08Z https://community.hpe.com/t5/operating-system-hp-ux/password-aging-expiration-causing-lockout-in-database-session/m-p/4263900#M734262 OS: HP-UX B.11.23 U ia64<BR />Security: Trusted System<BR /><BR />I'm running into an issue with password aging. Issue is that the password expiration time will occur while the user is logged in (yes - they ignore the change password prompting) which will cause the database authentication to fail and locks their database/application. What I want to know is if it is possible to set the expiration time to be 12am – so when the user logs in on the day of expiration – they will be forced to change it right then. I understand I can add logic to check and set all this in the login scripts – however, I’d prefer to do this in the security settings.<BR /><BR />Thanks!<BR /> Fri, 05 Sep 2008 15:32:08 GMT https://community.hpe.com/t5/operating-system-hp-ux/password-aging-expiration-causing-lockout-in-database-session/m-p/4263900#M734262 Geoff Lawson 2008-09-05T15:32:08Z https://community.hpe.com/t5/operating-system-hp-ux/password-aging-expiration-causing-lockout-in-database-session/m-p/4263901#M734263 Set it the first time at 12am.<BR /><BR />Then x days later it will expire at 12am. ( I think )<BR /><BR />Really not sure if the expiration clock uses hours or just days.<BR /><BR />Why not try it. Set up a new login, set it to expire in a day. Login an hour or so before the creation and see if it is expired. log in a hour or so after the creation time and see if it is expired.<BR /><BR /><BR /><BR /> Fri, 05 Sep 2008 15:36:10 GMT https://community.hpe.com/t5/operating-system-hp-ux/password-aging-expiration-causing-lockout-in-database-session/m-p/4263901#M734263 Tim Nelson 2008-09-05T15:36:10Z https://community.hpe.com/t5/operating-system-hp-ux/password-aging-expiration-causing-lockout-in-database-session/m-p/4263902#M734264 Great suggestion - I'll try that. <BR /><BR />My concern is the clock will change when they reset their password at 9am the next change - I wonder if the following expiration will occur at 9am - causing the lock again.<BR /><BR />I did find reference to an option with modprpw that may work out well:<BR /><BR />modprpw:<BR /><BR /> -V This option is specified WITHOUT a user name to<BR /> "validate/refresh" all user's passwords. It goes through the<BR /> protected password database and sets the successful change time<BR /> to the current time for all users. The result is that all user's<BR /> password aging restarts at the current time.<BR /><BR /> May be combined with one of -l or -n options. Fri, 05 Sep 2008 15:53:10 GMT https://community.hpe.com/t5/operating-system-hp-ux/password-aging-expiration-causing-lockout-in-database-session/m-p/4263902#M734264 Geoff Lawson 2008-09-05T15:53:10Z