Security
cancel
Showing results for 
Search instead for 
Did you mean: 

SAM Unable to modify Password Options Aging on 11.11 non-trusted

 
SOLVED
Go to solution
paolo crosara
Occasional Advisor

SAM Unable to modify Password Options Aging on 11.11 non-trusted

I cannot migrate the HP-UX 11.11 system to TRUSTED. So I want to modify Password Options for each user Enabling Password Aging with expiration 12 weeks. It is allowed on non-trusted. I am doing that as "root". The system apparently accepts the change for each user but if I check againg I find all the Users with "No Restriction (Normal behavior)". Why the O/S does not allow root to make the change? Tkx
5 REPLIES 5
A. Clay Stephenson
Acclaimed Contributor

Re: SAM Unable to modify Password Options Aging on 11.11 non-trusted

Why would you want to do this in SAM? It will take forever. Instead write a simple script:

#!/usr/bin/sh

typeset -i DAYS=84
typeset U=''

awk -F ':' '{if (($3 + 0) >= 101) {print $1}' /etc/passwd | while read U
do
echo "User: ${U}"
passwd -x ${DAYS} ${U}
done
-----------------------------------
This will set all regular users (UID's >= 101) with a 12 week expiration.
If it ain't broke, I can fix that.
Steven E. Protter
Exalted Contributor
Solution

Re: SAM Unable to modify Password Options Aging on 11.11 non-trusted

Shalom,

SAM has a option to let you view the commands it has run based on your choice. You can then take this code and test it to see what went wrong.

A script is a much better way to do this however. I use sam for single task's where I don't know the command to do the job and to let operators and such do limited things I don't like to do.

If you want to modify one user,sam is fine. If you want modify them all, use A. Clay's script.

According to my recollection what you are trying to do should work. Perhaps there is a problem with sam. Have you installed the latest sam patches?

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
A. Clay Stephenson
Acclaimed Contributor

Re: SAM Unable to modify Password Options Aging on 11.11 non-trusted

... and even if I were going to do this to only a few users, I would write a simple script (well, two scripts; one to generate a list of potentential users that would be edited; and a seconds script to set the password expirations.

-----------------------------

awk -F ':' '{if (($3 + 0) >= 101) {print $1}' /etc/passwd | sort > mylist

Now use vi to edit "mylist" to remove users that you don't want to modify and ...


#!/usr/bin/sh

typeset -i DAYS=84
typeset U=''

cat mylist | while read U
do
echo "User: ${U}"
passwd -x ${DAYS} ${U}
done

... and yes, I know the "cat mylist |" spawns an extra process but Big Woo.
-----------------------------------
-----------------------------------
If it ain't broke, I can fix that.
paolo crosara
Occasional Advisor

Re: SAM Unable to modify Password Options Aging on 11.11 non-trusted

I installed the SAM CUM patch PHCO_35520 and SAM is now able to modify the password aging again. So thanks a lot !!
paolo crosara
Occasional Advisor

Re: SAM Unable to modify Password Options Aging on 11.11 non-trusted

Problem closed