1748140 Members
3752 Online
108758 Solutions
New Discussion юеВ

Re: Lock User

 
P Vel
Occasional Advisor

Lock User

Hi Gurus,

I am a novice in HP-UX. Please help me.
How to find the user status? Whether it is locked or not? How to lock the user and unlock the user? Any differences are there in command among the OS releases?

Thanks in advance...
10 REPLIES 10
sarfaraj ahmad
Trusted Contributor

Re: Lock User

Hi,

you can lock the user by below command in untrusted system.

Use the following command to lock the user account:
# passwd -l


lock/unlock account user id on HP-UX trusted system

/usr/lbin/getprpw useraccount

unlock / enable / reactivate:
/usr/lbin/modprpw -k useraccount

lock/expire password:
/usr/lbin/modprpw -e useraccount

Do not use a capital E, as it will expire the password on all user accounts.

Also you can find the user status through SAM. when you select the user and go in action, will get the option unlock if user is currently locked and option lock if user is active in present.

Rgds,
P Vel
Occasional Advisor

Re: Lock User

What is Truster/Untrusted system?

How to convert from trusted to untrusted, and untrusted to trusted system?

Thanks...
Manix
Honored Contributor

Re: Lock User

Untrusting:

# /usr/lbin/tsconvert -r

Trusting

# /usr/lbin/tsconvert

Unexpiring all passwords (all passwords are automatically expired when trusting a system):

# /usr/lbin/modprpw -V
HP-UX been always lovable - Mani Kalra
Manix
Honored Contributor

Re: Lock User

Read what are trusted systems.

Thanks
Manix
HP-UX been always lovable - Mani Kalra
Ismail Azad
Esteemed Contributor

Re: Lock User

Hi vel,

> How to find the user status?

By user status , I am guessing account status. Execute # passwd -sa. This will give you if the account is locked or passworded. It will give you this output.... PS for passworded and LK for locked. You can also see per user if account is locked by giving the user as the argument. If your sytem is UNTRUSTED {by that i mean is not a trusted system} a * would also say that the account is locked. However on TS you would see all the accounts having a * in the encrypted password field { the second field when you execute cat /etc/passwd }. The other commands mentioned by the other forumers modprpw/getprpw are specific to trusted systems.

Regards
Ismail Azad
Read, read and read... Then read again until you read "between the lines".....

Re: Lock User

If your system isn't trusted already, then you certainly shouldn't be making it trusted now... the "trusted system" components of HP-UX will be deprecated in a future release, so I wouldn't entertain making any system that is currently not trusted into a trusted one.

Note pretty much all the functionality that was available only in trusted mode on older versions of HP-UX is available in standard mode on HP-UX11iv3.

HTH

Duncan

I am an HPE Employee
Accept or Kudo
madhuchakkaravarthy
Trusted Contributor

Re: Lock User

in trusted system u can also lock user by

/usr/lbin/modprpw -m alock=yes -k username

to unlock

/usr/lbin/modprpw -m alock=no -k username

regards

MC
DeafFrog
Valued Contributor

Re: Lock User

Hi ,

@Madhu :

# /usr/lbin/modprpw -m alock=yes -k apple
modprpw: invalid value - usrpick=yes
---think it should be like this :
# /usr/lbin/modprpw -l -m alock=YES apple ##lock the account of apple
# /usr/lbin/getprpw -r -m lockout apple ##check if lock,
0000010 ##a "1" indicates it's locked(at different position ,
it means lockout due to differnt reason)
#/usr/lbin/modprpw -l -m alock=NO apple ##to unlock
(or simply /usr/lbin/modprpw -k apple)

Regards,
FrogIsDeaf
Hakki Aydin Ucar
Honored Contributor

Re: Lock User

To see a specific user is Locked or not;
# passwd -s user_name

To see all user status;
# passwd -sa