- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- MODPRPW password aging - redux..
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-14-2009 07:53 AM
тАО05-14-2009 07:53 AM
I have a school district I need to force a warning and day to expire, with a password life of 90 days.. I don't want to do force expire..
Can someone provide the
/usr/lbin/modprpw command to do that..
Say I want to force the expiration in 5 days with 5 days warning, and have then set the password life to 90..
My initial script is such
while read UUNAME X
do
/usr/lbin/modprpw -e -m exptm=120 ${UUNAME}
done < /tmp/esupass2.txt
if I use the -e it zeros time to change and locks the account. I believe I want to modify using the -l
Can someone provide insight, suggestions or methods? I'd appreciate it..
Rex
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-14-2009 08:04 AM
тАО05-14-2009 08:04 AM
Re: MODPRPW password aging - redux..
For a normal system, you can use command:
passwd -m -x -n ... to set them up.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-14-2009 09:22 AM
тАО05-14-2009 09:22 AM
Re: MODPRPW password aging - redux..
i have to do it by users, I can't define it by system, because the system houses multiple districts with differing policies.
I need to do it with the modprpw command from a userlist for each district.
I wish I could do it systemwide, but the political climate varies from school to school..
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-14-2009 12:22 PM
тАО05-14-2009 12:22 PM
Solution/usr/lbin/modprpw -m exptm=120 ${UUNAME}
as the -l makes the change for local user while -n is available for nis.
the examples show:
modprpw -m mintm=12,syspnpw=NO,syschpw=YES someusr
-and-
modprpw -m timeod=Mo1700-2100,Fr1700-2100,Su0500-0900 joeblow
both of which modify parms on existing users.
I can't test it, but you might try dummying up an account an give it a shot???
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-14-2009 12:33 PM
тАО05-14-2009 12:33 PM
Re: MODPRPW password aging - redux..
field1=var,field2=var
I don't want to expire now, I want to "warn" and expire in X days..
I am thinking it should look like this..
modprpw -m exptm=X,expwarn=Y username
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-20-2009 11:40 AM
тАО05-20-2009 11:40 AM
Re: MODPRPW password aging - redux..
I am re-do one of our districts to get on a 90 password life time.
I want to use the modprpw to do it.. My thought is using the following command to read a user list in from STDIN,
/usr/lbin/modprpw ├в e -m lftm=90,exptm=5,expwarn=5 ${UUNAME}
done < mpsuser.txt
My question is do I need the "exptm?" If I am forcing with a "-e" ?
exptm=value
database u_exp=(value*86400).
Set password expiration time interval (days). 0 = expired. Same as non-trusted mode maximum time.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-20-2009 10:34 PM
тАО05-20-2009 10:34 PM
Re: MODPRPW password aging - redux..
if u system is trusted u can use modprpw and getprpw etc...this is available only in trusted system
thanks and regards
Sajjad Sahir
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-21-2009 05:09 AM
тАО05-21-2009 05:09 AM
Re: MODPRPW password aging - redux..
My question is do I need the "exptm?" If I am forcing with a "-e" ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-21-2009 07:08 AM
тАО05-21-2009 07:08 AM
Re: MODPRPW password aging - redux..
I doubt it. this appears to require the password change every 5 days, and you get five days warning...at 90 days, the account locks.
Assuming you want the users to change their passwords every 90 days and get warned 5 days before, something like:
/usr/lbin/modprpw -e -m exptm=90,expwarn=5
appears to be what you want.
the -e should force them to change their password the next time they attempt to login.
the exptm will required changes every 90 days going forward
the expwarn should give them 5 days notice
(however I've not tested this)
======================================================
"I want to use the modprpw to do it.. My thought is using the following command to read a user list in from STDIN,
/usr/lbin/modprpw -e -m lftm=90,exptm=5,expwarn=5 ${UUNAME}
done < mpsuser.txt"
uh...no. modprpw only wants one user name. you will have to write a little script the reads your file and loops, running modprpw once for each user read.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-21-2009 07:20 AM
тАО05-21-2009 07:20 AM
Re: MODPRPW password aging - redux..
That is the ticket!!
I Want to force a change now, then at Day 85 of 90 I want to WARN users of the pending action again..
I do have a WHILE script written to cat the username into the command..
while read UUNAME X
do
/usr/lbin/modprpw -m exptm=90,expwarn=5 ${UUNAME}
done < mpsuser.txt
My question is do I need to set the EXPWARN at Day 85 (i.e. expwarn=85, or expwarn=5)
Your thoughts? Don't want an annoying Warning for 85 days.