- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: Password expiry on 11iv3 standard mode with SM...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-06-2016 10:36 AM
04-06-2016 10:36 AM
Password expiry on 11iv3 standard mode with SMSE security extensions
Hello,
We are replacing an 11iv2 trusted mode box with an 11iv3 standard mode box having the SMSE security extensions.
On our old box we had a script that ran nightly out of cron and sent me an email warning of upcoming account password expirations.
I need to find a method for doing that task on the new server under 11iv3 SMSE.
The command "login -x" shows when the password was last changed. Maybe I can find the days increment for when that user is going to expire?
(How come the people who invent these systems never think of the most obvious questions a sysadmin might ask, like "when is this account's password going to expire?" ??)
- Tags:
- Password
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-07-2016 10:17 AM
04-07-2016 10:17 AM
Re: Password expiry on 11iv3 standard mode with SMSE security extensions
I was working on a script to parse the output of 'logins -x' command and the /etc/default/security file entry for PASSWORD_MAXDAYS. I calculate the date that the password should expire.
Having done that, I see that at least two accounts on the system already have exceeded PASSWORD_MAXDAYS and no warnings or account locking has happened.
So I'm scouring the man pages for security, userdb, logins, passwd...
When do the system-wide defaults in /etc/default/security get applied?
Does 'passwd -s' and similar commands interact with userdb?
Why don't the system-wide defaults show up when I run a userdbget?
If the root user changes someone's password for them, is does that invoke the system-wide defaults or does the root user then have to run 'passwd -x' to set a future date for password expiration?
As root I ran 'passwd -x 90 <username>' but 'logins -x' didn't change, but 'passwd -s <username> did change.
Could someone please point me to a comprehensive document that tells how this pile of parts can be made to work together?