cancel
Showing results for 
Search instead for 
Did you mean: 

Username Lock and status

SOLVED
Go to solution
P Arumugavel
Respected Contributor

Username Lock and status

Hi experts,
How to lock/enable a user and how to know the status of the user in a trusted/untrusted system.
Regds.
4 REPLIES
Aneesh Mohan
Honored Contributor

Re: Username Lock and status


Hi ,

If you can read man passwd/modprpw/getprpw you are done with asked question.

Anyway ,please find the below answers ..

Lock
=====

passwd -l username Un trusted and Trusted system)

Lock user account. In untrusted mode this replaces the encrypted password with *.

Unlock / Enable
===============

passwd username (untrusted)

Unlock user account by resetting password (Since this is an untrusted system, passwd -l replaces the passwd hash with '*' so that the process is not reversible)


/usr/lbnin/modprpw -k username (trusted)

-k To unlock/enable a user's account that has become disabled,except when the lock is due to a missing password or * password.


Status:-
=========

Untrusted System:-

cat /etc/passwd |awk '/^username/'|cut -f 2 -d :

O/p is a string , then it is a valid account.

o/p is a * , then it is a locked / disabled account.



Trusted System:-

#/usr/lbin/getprpw username

Check alock if alock=no then account is a valid , alock=YES means Locked account.


Aneesh
Raj D.
Honored Contributor
Solution

Re: Username Lock and status

Vel-UX,

>How to lock/enable a user and how to know the status of the user in a trusted/untrusted system.

- In a trusted system:
A] To see if a user locked out: use:
# /usr/lbin/getprpw username
-- Look for the lockout field , if it is 1 , then it is locked, 0 means not locked.

- To unlock use:
# /usr/lbin/modprpw -k username

- user getprpw again to see the user "lockout" status. 0 means ok.


B] In non-trusted mode if user account locked or deacitvate you can reactivate using SAM--> user --> Reactivate.


Cheers.,
Raj.
" If u think u can , If u think u cannot , - You are always Right . "
singh sanjeev
Trusted Contributor

Re: Username Lock and status

How to lock/enable a user

On trusted system
locking a user account:
/usr/lbin/modprpw -m alock=yes

Enable account:
/usr/lbin/modprpw -k -l
extend the Life of account
/usr/lbin/modprpw -v -l

On Untrusted system:

Locking a user:

passwd -l account

enabling the account:
#passwd

Sanjeev Singh
madhuchakkaravarthy
Trusted Contributor

Re: Username Lock and status

hi

in trusted system

if u lock a user with passwd -i option

u can do it with

/usr/lbin/modprpw -k username

but if it is a admin lock u cant

so use

/usr/lbin/modprpw -k -m alock=NO usrname

to enable admin lock
/usr/lbin/modprpw -v -m alock=YES username

to check status

use getprpw -l username
check the fiag alock status

in untrusted sys

passwd -l username

to enable it

passwd -d username

or

passwd -f username

to check status

passwd -s username

pw=passworded, NP no pwd , LK locked

regards

MC