HPE Community read-only access December 15, 2018
This is a maintenance upgrade. You will be able to read articles and posts, but not post or reply.
Hours:
Dec 15, 4:00 am to 10:00 am UTC
Dec 14, 10:00 pm CST to Dec 15, 4:00 am CST
Dec 14, 8:00 pm PST to Dec 15, 2:00 am PST
System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

disabling user account expiry

 
himacs
Super Advisor

disabling user account expiry

Hi Admins,

I believe passwd aging and user account aging are 2 different things.
I want to disable user acoount expiration in both trusted and non-trusted nodes.

Please suggest on this.

Regards
himacs
8 REPLIES

Re: disabling user account expiry

>I want to disable user account expiration in both trusted and non-trusted nodes.

The non-trusted default doesn't have account expiration, only password.
Jim Walls
Trusted Contributor

Re: disabling user account expiry

On Trusted systems:
man modprpw

You could use the following:
/usr/lbin/modprpw -m mintm=0,exptm=0,lftm=0,expwarn=0,umaxlntr=0

Jim Walls
Trusted Contributor

Re: disabling user account expiry

Uhhh... better also supply the username ;O)

/usr/lbin/modprpw -m mintm=0,exptm=0,lftm=0,expwarn=0,umaxlntr=0

Johnson Punniyalingam
Honored Contributor

Re: disabling user account expiry

man passwd

-X

if not comfortable with commands You can use "SAM" For Non-trusted System

You Use SAM -> Accounts for Users and Groups ->Users ->Select Username->Actions->Modify->Modify Password Options ->Select-> No Restrictions (Normal Behaviour)
Problems are common to all, but attitude makes the difference
AVV
Super Advisor

Re: disabling user account expiry

Hi,


If I am true, in non trusted machines, you can disable the aging by

passwd -x -1 username


saran2010
Occasional Advisor

Re: disabling user account expiry

Hi Himacs

Greetings for the day!!

If your system is trusted

you can also check with
/usr/lbin/getprpw username

1. For disabling the passwd aging for some users, you can use

/usr/lbin/modprpw -m mintm=0 username
/usr/lbin/modprpw -m exptm=0 username
/usr/lbin/modprpw -m lftm=0 username
/usr/lbin/modprpw -m expwarn=0 username

2. For checking the passwd aging works or not, change the passwd life time for a user to 2 days or so and check after that. You should get a warning message saying that your password is going to expire on (DATE)

Thanks

Saravanan


saran2010
Occasional Advisor

Re: disabling user account expiry

In Non-Trusted system

password can be made non-expiry by executing the following command

passwd -x -1 username

and it can be checked by the following command

passwd -s username
WayneHP
Frequent Advisor

Re: disabling user account expiry

The following attributes, defined in /etc/default/security, apply to shadow
passwords. See Section 2.5 and consult the security(4) manpage for more information.
â ¢ INACTIVITY_MAXDAYSâ Number of days before expiring an account for inactivity.
â ¢ PASSWORD_MINDAYSâ Minimum number of days before a password can be
changed.
â ¢ PASSWORD_MAXDAYSâ Maximum number of days that passwords are valid.
â ¢ PASSWORD_WARNDAYSâ Number of days before warning users of password
expiration.