HPE Community
Operating System - HP-UX
1752778 Members
6020 Online
108789 Solutions
New Discussion юеВ

Re: implementing password aging on my 11.31 trusted servers

 
SOLVED
Go to solution
PamelaJThrasher
Regular Advisor

тАО02-24-2009 11:05 AM

тАО02-24-2009 11:05 AM

implementing password aging on my 11.31 trusted servers

Hello-
I am going to be implementing password aging on my 11.31 trusted servers. There are several system and application accounts that I do not want to have their passwords expire. I am planning to run the following command against the accounts whose passwords I do not want to expire:

/usr/lbin/modprpw -m mintm=0,exptm=0,expwarn=0,lftm=0,llog=0

Do I need to run this for the root account to keep my root password from expiring?

Thanks in advance
0 Kudos
6 REPLIES 6
Steven E. Protter
Exalted Contributor

тАО02-24-2009 12:29 PM

тАО02-24-2009 12:29 PM

Solution

Re: implementing password aging on my 11.31 trusted servers

Shalom,

Easiest thing to do is run the sam replacement, smh, choose accounts and disable password aging.

You do need to run this command against root to prevent aging.

However that might cause you to fail a security audit.

Note also that trusted system is deprecated, will not be used in 11iv4 HP-UX. There are alternatives you might want to consider available on http://software.hp.com

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
PamelaJThrasher
Regular Advisor

тАО02-24-2009 12:43 PM

тАО02-24-2009 12:43 PM

Re: implementing password aging on my 11.31 trusted servers

Thank you for the great information.

If an password expires, will the account then also be locked? Or will it just prompt the user to change the password?
0 Kudos
melvyn burnard
Honored Contributor

тАО02-24-2009 01:20 PM

тАО02-24-2009 01:20 PM

Re: implementing password aging on my 11.31 trusted servers

With 11iv3 you could also look at SMSE Standard Mode Security Extensions.
This allows individual security settings to be applied on a per user basis without going to Trusted mode.
My house is the bank's, my money the wife's, But my opinions belong to me, not HP!
0 Kudos
Johnson Punniyalingam
Honored Contributor

тАО02-24-2009 09:03 PM

тАО02-24-2009 09:03 PM

Re: implementing password aging on my 11.31 trusted servers

>>If an password expires, will the account then also be locked? Or will it just prompt the user to change the password?<<

Yes, Your account will be locked.

You need enable the account, Than try login than only It will prompt the user to Change the password

Thkx,
Johnson
Problems are common to all, but attitude makes the difference
0 Kudos
Johnson Punniyalingam
Honored Contributor

тАО02-24-2009 09:05 PM

тАО02-24-2009 09:05 PM

Re: implementing password aging on my 11.31 trusted servers

Do I need to run this for the root account to keep my root password from expiring?

Yes,

yo enable the locked account.

/usr/lbin/modprpw -k

Thanks,
Johnson
Problems are common to all, but attitude makes the difference
0 Kudos
PamelaJThrasher
Regular Advisor

тАО02-25-2009 04:37 AM

тАО02-25-2009 04:37 AM

Re: implementing password aging on my 11.31 trusted servers

.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.