- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: password aging policies in HP-UX
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-31-2009 02:40 AM
тАО03-31-2009 02:40 AM
Re: password aging policies in HP-UX
Without converting to a trusted system , the password aging policies dont work, except the changes which you can do with /etc/passwd file for the non-trusted systems.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-31-2009 02:40 AM
тАО03-31-2009 02:40 AM
Re: password aging policies in HP-UX
Fisrt check that your system is in trusted mode or not.
If not then -
#sam> Press "Return" to continue> Auditing and Security> System Security Policies> (Do you want to convert to a Trusted System now?)Press on Yes> ok> Select [Password Aging Policies]> Enable the Password Aging:> then change the value as per your requirement.
Thnx...Farhan
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-31-2009 02:45 AM
тАО03-31-2009 02:45 AM
Re: password aging policies in HP-UX
#sam> Press "Return" to continue> Auditing and Security> System Security Policies> Select [Password Aging Policies], from here you can check password aging plocies.
Thnx...Farhan
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-31-2009 03:18 AM
тАО03-31-2009 03:18 AM
Re: password aging policies in HP-UX
Other than the expiration time and the minimum time before another password change can be made, there are no other password controls available on your system. The /etc/default/security file must be created by you but read the man page for security. There just a couple of options that will work -- all the others will be ignored until you convert to a Trusted System. Depending on your version of HP-UX, you may also choose Shadow Password protection or Security Enhancement/Containment.
Bill Hassell, sysadmin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-25-2009 09:09 AM
тАО06-25-2009 09:09 AM
Re: password aging policies in HP-UX
Just now i converted my hpux in to trusted mode using SAM.
Now i am able to find the folder "/tcb/files/auth"
My problem is just now i have created one user, i am not able to change the password for that user.
Ex:
# useradd sentest
# passwd sentest
Password cannot be changed. Reason: Cannot access protected password entry.
I am getting the above error.
And i am not able to run the command "getprpw".
Ex:
root@lgsna:/tcb/files/auth/r > getprpw sentest
sh: getprpw: not found.
root@lgsna:/tcb/files/auth/r > usr/lbin/getprpw sentest
sh: usr/lbin/getprpw: not found.
My questions:
1) How to set / reset the password when server is at trusted mode.
2) How to get the command "getprpw".
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-25-2009 10:13 AM
тАО06-25-2009 10:13 AM
Re: password aging policies in HP-UX
"# /usr/lbin/getprpw test"
-and you did-
"root@lgsna:/tcb/files/auth/r > getprpw sentest
sh: getprpw: not found."
do *you* see the difference? do you know at least 2 ways to correct the issue?
hint: what's your path?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-25-2009 10:20 AM
тАО06-25-2009 10:20 AM
Re: password aging policies in HP-UX
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-29-2009 04:48 AM
тАО06-29-2009 04:48 AM
Re: password aging policies in HP-UX
i have converted my system into trusted.
I would like to practice all the features of trusted system like "getprpw", "modprpw",
"configuring /etc/defaults/security", "password aging policies" and "auditing".
So i need best guide (pdf / html) to practice above things.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-29-2009 04:54 AM
тАО06-29-2009 04:54 AM
Re: password aging policies in HP-UX
I trust (no pun intended) that you realize that Trusted Sysem security is deprecated with 11.31 and that the 11.31 release is the last that will support it.
In my opinion, you would be in a better postion to convert to a shadow implementation and begin to explore the evolving features built upon that.
http://docs.hp.com/en/5992-3387/index.html
Regards!
...JRF...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-29-2009 06:02 AM
тАО06-29-2009 06:02 AM
Re: password aging policies in HP-UX
/usr/lbin/getprpw test
This and the associated comands will work on a trusted system.
passwd -sa will provide you a good report and flag users that have not logged in and changed their passwords recently.
Trusted system is as JRF notes orphan technology, and you may wish to study alternatives so that your future HP-UX 11 v 4 systems will work with older systems.
Shadow password is available from http://software.hp.com and may be built into 11.31. Shadow password is based on Linux which will make it easier not to remember two different rule sets when dealing with multi platform systems.
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com