System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

user must change password at first logon

SOLVED
Go to solution
Maaz
Valued Contributor

user must change password at first logon

help ?
7 REPLIES
Ivan Ferreira
Honored Contributor

Re: user must change password at first logon

chage -d 0

See also:

http://forums11.itrc.hp.com/service/forums/questionanswer.do?threadId=1237877
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
Maaz
Valued Contributor

Re: user must change password at first logon

Hi Ivan thanks for help.

we have two issues/demands

1, user must change password at first logon
solution: chage -d 0

OK, done.

2, at 15th of every month each user password must expires, and every user must have to change his/her password

regards
maaz
Jeeshan
Honored Contributor

Re: user must change password at first logon

Maaz
Valued Contributor

Re: user must change password at first logon

Hi ahsan, thanks for help.

using /etc/login.defs alone, is not the solution .. because if a user has changed his/her password on 8th .. his/her password wont expires on 15th of that month.

what i need is that at 15th of each month every user must has to change his/her password.. or password must expires on 15th of every month for ever user.

I think it will be done by a script... am i right ? if yes then please share the code ;)

Regards
Ivan Ferreira
Honored Contributor
Solution

Re: user must change password at first logon

With chage you can also specify a maximum password life, for example, 30 days. If you want to exactly do it every 15, for some extrange reson, then yes, you must script it.

Also, think about your users, changing passwords each month can be problematic, even for your administrators/help desk support.

Anyway, you can run in cron something like:

for USER in $( awk -F ":" '$3 > 500 { print $1 }' /etc/passwd)
do
chage -d 0 $USER
done

This will force all users with UID > 500 to change their passwors.
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
Maaz
Valued Contributor

Re: user must change password at first logon

Hi Ivan, thanks for help.
yes this is a strange issue, but this the customers requirement.

does this also works with ldap server ? i.e does "chage -d 0 " will also expires the password of ldap users/accounts ?

I am asking this question becuase the customer is asking about migration from NIS to LDAP domain...

Regards,
Maaz
Ivan Ferreira
Honored Contributor

Re: user must change password at first logon

does this also works with ldap server ?
According to "man chage", you can specify a binDN, that is, information to modify a LDAP directory server.

And tell your customer that should forget about NIS at this time.
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?