Solved: forcing password aging - today is day one

RobertCarback · ‎02-14-2008

HP-UX 11iv2 (IA64)
How do I force all users to be on a 42 day pasword aging policy starting today?

Paul Sperry · ‎02-14-2008

your system will have to be trusted

sam
Auditing ans security
System Security Policies.

Then you can set password aging.

RobertCarback · ‎02-14-2008

it's already trusted. I'm saying that if today I change the aging policy from the current setting of 56 days to 42 days will all users begin the 42 day count today?

Tim Nelson · ‎02-14-2008

The supported way would be to select "expire all users passwords" option.

All users would have to change their pw after this.

Paul Sperry · ‎02-14-2008

the 42 day age is the age since the last sucessful password change. So to answer you question. No they will not all expire in 42 days. You could use

modprpw -E

This option is specified WITHOUT a user name to expire all user's
passwords. It goes through the protected password database and
zeroes the successful change time of all users. The result is
all users will need to enter a new password at their next login.

RobertCarback · ‎02-14-2008

thanks all

forcing password aging - today is day one

forcing password aging - today is day one

Re: forcing password aging - today is day one

Re: forcing password aging - today is day one

Re: forcing password aging - today is day one

Re: forcing password aging - today is day one

Re: forcing password aging - today is day one