HPE Community
Operating System - HP-UX
1825776 Members
2118 Online
109687 Solutions
New Discussion

How to force a user to change passwd?

 
larryccccc
Occasional Contributor

‎06-11-2002 12:39 AM

‎06-11-2002 12:39 AM

How to force a user to change passwd?

I want to force user1 to change his password every 2 days. How to do it by command or SAM(In sam,weeks is used)
Thanks.
0 Kudos
Reply
12 REPLIES 12
Bill McNAMARA_1
Honored Contributor

‎06-11-2002 12:43 AM

‎06-11-2002 12:43 AM

Re: How to force a user to change passwd?

That sounds sheerly annoying ;)

These links should help:
passwd -f will force a change at next login, you could add that to cron:

http://forums.itrc.hp.com/cm/QuestionAnswer/1,,0x70a983667c40d4118feb0090279cd0f9,00.html

Later,
Bill
It works for me (tm)
0 Kudos
Reply
Bill McNAMARA_1
Honored Contributor

‎06-11-2002 12:46 AM

‎06-11-2002 12:46 AM

Re: How to force a user to change passwd?

oops, misread that post. -f is for linux! Well a solution is there in any case!

Later,
Bill
It works for me (tm)
0 Kudos
Reply
Alexander M. Ermes
Honored Contributor

‎06-11-2002 12:46 AM

‎06-11-2002 12:46 AM

Re: How to force a user to change passwd?

Hi there.
You can do this with the tool SAM.
- Accounts for Groups and Users
- Users
- highlight the user with the space bar
- Action
- Modify
- Modify password options

Rgds
Alexander M. Ermes
.. and all these memories are going to vanish like tears in the rain! final words from Rutger Hauer in "Blade Runner"
0 Kudos
Reply
Fabrice Meynard
Frequent Advisor

‎06-11-2002 12:47 AM

‎06-11-2002 12:47 AM

Re: How to force a user to change passwd?

Hello,
it should be passwd -x 2 user

regards
Fabrice
0 Kudos
Reply
Bill McNAMARA_1
Honored Contributor

‎06-11-2002 12:47 AM

‎06-11-2002 12:47 AM

Re: How to force a user to change passwd?

from man passwd: (no need of cron!)

-x max Determine the maximum number of days, max, a password
can remain unchanged. The user must enter another
password after that number of days has transpired,
known as the password expiration time.


Later,
Bill
It works for me (tm)
0 Kudos
Reply
Frederic Sevestre
Honored Contributor

‎06-11-2002 12:49 AM

‎06-11-2002 12:49 AM

Re: How to force a user to change passwd?

Hi,

You can edit the /etc/passwd (using vipw) and add ",.." at the end of the password field.

exemple :

fred:Brjq6jlN.k/3A:113:20:,,,:/home/fred:/usr/bin/sh

fred:Brjq6jlN.k/3A,..:113:20:,,,:/home/fred:/usr/bin/sh

Fr??d??ric




Crime doesn't pay...does that mean that my job is a crime ?
0 Kudos
Reply
Nick Wickens
Respected Contributor

‎06-11-2002 12:53 AM

‎06-11-2002 12:53 AM

Re: How to force a user to change passwd?

I created the attached script to do this - just change the EXPIRE parameter to 2 days.

Theres a temp step in there you can comment back in that lets you gradually change the expiry (saves getting loads of calls in one day from users that can't handle changing their own password) - just comment in the case statements over a few days.

I have never been happy with the date scripting at the end of this so you might want to double check it.
Hats ? We don't need no stinkin' hats !!
0 Kudos
Reply
larryccccc
Occasional Contributor

‎06-11-2002 01:07 AM

‎06-11-2002 01:07 AM

Re: How to force a user to change passwd?

Thanks for your rapid replies. I've got another question. when I uses "#passwd -x 2 user1" to do that job,something added to the password field. Can you tell me what's the meaning of it. And how can I to edit it directly to force changing password?
0 Kudos
Reply
Fabrice Meynard
Frequent Advisor

‎06-11-2002 02:40 AM

‎06-11-2002 02:40 AM

Re: How to force a user to change passwd?

To force user1 to change password at next login, in /etc/passwd at line of user1, modify first argument :
user1:,..:
after second ":" don't change anything.

When using passwd -x 2 user1, you will have :
user1:XXXXX,/.QO:

You can test with a test user. Simple to reproduce.

Hope this helps.

Fabrice
0 Kudos
Reply
Rajshree Shinde
Occasional Advisor

‎06-11-2002 02:45 AM

‎06-11-2002 02:45 AM

Re: How to force a user to change passwd?

In case if it is a trusted system-use modprpw -e/-E user

Regards,
There is always a way
0 Kudos
Reply
Darrell Allen
Honored Contributor

‎06-12-2002 01:00 PM

‎06-12-2002 01:00 PM

Re: How to force a user to change passwd?

For the meaning of the characters added to the hashed password field in /etc/passwd, see man 4 passwd. Look for the info concerning password aging.

If you are not using trusted systems, password aging will only be done in weeks, not days. I believe the day of week for password changes due to expiration is always Thursday (don't know this for sure - seem to remember reading about it somewhere).

I wouldn't edit the aging info directly. I'd use the passwd command (or modprpw).

Bill was right in his first post (at least on my 11.0 non-trusted system): "passwd -f loginid" will require the user to change his password the next time he logs in.

As far as requiring the user to change his password every 2 days on a non-trusted system, you'd need a cron job that did some type of date math to determine if it is every other day. Clay Stephenson's caljd.sh or caljd.pl should do the trick. Search the forums and you'll find numerous references to caljd.

Darrell
"What, Me Worry?" - Alfred E. Neuman (Mad Magazine)
0 Kudos
Reply
Martin Johnson
Honored Contributor

‎06-12-2002 01:13 PM

‎06-12-2002 01:13 PM

Re: How to force a user to change passwd?

Why would you want to force a user to change the password every two days? That makes it harder to remember the current password. When a password is hard to remember, the user is more likely to write it down - with the overall effect of making the system less secure.

My $.02
Marty
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.