HPE Community
Operating System - HP-UX
1834249 Members
1967 Online
110066 Solutions
New Discussion

Re: how to lock and unlock a user account in batch mode

 
sheevm
Regular Advisor

‎03-02-2005 04:16 AM

‎03-02-2005 04:16 AM

how to lock and unlock a user account in batch mode

Hi!

I want to lock one user ID during night time and unlock it on a request basis during daytime. I want to do this via cron. Can someone give me some tips how I can acheive this?

Thanks in Advance

Raj
be good and do good
0 Kudos
Reply
7 REPLIES 7
Pete Randall
Outstanding Contributor

‎03-02-2005 04:22 AM

‎03-02-2005 04:22 AM

Re: how to lock and unlock a user account in batch mode

You can use the "passwd -l" command to lock an account - see "man passwd".


Pete

Pete
0 Kudos
Reply
A. Clay Stephenson
Acclaimed Contributor

‎03-02-2005 04:25 AM

‎03-02-2005 04:25 AM

Re: how to lock and unlock a user account in batch mode

If this is a trusted system, it's rather easy. You should have a cronjob that runs daily to lock the account. That is nothing more than a passwd -l user.

You then can issue an explicat command to unlock the account via modprpw -k user.

Since you didn't bother to identify the OS, Trusted/Nontrusted NIS/NIS+/LDAP, it's hard to answer specifically.
If it ain't broke, I can fix that.
0 Kudos
Reply
sheevm
Regular Advisor

‎03-02-2005 04:27 AM

‎03-02-2005 04:27 AM

Re: how to lock and unlock a user account in batch mode

Sorry. O.S is 11.0 and nontrusted system.
be good and do good
0 Kudos
Reply
sheevm
Regular Advisor

‎03-02-2005 04:50 AM

‎03-02-2005 04:50 AM

Re: how to lock and unlock a user account in batch mode

Hi Peter,

O.S LEVEL IS 11.0 AND THIS IS UNTRUSTED SYSTEM.

I see in MAN pages a way to lock the account.

How do I unlock the account in a way the user can use the same passoword to login again?
be good and do good
0 Kudos
Reply
Pete Randall
Outstanding Contributor

‎03-02-2005 04:54 AM

‎03-02-2005 04:54 AM

Re: how to lock and unlock a user account in batch mode

Raj,

All the "passwd -l" command does is replace the password with an asterisk, thus locking the account. In order to unlock it, I think you would have to reset the passwd with the "passwd USERNAME" command.


Pete

Pete
0 Kudos
Reply
Pete Randall
Outstanding Contributor

‎03-02-2005 04:59 AM

‎03-02-2005 04:59 AM

Re: how to lock and unlock a user account in batch mode

I just tried this on a test account and resetting the passwd does unlock the account.


Pete

Pete
0 Kudos
Reply
A. Clay Stephenson
Acclaimed Contributor

‎03-02-2005 06:13 AM

‎03-02-2005 06:13 AM

Re: how to lock and unlock a user account in batch mode

Since this is an untrusted system, passwd -l replaces the passwd hash with '*' so that the process is not reversible. What I would do to lock the account is write a Perl or awk script. A valid passwd hash is EXACTLY 13 characters in length. To lock the account, I would prepend a '*' to the valid passwd hash making it an impossible hash. To unlock it, you could then remove this extra '*' leaving the valid passwd hash in place.
If it ain't broke, I can fix that.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.