HPE Community
Operating System - HP-UX
1820041 Members
3282 Online
109608 Solutions
New Discussion юеВ

Re: HPUX 11.0: Trusted Systems Password Expiration

 
SOLVED
Go to solution
LG Porter
Frequent Advisor

тАО07-15-2003 06:16 AM

тАО07-15-2003 06:16 AM

HPUX 11.0: Trusted Systems Password Expiration

I have several HP 9000 Servers that are presently configured as "Trusted" systems. On each system there is a large number of users defined thus there maxage parameter for their userid is set to 26 weeks. Questions: A) If I set them back to 13 weeks, will many users potentially get their passwords expired? B) Is there anyway to change this parameter for all users on the systems for NON trusted systems? (Is there a global file to edit or is SAM the only way this can be changed? Is there a command that can be used from the command line...? Could operation be scripted as to automated this process?)
0 Kudos
Reply
4 REPLIES 4
Tyler Easterling
Advisor

тАО07-15-2003 08:37 AM

тАО07-15-2003 08:37 AM

Solution

Re: HPUX 11.0: Trusted Systems Password Expiration

A) If I set them back to 13 weeks, will many users potentially get their passwords expired?

I would say that the odds are good that a good portion of your users will have expired passwords. You might try first disabling password aging in SAM and then enable for 13 weeks. I think that will reset the experation time frame.

B) Is there anyway to change this parameter for all users on the systems for NON trusted systems? (Is there a global file to edit or is SAM the only way this can be changed?
Not for 11.00.
Is there a command that can be used from the command line...?
Yes, passwd
Could operation be scripted as to automated this process?
Yes:

#!/sbin/sh

MINDAYS=7
MAXDAYS=91

for user in `awk '{ FS=":"; print $1 }' /etc/passwd`
do
passwd -r files -n $MINDAYS -x $MAXDAYS $user
done
Reply
Steven E. Protter
Exalted Contributor

тАО07-15-2003 08:55 AM

тАО07-15-2003 08:55 AM

Re: HPUX 11.0: Trusted Systems Password Expiration

Keep in mind that the script in the first response will round the number of days to the nearest week.

Setting the users back 13 weeks is bound to expire them if, any user less than 13 weeks from a password change.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
F Verschuren
Esteemed Contributor

тАО07-15-2003 11:04 PM

тАО07-15-2003 11:04 PM

Re: HPUX 11.0: Trusted Systems Password Expiration

before changing the timestamps just reset the time the passwd was changed manualy:
/usr/lbin/modprpw -v [username]
when using this comand in the
/tcb/files/auth/[a-z]/[uername] file
u_succhg wil be changed to today.

Kind regards Freek
Reply
Rajeev Shukla
Honored Contributor

тАО07-15-2003 11:29 PM

тАО07-15-2003 11:29 PM

Re: HPUX 11.0: Trusted Systems Password Expiration

Hi,
Yes if you use SAM it will reset all the accounts but you will get a chance to change the password. So when the user next time logs in he will be asked to change the password.

Or the alternate way is to manually change the parameter called :u_succhg# in /tcb/files/auth/[a-z]/
and reset all accounts passwd change to todays date.

using modprpw
if its 11.11 system you have man pages for modprpw
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.