Operating System - HP-UX
1834156 Members
2813 Online
110064 Solutions
New Discussion

Password expiration and POP server

 
enrico.nic
Regular Advisor

Password expiration and POP server

Hi

Due to an almost recent italian law, I need to let all the passwords on my HP-UX 11.11 system expire at a (maximum) period of 90 days.
About the system password, I can easily restrict the password policies through SAM.
About Samba logins, now the users are validating through an NT server, so there isn'y any problem about the password expiration time; although I can probably sync the samba passwords with the sys passwords, and the problem should be solved even if remaining on the unix side.
The problem comes out with the POP server: I have the qualcomm's POP server installed, but I cannot see how to deny the user's POP logon after the password expiration.

Can anybody please help me ?

Thank you

Enrico
3 REPLIES 3
Wayne Patton_1
Advisor

Re: Password expiration and POP server

The pop server software we use, uses the login passwd combination of the users login account. Does your Qualcomm software not use the system login/passwd for the user?

If it did, it sounds like you are already covered . . ??

wayne
Steven E. Protter
Exalted Contributor

Re: Password expiration and POP server

Most pop servers use the login authentication of the system.

The default for HP-UX is /etc/passwd

That being the case when the user id expires, the pop access expires.

You can be assured of this by switching to qpopper which is designed to work with HP-UX.

If these users are authenticating to NIS, ldap or windows you may have an issue, but pop software uses default system authentication.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
enrico.nic
Regular Advisor

Re: Password expiration and POP server

Hi

I have QPopper version 4.0.8 installed.
I tried

# passwd -f username

to require a new password on the new login.

But trying to telnet directly on the POP port I obtain:
# telnet 127.0.0.1 110
Trying...
Connected to myhost.marionegri.it.
Escape character is '^]'.
+OK Qpopper (version 4.0.8) at myhost.marionegri.it starting. <5765.1132175845@myhost.marionegri.it>
USER username
+OK Password required for username.
PASS xxxxxxx
+OK username has 0 visible messages (0 hidden) in 0 octets.

So the logon is allowed.