HPE Community
Operating System - HP-UX
1825802 Members
2479 Online
109687 Solutions
New Discussion

Re: Password expiration email notification

 
Linda Stanley
New Member

‎07-25-2003 06:11 AM

‎07-25-2003 06:11 AM

Password expiration email notification

Hello and thanks for your help!
I am an end-user working on a 6Sigma project to improve how users are notified of pending password expirations.

We want to email users, to an external email system such as Lotus Notes, notification of their impending password expirations. This would allow them to be pro-active about maintaining their passwords without sys admin intervention.

The unix group wants to implement this procedure but has been too busy to research how to do it. They have welcomed the HP forum information I have found about how to find the expiration information, but the sample scripts don't paint a complete picture of creating such an automated system.

So, here I am!

I know I am asking for alot, but I do need each step outlined clearly.

The system details are below:
There are a minimum of two unix boxes to implement this on:

HP-UX csg0012 B.11.11 U 9000/869 (tb)
HP-UX csg0006 B.10.20 A 9000/889 (ttyp1)

They are both trusted systems.
The admins use SAM for their user id setups.

Thanks for your time and effort in helping achieve a better system and a qualified specialist!
0 Kudos
Reply
4 REPLIES 4
Steven E. Protter
Exalted Contributor

‎07-25-2003 06:22 AM

‎07-25-2003 06:22 AM

Re: Password expiration email notification

If your system is trusted there is a feature notifying users x number of days prior to expiration that they will need to change their password. It shows up right after login.

If you want to expand on that you will probably have to do this:

read through the /etc/passwd file with an awk script. When you find a user closer than X days to expiration you can send them an email.

You will need to set up your sendmail.cf file to relay the mail

Change

DS

to

DS
[IP_address_of_mail_relay_server]

save the file

/sbin/init.d/sendmail stop
/sbin/init.d/sendmail start

I'm attaching a mailer script that might help you out.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Darren Prior
Honored Contributor

‎07-25-2003 07:49 AM

‎07-25-2003 07:49 AM

Re: Password expiration email notification

Hi,

It sounds like you already have the scripts to find the expiration date, if they don't calculate how far away the date actually is then you'll benefit from A. Clay Stephenson's caljd.sh script.

The way forward is then to have a cron job running at some convenient idle time in the night that runs through the passwd file, pulls the expiration date for each user, calculates how far in the future the date is - then fires off an email if it's within 5 days (or whatever) of expiry.

regards,

Darre
Calm down. It's only ones and zeros...
0 Kudos
Reply
Christopher Caldwell
Honored Contributor

‎07-25-2003 07:56 AM

‎07-25-2003 07:56 AM

Re: Password expiration email notification

If you have folks that know C, and you want some decent sophistication, have the folks "man getprpwent". getprpwent interrogates the protected password database.

Included in this database are these fields of interest:

fd_expire; /* expiration time duration in secs */
fd_lifetime; /* account death duration in seconds */
fd_pw_expire_warning; /* password expiration warning */
0 Kudos
Reply
Linda Stanley
New Member

‎07-25-2003 08:16 AM

‎07-25-2003 08:16 AM

Re: Password expiration email notification

Thank you for your responses. I will send the unix people this information.

If they have any questions, I will post them for further help.

Thanks so much for the quick response!

-Linda
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.