HPE Community
Operating System - HP-UX
1825605 Members
2949 Online
109682 Solutions
New Discussion

Password expired on a user with aging disabled...

 
SOLVED
Go to solution
Jonathan Caplette_1
Super Advisor

‎03-31-2009 06:41 AM

‎03-31-2009 06:41 AM

Password expired on a user with aging disabled...

Hi guys,

I've a user that is password have expired, even if is password aging is disabled, account lifetime is infinite, etc etc etc...

It's a HP-UX 11.11 trusted system...

How can I fix this?

Thanks
0 Kudos
5 REPLIES 5
Jonathan Caplette_1
Super Advisor

‎03-31-2009 06:44 AM

‎03-31-2009 06:44 AM

Re: Password expired on a user with aging disabled...

Here is the result of the getprpw and the content on tcb file

# /usr/lbin/getprpw paprda
uid=50132, bootpw=NO, audid=28, audflg=1, mintm=0, maxpwln=-1, exptm=-1, lftm=0, spwchg=Tue Dec 30 14:45:29 2008, upwchg=Tue Dec 30 14:40:02 2008, acctexp=-1, llog=0, expwarn=0, usrpick=DFT, syspnpw=DFT, rstrpw=DFT, nullpw=DFT, admnum=-1, syschpw=DFT, sysltpw=DFT, timeod=-1, slogint=Tue Mar 31 10:05:34 2009, ulogint=Tue Mar 31 09:41:09 2009, sloginy=-1, culogin=-1, uloginy=-1, umaxlntr=-1, alock=NO, lockout=0000000

# more paprda
paprda:u_name=paprda:u_id#50132:\
:u_pwd=gm80uEkdMwEWE:\
:u_auditid#28:\
:u_auditflag#1:\
:u_minchg#0:u_life#0:u_succhg#1230666329:u_unsucchg#1230666002:\
:u_llogin#0:u_pw_expire_warning#0:u_pswduser=paprda:u_suclog#1238508334:\
:u_unsuclog#1238506869:u_lock@:chkent:

0 Kudos
Jonathan Caplette_1
Super Advisor

‎03-31-2009 07:07 AM

‎03-31-2009 07:07 AM

Re: Password expired on a user with aging disabled...

OK I found out that modprpw -l -v resets the expiry to the present date... It solve it for now...

But I can't still find out why it expired with the aging disabled...
0 Kudos
Steven E. Protter
Exalted Contributor

‎03-31-2009 07:08 AM

‎03-31-2009 07:08 AM

Re: Password expired on a user with aging disabled...

Shalom,

For 11.11 the best thing to do is select the user with sam, set things the way you want.

You can edit the pwd entry in the post above, null out the password and run the passwd command to set a new password on the user.

Also check /etc/default/security

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Ganesan R
Honored Contributor

‎03-31-2009 07:08 AM

‎03-31-2009 07:08 AM

Solution

Re: Password expired on a user with aging disabled...

Hi Jonathan,

First thing is,

If the values for exptm, lftm, mintm, and expwarn are equal to -1, this means that the user is using the system security policy options defined in SAM.

If password aging is disabled, all above parameters are set to 0.

Need to check that one first.

Use this command.

#/usr/lbin/modprpw -m exptm=0,lftm=0,expwarn=0,mintm=0 paprda

This means password aging is disabled for user test. Changing the system security options will not have an impact on the user, even when enabling the password aging at the system level


Best wishes,

Ganesh.
0 Kudos
Jonathan Caplette_1
Super Advisor

‎03-31-2009 09:50 AM

‎03-31-2009 09:50 AM

Re: Password expired on a user with aging disabled...

Thanks guys... I'll have a check on those settings...
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.