HPE Community
Operating System - HP-UX
1835217 Members
2345 Online
110078 Solutions
New Discussion

Re: Password help

 
SOLVED
Go to solution
Anthony khan
Frequent Advisor

‎02-27-2002 05:21 AM

‎02-27-2002 05:21 AM

Password help

Hi Everyone,

I want all user to change their password when they login next time, Any suggestion or anyone have any script to do this job, I was thinking to get the user name from /etc/passwd and run passwd -f, but I don't wanna change the passwd for root etc. Thanks in advance.Note this is not a trusted system

Anthony
0 Kudos
Reply
10 REPLIES 10
harry d brown jr
Honored Contributor

‎02-27-2002 05:27 AM

‎02-27-2002 05:27 AM

Solution

Re: Password help

Anthony,

Write a little awk script to go through the passwd file and set the "-f" option per each user.

live free or die
harry
Live Free or Die
Reply
John Strang
Regular Advisor

‎02-27-2002 05:35 AM

‎02-27-2002 05:35 AM

Re: Password help

Hi Anthony,

You can write a quick script to run passwd -f for a list of users

Run
cut -d : f1 /etc/passwd > /tmp/userlist

This will create /tmp/userlist as a list of usernames from /etc/passwd

Then edit /tmp/userlist so that it contains only those usernames that you want to change passwords

Then run
for i in ??cat /tmp/userlist??
do
passwd -f $i
done

This will run passwd -f for each entry in the /tmp/userlist file

HTH,

John
If you never make a mistake you'll never make anything.
Reply
harry d brown jr
Honored Contributor

‎02-27-2002 05:36 AM

‎02-27-2002 05:36 AM

Re: Password help

Anthony,

Here's a quick script:

cat /etc/passwd | awk -F: '{if ($3 > 100) system("passwd -f "$1)}'

Change the "if" and "100" if "100" is not the lowest account you don't want to change.

live free or die
harry
Live Free or Die
0 Kudos
Reply
S.K. Chan
Honored Contributor

‎02-27-2002 06:42 AM

‎02-27-2002 06:42 AM

Re: Password help

Implementing password aging can also help by which you don't need a script to do this.
Reply
Helen French
Honored Contributor

‎02-27-2002 07:22 AM

‎02-27-2002 07:22 AM

Re: Password help

Hi Anthony,

Two options:

1) Enable password aging through SAM
2) Set -f option.

# passwd -f "acct_name"

HTH,
Shiju
Life is a promise, fulfill it!
Reply
Anthony khan
Frequent Advisor

‎02-27-2002 07:30 AM

‎02-27-2002 07:30 AM

Re: Password help

Thanks for response guys, sorry there is a problem in assigning points, I'll do it later.

Chan & Shiju,

If Enabling password aging do I have to make the system trusted, IF yes then this is a production box, is there any precaution I have to take.

Thanks to all again
0 Kudos
Reply
Rodney Hills
Honored Contributor

‎02-27-2002 07:35 AM

‎02-27-2002 07:35 AM

Re: Password help

Password aging doesn't require a trusted system.

If you do go trusted, be careful with NIS (aka yellow pages), as it doesn't work with trusted systems.

-- Rod Hills
There be dragons...
Reply
Helen French
Honored Contributor

‎02-27-2002 07:52 AM

‎02-27-2002 07:52 AM

Re: Password help

Hi Anthony,

Yes, you need to convert your system to Trusted mode inorder to enable pasword aging functions. You can do these through SAM.

Making system trusted has advantages and some disadvantages ( like NIS). See this guide for trusted systems:

http://www.docs.hp.com/hpux/onlinedocs/B2355-90121/B2355-90121.html

Also check this thread for some more information:

http://us-support3.external.hp.com/cki/bin/doc.pl/sid=bd9e15760b1142a5d4/screen=ckiDisplayDocument?docId=200000058669369

HTH,
Shiju
Life is a promise, fulfill it!
0 Kudos
Reply
Rodney Hills
Honored Contributor

‎02-27-2002 07:58 AM

‎02-27-2002 07:58 AM

Re: Password help

I did a test on my non-trusted system and was able to enter

passwd -f -x 7 joeuser

When joeuser logged on, the system requested a new password, and it made an entry in /etc/passwd to indicate a max time of 7 days.

Far as I can tell (and the man page for passwd), you don't need a trusted system.

-- Rod Hills
There be dragons...
0 Kudos
Reply
Helen French
Honored Contributor

‎02-27-2002 08:06 AM

‎02-27-2002 08:06 AM

Re: Password help

Hi Rod,

When you invoke SAM-Auditing and security-System security policies-Password aging policies, the system will force you to make the system trusted.

The '-f' option with passwd command deosn't require a trusted system. In the man pages of passwd:

A superuser can modify password aging characteristics associated with the user name using the following options - " -d, -f, -l, -x"

Also the -w needs the system to be trusted.

HTH,
Shiju
Life is a promise, fulfill it!
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.