HPE Community
Operating System - HP-UX
1834696 Members
2122 Online
110069 Solutions
New Discussion

Reset all userid simultaneous

 
Sarah Mokwana
Occasional Advisor

‎04-24-2001 12:45 AM

‎04-24-2001 12:45 AM

Reset all userid simultaneous

The customer has a trusted system with more than 200 users. He wants to know if the is a command or a way that he can reset all 200 userid simultaneously, so that each time they login the system prompt for a new password. Cu knows that through SAM you can do that but one userid at a time and cu cannot manage to that a user at a time.He needs a command that can bundle all users(e.g on SAM->users..then you select the userid and set the permission you want on password option)so su does not want to do as per SAM.
You are the star in your own category,shine as high as you can
0 Kudos
Reply
5 REPLIES 5
Barry O Flanagan
Respected Contributor

‎04-24-2001 01:17 AM

‎04-24-2001 01:17 AM

Re: Reset all userid simultaneous

Heres a little awk script that should reset each of the users in /etc/passwd one by one :

awk -F: '{ print "passwd -f " $1 }' /etc/passwd | sh

0 Kudos
Reply
Barry O Flanagan
Respected Contributor

‎04-24-2001 01:22 AM

‎04-24-2001 01:22 AM

Re: Reset all userid simultaneous

Of course this will only expire all the users passwords so they have to enter a new password when the login again! It won't actually 'set' the users passwords for them.
0 Kudos
Reply
Junior C.
Frequent Advisor

‎04-24-2001 06:29 AM

‎04-24-2001 06:29 AM

Re: Reset all userid simultaneous

Sarah,

You can run the following command cut -d : f1 /etc/passwd > "users login id"
edit the file, deleting root bin sys oracle etc.
Then run for loop on "user login id" file to force all users to change password on next login.
0 Kudos
Reply
Vincenzo Restuccia
Honored Contributor

‎04-24-2001 07:05 AM

‎04-24-2001 07:05 AM

Re: Reset all userid simultaneous

You can see:
usermod [-u uid [-o] ] [-g group] [-G group [, group...]] [-d dir [-m] ] [-s shell] [-c comment] [-f inactive] [-l new_logname] [-e expire] login

0 Kudos
Reply
Wieslaw Krajewski
Honored Contributor

‎04-24-2001 11:44 AM

‎04-24-2001 11:44 AM

Re: Reset all userid simultaneous

Hi,

As I've uderstood well, Sarah mentioned trusted system,
what means C2 security level. If so, all valid information about accounts and passwords is stored in files in
/tcb/files/auth/[A-Za-z].
For example info about user account bill is stored in the file /tcb/files/auth/b/bill

As concerns password aging in such file it is neceesary to define parameters as in the example below:

u_minchg#0:u_exp#0:u_life#86400:u_succhng#0:
where
u_minchg#0 means that password can be change immediately
u_exp#0 means that password is valid 0 days (exactly seconds)
u_life#86400 means the password life time equal to 1 day or 86400 seconds
u_succhng#0 means that the password should be changed at the next login.
This last parameter changes value to sth much more than 0 after changing password by user. And according to man 4 prpwd is not recommended to be changed manually.
But I did it and it works.
So to conclude, Sarah you should write a script, shell script for example to include such line or modify this line if already included for respective files for all users.
Seems to be not too difficult, but takes some time especially for testing.

Hpe this short explanation helps to take right decision.
Rgds.
Permanent training makes master
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.