HPE Community
Operating System - HP-UX
1833053 Members
2802 Online
110049 Solutions
New Discussion

Re: Setting expiry dates for users (user ids) in hpux.

 
SOLVED
Go to solution
senthil_kumar_1
Super Advisor

‎10-13-2009 09:31 AM

‎10-13-2009 09:31 AM

Setting expiry dates for users (user ids) in hpux.

Hi All,

I am using HPUX 10.20, 11.00 and 11.11, all are running in standard mode.

How to set the expiry dates for users (user ids).

0 Kudos
Reply
12 REPLIES 12
TTr
Honored Contributor

‎10-13-2009 09:41 AM

‎10-13-2009 09:41 AM

Re: Setting expiry dates for users (user ids) in hpux.

I would like to be able to set expiry dates for *some* of my users but if you are asking about passwords, you use the passwd -f -n -w -x options with the appropriate values (in # of weeks). If you have a lot of users, you either run he passwd command in a script or do it for one user and then dupplicate the age string to the rest of the accounts.
The age string is at the end of the encrypted password string after the coma ","

username:XXXXXXXXXXXXX,1234:UID:GID:....
Reply
senthil_kumar_1
Super Advisor

‎10-13-2009 10:07 AM

‎10-13-2009 10:07 AM

Re: Setting expiry dates for users (user ids) in hpux.

Hi TTr

Thanks, but i know this.

Is there any way to set the expiry dates for users not for passwords in hpux?
0 Kudos
Reply
TTr
Honored Contributor

‎10-13-2009 10:28 AM

‎10-13-2009 10:28 AM

Re: Setting expiry dates for users (user ids) in hpux.

If you are talking about user accounts, and disabling them or deleting them, no there is no such feature. You have to create it yourself using one or more scripts that you run in cron. You check the last time a user loged in and if it is more than a predetermined number of days (30 days, 60 days etc) you disable or delete the account. It is not an easy thing to do and requires some involved scripting.
Reply
senthil_kumar_1
Super Advisor

‎10-13-2009 10:55 AM

‎10-13-2009 10:55 AM

Re: Setting expiry dates for users (user ids) in hpux.

what is the command to disable the user account in hpux.
0 Kudos
Reply
TTr
Honored Contributor

‎10-13-2009 11:30 AM

‎10-13-2009 11:30 AM

Solution

Re: Setting expiry dates for users (user ids) in hpux.

There is no command, you use vipw to edit the password file and put an asterisk * in the encrypted password filed.

username:*:UID:GID:....

In addition to the asterisk you can add another meaningful word such as LOCKED etc as in

username:**LOCKED**:UID:GID:....
username:**DISABLED**:UID:GID:....

You must have at least one asterisk in the encrypted password field.

Having the hp-ux security packages and trusted systems gives you some more flexibility
Reply
Steven E. Protter
Exalted Contributor

‎10-13-2009 12:21 PM

‎10-13-2009 12:21 PM

Re: Setting expiry dates for users (user ids) in hpux.

Shalom,

For OS users in /etc/passwd

userdel
# deletes the user

Commonly -r will be used to recursively delete that users files.

passwd -l
# locks the user immediately.

A great deal of what you know about 10.20, 11.00 and 11.11 will still work in 11.31

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Reply
mvpel
Trusted Contributor

‎10-14-2009 02:20 AM

‎10-14-2009 02:20 AM

Re: Setting expiry dates for users (user ids) in hpux.

I prefer putting date information in the lock string, such as *LK20091014* - it makes it easy for scripts, such as those for home directory archiving and removal, to parse.
Reply
Hakki Aydin Ucar
Honored Contributor

‎10-14-2009 02:56 AM

‎10-14-2009 02:56 AM

Re: Setting expiry dates for users (user ids) in hpux.

Senthil,

According to what you are looking for, everyone here suggested solutions, and I want to summarize what I would do if I were you:

First make a script does disable a specific user by password Lock OR userdel facility.

Then, I d put this script in cronjob so I can adjust whenever you want to run disable that user.
Reply
Suraj K Sankari
Honored Contributor

‎10-14-2009 02:59 AM

‎10-14-2009 02:59 AM

Re: Setting expiry dates for users (user ids) in hpux.

Hi,
>>what is the command to disable the user account in hpux

passwd -l will lock the user.

or open your /etc/passwd file in vi or vipw put a "#" hash mark infront of the user.

Suraj
Reply
Dennis Handly
Acclaimed Contributor

‎10-14-2009 04:01 AM

‎10-14-2009 04:01 AM

Re: Setting expiry dates for users (user ids) in hpux.

>vipw put a "#" hash mark in front of the user.

A # isn't a comment char in /etc/passwd. You have just added a # to the user name.
Reply
Suraj K Sankari
Honored Contributor

‎10-14-2009 07:38 PM

‎10-14-2009 07:38 PM

Re: Setting expiry dates for users (user ids) in hpux.

Hi Dennis,
>>A # isn't a comment char in /etc/passwd. You have just added a # to the user name.

If you put a hash mark at the beginig of a line that means that user not able to login see the below example

suraj:*:108:103:Suraj Sankari SA:/home/suraj:/usr/bin/ksh

if i put like this then suraj not able to login into the server

#suraj:*:108:103:Suraj Sankari SA:/home/suraj:/usr/bin/ksh

Suraj
Reply
Dennis Handly
Acclaimed Contributor

‎10-15-2009 12:35 AM

‎10-15-2009 12:35 AM

Re: Setting expiry dates for users (user ids) in hpux.

>Suraj: if I put like this then suraj not able to login into the server
#suraj:*:108:103:Suraj Sankari SA:/home/suraj:/usr/bin/ksh

(You need to remove that "*" to test. Also did you try logging on with #suraj?)

When I added a "#", I could su to it and got this:
ll xxxxxx
-rw-rw-r-- 1 #meyer 0 Oct 15 01:22 xxxxxx
$ su \#meyer
$ id
uid=26751(#meyer)
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.