- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Will passwords all expire when 11i system convert...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-21-2005 03:31 AM
11-21-2005 03:31 AM
Thanks,
Nick
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-21-2005 03:39 AM
11-21-2005 03:39 AM
Re: Will passwords all expire when 11i system converted
NOTE: You may have problems with passwords over eight characters after conversion.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-21-2005 03:42 AM
11-21-2005 03:42 AM
Re: Will passwords all expire when 11i system converted
Trusted system - do not expire passwds
/etc/tsconvert;/usr/lbin/modprpw -V
From the man pages for modprpw (man modprpw)
-V This option is specified WITHOUT a user name to "validate/refresh" all user's passwords. It goes through the protected password database and sets the successful change time to the current time for all users. The result is that all user's password aging restarts at the current time.
-v This option is specified with a user name to "validate/refresh" the specified user's password. It sets the successful change time to the current time.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-21-2005 03:48 AM
11-21-2005 03:48 AM
Re: Will passwords all expire when 11i system converted
I never saw any passwords expire when I converted systems to trusted.
A lot of user id's that were not updated in a while or used expired, but that is supposed to happen.
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-21-2005 06:34 AM
11-21-2005 06:34 AM
Re: Will passwords all expire when 11i system converted
Just keep the "modprpw -V" command mentioned above in your back pocket, so you can "refresh" all passwords if needed.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-21-2005 06:46 AM
11-21-2005 06:46 AM
Re: Will passwords all expire when 11i system converted
One more clarification required and please pardon me if it is reptitious as I seem to be coming down with a massive head cold.
When I convert it to a trusted system, there will be an option at the end of the conversion process where Rick mentions that I can run the
/etc/tsconvert;/usr/lbin/modprpw -V
which goes thru the passwords and resets their password expiry date using today.
Otherwise, it will simply continue to use the settings that existed in /etc/passwd to force the user to change their passwords every 60 days (the way I have it set).
Did I miss it?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-24-2005 05:30 AM
11-24-2005 05:30 AM
Re: Will passwords all expire when 11i system converted
I wanted to thank you for your help.
If you reply to this message, I will assign closing points.
Cheers and happy holidays
Nickd
(I am a canuck so no holiday for us;-) )
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-24-2005 05:47 AM
11-24-2005 05:47 AM
Re: Will passwords all expire when 11i system converted
Nick it is always better u convert the system in to trusted Mode, but few points I want you to give attention!!!
1.Maximum try to use SAM to manage the trusted system policies, as u are new to trusted systems
2.In General User Account Policies... of the trusted system, there is an option to enable "Require Login Upon Boot to Single-User State", ensure that you don't keep this tab "checked". Why this is because, incase if u loose the root password, You can very well boot the system in single user mode and change the password.
3. I would prefer, don't include root user in any of the security policies, disable the auditing for root user. Then block the direct root login and use su - or sudo su - for the root access.
4. It would have been better, if u had taken backup of /etc/passwd and /etc/group files. Hope u have done that.
Have a Nice time with the Most Secured System.
Regards,
Sunil
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-24-2005 05:55 AM
11-24-2005 05:55 AM
Re: Will passwords all expire when 11i system converted
The only problem is that I did not backup the passwd and group files, but too late now.
Everything appears to be working just fine with our processes even the automated one.
Thanks
Nickd
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-24-2005 12:02 PM
11-24-2005 12:02 PM
SolutionBill Hassell, sysadmin