Sponsored Content
Operating Systems AIX Change password to blank password Post 302772457 by MichaelFelt on Monday 25th of February 2013 05:19:56 PM
Old 02-25-2013
If the login is failing because you need a passwordless login by a script, and the script is failing - it is probably because the ADMCHG flag is still set.

Note: passwordless is not recommended. Use the following at your own (companies) risk!

Code:
michael@x054:[/]pwdadm test0001
Changing password for "test0001"
test0001's New password: 

3004-602 The required password characteristics are:
        a maximum of 8 repeated characters.
        a minimum of 4 characters not found in old password.
        a minimum of 2 alphabetic characters.
        a minimum of 2 non-alphabetic characters.
        a minimum of 8 characters in length.


3004-603 Your password must have:
        a minimum of 4 characters not found in old password.
        a minimum of 2 non-alphabetic characters.
        a minimum of 8 characters in length.
test0001's New password: 
Enter the new password again:
michael@x054:[/]pwdadm -q test0001
test0001: 
        lastupdate = 1361830098
        flags = ADMCHG


michael@x054:[/]grep -p test0001 /etc/security/passwd 
test0001:
        password = {ssha512}06$ssCPpi0nCu7juMBJ$JyZKPfkmLl0Y.7bgLbVQIw1V.flPaptjEiUXWVpbBPC6Khj9kcprkae4Xd9FYqItjaEPY7kA7lULiVeHS4zl..
        lastupdate = 1361830098
        flags = ADMCHG

michael@x054:[/]
michael@x054:[/]pwdadm -f NOCHECK test0001
michael@x054:[/]pwdadm -q test0001
test0001: 
        lastupdate = 1361830098
        flags = NOCHECK

michael@x054:[/]grep -p test0001 /etc/security/passwd
test0001:
        password = {ssha512}06$ssCPpi0nCu7juMBJ$JyZKPfkmLl0Y.7bgLbVQIw1V.flPaptjEiUXWVpbBPC6Khj9kcprkae4Xd9FYqItjaEPY7kA7lULiVeHS4zl..
        lastupdate = 1361830098
        flags = NOCHECK

michael@x054:[/]pwdadm test0001
Changing password for "test0001"
test0001's New password: 
Setting "test0001's" password to NULL.
michael@x054:[/]grep -p test0001 /etc/security/passwd
test0001:
        password =                                                                                                                    
        lastupdate = 1361830487
        flags = NOCHECK,ADMCHG

michael@x054:[/]pwdadm -f NOCHECK test0001           
michael@x054:[/]grep -p test0001 /etc/security/passwd
test0001:
        password =                                                                                                                    
        lastupdate = 1361830487
        flags = NOCHECK       
michael@x054:[/]

In short, you need pwdadm -f NOCHECK username to disable password checks to be sure you can enter a NULL password, and you will need to enter it again so that the ADMCHG (admin change) flag is cleared after you set the NULL password.

Note: You need to be root to perform the grep -p username /etc/security/passwd command
This User Gave Thanks to MichaelFelt For This Post:
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Change password by pushing encrypted password to systems

I'm tasked to change a user's password on multiple Linux systems (RH v3). I though copying the encrypted password from one Linux /etc/shadow file to another would work but I was wrong. The long term solution is to establish an openLDAP Directory service, but for now I'm stuck with a manual... (1 Reply)
Discussion started by: benq70
1 Replies

2. AIX

change password in one go

Hi all, I need to change the password of any user in one go. For example in Linux we have two options :- (echo "username:password") | chpasswd or echo $PASS | passwd $USER --stdin This changes the password without prompting. Actually, I need to make a script which adds a user and... (1 Reply)
Discussion started by: vikas027
1 Replies

3. Shell Programming and Scripting

change password in one go

Hi all, I need to change the password of any user in one go. For example in Linux we have two options :- (echo "username:password") | chpasswd or echo $PASS | passwd $USER --stdin This changes the password without prompting. Actually, I need to make a script which adds a user and... (5 Replies)
Discussion started by: vikas027
5 Replies

4. Linux

max password is blank

Hi All, I have this userid: # cat /etc/shadow | grep mysql mysql:$1$O12345678901234/.:123456:0::14::: Max password expiration is blank. What does it mean? If it's like this below mysql:$1$O12345678901234/.:123456:0:99999:14::: then there's no expiration. Thanks in advance for... (1 Reply)
Discussion started by: itik
1 Replies

5. Shell Programming and Scripting

how to change root password using shell script with standard password

Hi Friends. I am new to scripting now i want to change the root password using the script with standard password. which is the easy scripting to learn for the beginner, Thanks in advance. (2 Replies)
Discussion started by: kurva
2 Replies

6. Solaris

Solaris 8 - Asks for current root password when trying to change root password.

Hello All, I have several solaris boxes running Solaris 8. When changing root passwords on them, all will simply ask for the new root password to change and of course to re-type the new password. One of the systems however asks for the existing root password before it will display the new password... (8 Replies)
Discussion started by: tferrazz
8 Replies

7. Solaris

Blank Password (Solaris 10)

Hello, I have a doubt about the accounts. With a "grep" to file "shadow" get the accounts have no password: The output is: However, if I do a "su <bin, sys, etc>" request password. What is the true state of accounts? The file "shadow" are as follows: I... (4 Replies)
Discussion started by: musul
4 Replies

8. UNIX for Dummies Questions & Answers

Help with Password Change

When I am trying to change the password of my account. I could see the following error: passwd: Changing password for ramu Enter existing login password: passwd: Sorry: less than 14 days since the last change. Permission denied Is anybody out there who can help me in changing my password? (4 Replies)
Discussion started by: bobby1015
4 Replies

9. Red Hat

Change of password

Hi, I need the user to change the password giving the old password and the giving the new password... Is this can be done via the chage command. (1 Reply)
Discussion started by: gsiva
1 Replies

10. Forum Support Area for Unregistered Users & Account Problems

Password sent via reset password email is 'weak' and won't allow me to change my password

I was unable to login and so used the "Forgotten Password' process. I was sent a NEWLY-PROVIDED password and a link through which my password could be changed. The NEWLY-PROVIDED password allowed me to login. Following the provided link I attempted to update my password to one of my own... (1 Reply)
Discussion started by: Rich Marton
1 Replies
SHADOW(5)							File Formats Manual							 SHADOW(5)

NAME
shadow - encrypted password file DESCRIPTION
shadow contains the encrypted password information for user's accounts and optional the password aging information. Included is Login name Encrypted password Days since Jan 1, 1970 that password was last changed Days before password may be changed Days after which password must be changed Days before password is to expire that user is warned Days after password expires that account is disabled Days since Jan 1, 1970 that account is disabled A reserved field The password field must be filled. The encryped password consists of 13 to 24 characters from the 64 character alphabet a thru z, A thru Z, 0 thru 9, . and /. Refer to crypt(3) for details on how this string is interpreted. The date of the last password change is given as the number of days since Jan 1, 1970. The password may not be changed again until the proper number of days have passed, and must be changed after the maximum number of days. If the minimum number of days required is greater than the maximum number of day allowed, this password may not be changed by the user. An account is considered to be inactive and is disabled if the password is not changed within the specified number of days after the pass- word expires. An account will also be disabled on the specified day regardless of other password expiration information. This information supercedes any password or password age information present in /etc/passwd. This file must not be readable by regular users if password security is to be maintained. FILES
/etc/passwd - user account information /etc/shadow - encrypted user passwords SEE ALSO
chage(1), login(1), passwd(1), su(1), passwd(5), pwconv(8), pwunconv(8), sulogin(8) AUTHOR
Julianne Frances Haugh (jockgrrl@ix.netcom.com) SHADOW(5)
All times are GMT -4. The time now is 06:38 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy