How to check password expiry in AIX? | Unix Linux Forums | AIX

  Go Back    


AIX AIX is IBM's industry-leading UNIX operating system that meets the demands of applications that businesses rely upon in today's marketplace.

How to check password expiry in AIX?

AIX


Tags
aix, unix

Closed Thread    
 
Thread Tools Search this Thread Display Modes
    #1  
Old 10-30-2008
SanjayPasum SanjayPasum is offline
Registered User
 
Join Date: Sep 2008
Last Activity: 31 October 2008, 2:10 AM EDT
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
How to check password expiry in AIX?

Hi All,

Could anyone please help me with the command or script for checking the password expiry for a particular userid on AIX.

Regards,
Sanjay...
Sponsored Links
    #2  
Old 10-30-2008
shockneck's Avatar
shockneck shockneck is offline Forum Advisor  
No RISC - No Fun
 
Join Date: Mar 2008
Last Activity: 24 January 2011, 4:56 AM EST
Posts: 465
Thanks: 1
Thanked 13 Times in 12 Posts
You need to be root to do this but there is no single command available. From the /etc/security/passwd you get the information when the password for a particular user was set ("lastupdate"). You'd then check the user's attributes to find the intervall for a forced password change. With those two values and the current date you can calculate when the current password will be expired. Thus a script would probably be written around the following commands:


Code:
[server:root] /etc/security > grep -p shockneck passwd
shockneck:
        password = GaKaqDbvE3Q.s
        lastupdate = 1223451491
        flags =

[server:root] /etc/security > perl -le 'print scalar localtime 1223451491'
Wed Oct  8 09:38:11 2008
[server:root] /etc/security >  lsuser -a maxage shockneck
shockneck maxage=13
[server:root] /etc/security >  date
Thu Oct 30 15:26:32 MEZ 2008
[server:root] /etc/security >

Search the script forum to find how to convert a date into seconds from epoch for easy comparison. You might even find several complete scripts there for accomplishing your aim.
Sponsored Links
    #3  
Old 10-30-2008
acascianelli's Avatar
acascianelli acascianelli is offline
Registered User
 
Join Date: Mar 2008
Last Activity: 27 March 2014, 7:48 AM EDT
Location: Macomb, MI
Posts: 48
Thanks: 0
Thanked 0 Times in 0 Posts
lsuser -f [username] | grep expires
    #4  
Old 10-30-2008
bakunin bakunin is offline Forum Staff  
Bughunter Extraordinaire
 
Join Date: May 2005
Last Activity: 28 November 2014, 4:48 AM EST
Location: In the leftmost byte of /dev/kmem
Posts: 4,338
Thanks: 45
Thanked 839 Times in 662 Posts
Quote:
Originally Posted by acascianelli View Post
lsuser -f [username] | grep expires
This tells you when the user account expires, not when the password expires.

bakunin
Sponsored Links
    #5  
Old 10-31-2008
SanjayPasum SanjayPasum is offline
Registered User
 
Join Date: Sep 2008
Last Activity: 31 October 2008, 2:10 AM EDT
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Thanks for replying.

I don't have access to use root. Is there anyway to check the password expiry using the normal user.

In my environments passwords will expire for every 25 days of span. so we are unable to trace it out when the passwords will expire.

I want to use a 'chage'(In Linux) type of command in AIX.

Regards,
Sanjay
Sponsored Links
    #6  
Old 01-04-2009
aixylinux aixylinux is offline
Registered User
 
Join Date: Nov 2008
Last Activity: 4 October 2009, 7:39 PM EDT
Posts: 36
Thanks: 0
Thanked 0 Times in 0 Posts
Use passwdexpired system call

If you can write a C program, you can call the passwdexpired() system call to get this information. See:

Help -

Here's a code fragment that does the trick. Unfortunately, due to employer restrictions, I can't share the whole code with you. I hacked this out of an existing module, so it is illustrative only.

/* typical includes needed by C programs */
#include <string.h>
#include <ctype.h>
#include <sys/types.h>
#include <time.h>
#include <stdio.h>
#include <errno.h>
#include <stdlib.h>
#include <unistd.h>
#include <time.h>

/* this is the include needed for passwdexpired */
#include <usersec.h>

void main( int argc, char* argv[]) {
char* userid=argv[1];

char p[100] = "";
int rc;

rc = putenv( "LANG=C" ); /* force LANG=C */

/* get password date expiration string */
rc = passwdexpired( userid, &p );
if ( rc == 1 || rc == 2 )
{
printf( "%s\nReset the password \n", p);
exit( 2 );
}

/* some other error */
if ( rc != 0 )
{
if ( errno == ENOENT || errno == ESRCH )
{
fprintf( stderr, "User %s is not defined\n", userid );
}
else
{
fprintf( stderr, "passwdexpired() rc=%d, %s\n", rc, strerror(errno) );
}
exit( 1 );
}

printf( "passwdexpired returned message:\n'%s'\n", p );

}

The binary file must be setuid root, else root must run the program.
Sponsored Links
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
Password expiry date check for hp servers dswain Shell Programming and Scripting 3 06-01-2010 06:15 AM
disable password expiry hrist Solaris 3 02-12-2010 05:27 PM
SSH Password-less login fails on password expiry. Renjesh Solaris 2 04-24-2009 01:53 AM
Notification of password expiry. sparcman Solaris 2 04-20-2009 06:37 AM
password expiry big123456 UNIX for Advanced & Expert Users 2 01-14-2006 12:12 PM



All times are GMT -4. The time now is 12:48 PM.