Login or Register to Ask a Question and Join Our Community


HP-UX

User account

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems HP-UX User account
# 8  
Old 06-20-2013
Join the club. Smilie

I don't mind them too much when they ask intelligent and probing questions. I worry when they just ask for /etc/passwd and the shadow then nit-pick over saying that they can read the password, e.g. AIX has /etc/security/passwd with a format like:
Code:
root:
      password = Xlen7kw02f234
      lastupdate = 1894726232

Of course, they never actually try to login with the encrypted password to prove it.

I have even fed them a little nugget or two when I've been prevented from doing the right thing because someone didn't plan properly and that gets the profile raised and hopefully the issue fixed.


It's a bit of a game to keep us on our toes and them justifying their job.


Good luck.

Robin
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

User account logging

Hi - I want to log commands typed by oraapps user with time into some log file on runtime. HISTTIMEFORMAT="%d/%m/%y %T " works but any one with oraapps user can delete the history. OS : RHEl 5.6 Any help is appreciated. (5 Replies)
Discussion started by: oraclermanpt
5 Replies

2. AIX

user account priviledges

Hi Admins, As per my knowledge there are two types of user accounts in unix. root and normal users. If there are any user types for which we can give some priviledges..? Actually i want to restrict root access and create new accounts for admins with some of the priviledges. Please let me... (6 Replies)
Discussion started by: newsol
6 Replies

3. Solaris

Help me create new user account

I want create user. That user should be login to any server without asking password. How? tell me in detail. :wall: (3 Replies)
Discussion started by: Navkreddy
3 Replies

4. Shell Programming and Scripting

How to suspend a user account?

Hi, guys. I have two questions: I need to write a script, which can show all the non-suspended users on system, and suspend the selected user account. There are two things I am not sure: 1. How can I suspend user's account? What I think is: add a string to the encrypted password in shadow... (2 Replies)
Discussion started by: daikeyang
2 Replies

5. UNIX for Dummies Questions & Answers

Difference between : Locked User Account & Disabled User Accounts in Linux ?

Thanks AVKlinux (3 Replies)
Discussion started by: avklinux
3 Replies

6. HP-UX

how can distingiush user account

example root::0:3::/:/sbin/sh daemon:*:1:5::/:/sbin/sh bin:*:2:2::/usr/bin:/sbin/sh sys:*:3:3::/: adm:*:4:4::/var/adm:/sbin/sh uucp:*:5:3::/var/spool/uucppublic:/usr/lbin/uucp/uucico lp:*:9:7::/var/spool/lp:/sbin/sh nuucp:*:11:11::/var/spool/uucppublic:/usr/lbin/uucp/uucico... (1 Reply)
Discussion started by: alert0919
1 Replies

7. Post Here to Contact Site Administrators and Moderators

user account

hi how to disable the useraccount in aix (should not remove). (1 Reply)
Discussion started by: chomca
1 Replies

8. UNIX for Dummies Questions & Answers

show all user account

I have a question about show all create user account. What commend do that thank`s for your help :) (6 Replies)
Discussion started by: Deux
6 Replies

9. UNIX for Dummies Questions & Answers

creatin user account

hi all, i m tryin to create a new account on the unix work station. do i use 'useradd' command? can u guyz advice on the usage of 'useradd' command as it can comes with 'useradd -D' or 'useradd -e' thanks :confused: (1 Reply)
Discussion started by: damian
1 Replies
Login or Register to Ask a Question

LEARN ABOUT OSX

pwpolicy

pwpolicy(8)						    BSD System Manager's Manual 					       pwpolicy(8)

NAME

     pwpolicy -- gets and sets password policies

SYNOPSIS

     pwpolicy [-h]
     pwpolicy [-v] [-a authenticator] [-p password] [-u username | -c computername] [-n nodename] command command-arg
     pwpolicy [-v] [-a authenticator] [-p password] [-u username | -c computername] [-n nodename] command "policy1=value1 policy2=value2 ..."

DESCRIPTION

     pwpolicy manipulates password policies.

   Options
     -a    name of the authenticator

     -c    name of the computer account to modify

     -p    password (omit this option for a secure prompt)

     -u    name of the user account to modify

     -n    use a specific directory node; the search node is used by default.

     -v    verbose

     -h    help

   Commands
     -getglobalpolicy		  Get global policies
     -setglobalpolicy		  Set global policies
     -getpolicy 		  Get policies for a user
     --get-effective-policy	  Gets the combination of global and user policies that apply to the user.
     -setpolicy 		  Set policies for a user
     -setpolicyglobal		  Set a user account to use global policies
     -setpassword		  Set a new password for a user. Non-administrators can use this command to change their own passwords.
     -enableuser		  Enable a user account that was disabled by a password policy event.
     -disableuser		  Disable a user account.
     -getglobalhashtypes	  Returns the default list of password hashes stored on disk for this system.
     -setglobalhashtypes	  Edits the default list of password hashes stored on disk for this system.
     -gethashtypes		  Returns a list of password hashes stored on disk for a user account.
     -sethashtypes		  Edits the list of password hashes stored on disk for a user account.
     -0 through -7		  Shortcuts for the above commands (in order).

   Global Policies
     usingHistory		       0 = user can reuse the current password, 1 = user cannot reuse the current password, 2-15 = user cannot re-
				       use the last n passwords.
     usingExpirationDate	       If 1, user is required to change password on the date in expirationDateGMT
     usingHardExpirationDate	       If 1, user's account is disabled on the date in hardExpireDateGMT
     requiresAlpha		       If 1, user's password is required to have a character in [A-Z][a-z].
     requiresNumeric		       If 1, user's password is required to have a character in [0-9].
     expirationDateGMT		       Date for the password to expire, format must be: mm/dd/yy
     hardExpireDateGMT		       Date for the user's account to be disabled, format must be: mm/dd/yy
     validAfter 		       Date for the user's account to be enabled, format must be: mm/dd/yy
     maxMinutesUntilChangePassword     user is required to change the password at this interval
     maxMinutesUntilDisabled	       user's account is disabled after this interval
     maxMinutesOfNonUse 	       user's account is disabled if it is not accessed by this interval
     maxFailedLoginAttempts	       user's account is disabled if the failed login count exceeds this number
     minChars			       passwords must contain at least minChars
     maxChars			       passwords are limited to maxChars

   Additional User Policies
     isDisabled 		  If 1, user account is not allowed to authenticate, ever.
     isAdminUser		  If 1, this user can administer accounts on the password server.
     newPasswordRequired	  If 1, the user will be prompted for a new password at the next authentication. Applications that do not support
				  change password will not authenticate.
     canModifyPasswordforSelf	  If 1, the user can change the password.

   Stored Hash Types
     CRAM-MD5		   Required for IMAP.
     RECOVERABLE	   Required for APOP and WebDAV. Only available on Mac OS X Server edition.
     SALTED-SHA512-PBKDF2  The default for loginwindow.
     SALTED-SHA512	   Legacy hash for loginwindow.
     SMB-NT		   Required for compatibility with Windows NT/XP file sharing.
     SALTED-SHA1	   Legacy hash for loginwindow.
     SHA1		   Legacy hash for loginwindow.

EXAMPLES

     To get global policies:

	   pwpolicy -getglobalpolicy

     To set global policies:

	   pwpolicy -a authenticator -setglobalpolicy "minChars=4 maxFailedLoginAttempts=3"

     To get policies for a specific user account:

	   pwpolicy -u user -getpolicy
	   pwpolicy -u user -n /NetInfo/DefaultLocalNode -getpolicy

     To set policies for a specific user account:

	   pwpolicy -a authenticator -u user -setpolicy "minChars=4 maxFailedLoginAttempts=3"

     To change the password for a user:

	   pwpolicy -a authenticator -u user -setpassword newpassword

     To set the list of hash types for local accounts:

	   pwpolicy -a authenticator -setglobalhashtypes SMB-LAN-MANAGER off SMB-NT on

SEE ALSO

     PasswordService(8)

Mac OS X Server 						 13 November 2002						   Mac OS X Server