pam_acct_mgmt(3) Library Functions Manual pam_acct_mgmt(3)
NAME
pam_acct_mgmt() - perform PAM account validation procedures
SYNOPSIS
[ flag ... ] file ... [ library ... ]
DESCRIPTION
The function is called to determine if the current user's account is valid. This includes checking for password expiration, account expi-
ration, account locks and access hour restrictions. This function is typically called after the user has been authenticated with See
pam_authenticate(3).
The pamh argument is an authentication handle obtained by a prior call to The following flags may be set in the flags field:
The account management service should not generate any messages
The account management service should return if the user has a null authentication token.
APPLICATION USAGE
Refer to pam(3) for information on thread-safety of PAM interfaces.
RETURN VALUE
Upon successful completion, is returned. In addition to the error return values described in pam(3), the following values may be returned:
User not known to underlying account management module.
Access permission is denied.
New authentication token required. This is normally returned if the machine
security policies require that the password should be changed because the password is NULL or it has aged.
User account has expired.
User account has been disabled (trusted mode only).
Terminal has been disabled (trusted mode only).
User is not authorized for terminal access (trusted mode only).
Wrong time to login (trusted mode only).
WARNINGS
HP-UX 11i Version 3 is the last release to support trusted systems functionality.
SEE ALSO
pam(3), pam_start(3), pam_sm_acct_mgmt(3), pam_authenticate(3).
pam_acct_mgmt(3)