07-18-2007
Resetting user's passwords
Hi all,
I'm developing a script to handle the various actions involved with user admin as root:
Reset password
create a new users
change a users email address, etc
We're in the process of changing over from "telnet" to "SSH" to establish terminal sessions on our Solaris 9/10 servers.
The catch 22 situation I'm finding myself in is this:
Currently (telnet sessions) we reset passwords for users with "passwd -df user-id" command, and that forces the user to enter a new password at the next sign-on.
With SSH on the terminal emulator we're using, the user is prompted for a password BEFORE the session is established to the server. That means that the SSH session authenticates against the old password to the server, and only once a session has been established successfully, is the user prompted for his new password.
Part of the script being developed is to have a crude password generator that generates a password, reset the user-id with that password with a 1 day expiry period, and then forward the password to the user by email. This enables the user to enter a password for SSH to authenticate a session prior to prompting for password change.
Now my gazillion $ question: How do I do this without having to enter a password for the user? (Like "passwd user-id" and then enter a temporary password for that user-id.)
The problem is that by the time a call is logged to us, the user has NO idea of what his password was.
Thanks
8 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
hi, to do a su - user, we need to know what are the users...
so in unix
1) which file to see the list of users, passwords? (2 Replies)
Discussion started by: yls177
2 Replies
2. UNIX for Dummies Questions & Answers
hello ppl, someone must be able to help with this --> I have an old NCR tower 32 with an ADDS terminal running a unix version 020102 (Im not sure if thats correct but its unix for sure). I have no user names and no passwords and need to login to read a tape. Is there any way to do that? I hear... (3 Replies)
Discussion started by: orestis
3 Replies
3. Shell Programming and Scripting
I am trying to write a script to change passwords for the same user on multiple servers.
My environment runs purely ssh / scp not rsh / rcp and therefore coping using rcp is not an option.
I have been playing with expect to perform tasks but think there must be a better way.
Has anyone got... (7 Replies)
Discussion started by: stolz
7 Replies
4. Solaris
Hi,
Apologies for my first post being a question. Long time reader, first time registered.
I'm trying to create a new user in Solaris who can reset passwords of other users. It will be held by IT, and I'm not too bothered about it having similar priveledges to root as i'm just using it so i... (3 Replies)
Discussion started by: MrGrim
3 Replies
5. UNIX for Dummies Questions & Answers
Hi,
I want to change the password of unix users on a number of servers.My plan was to ssh to all the servers in a shell script and use the passwd command. I tried to do so but everytime i run it i get this error.
ssh -x -n -l user1 host passwd
Changing password for "user1"
3004-709 Error... (3 Replies)
Discussion started by: poojabhat
3 Replies
6. UNIX for Advanced & Expert Users
I've been using various versions of UNIX and Linux since 1993, and I've never run across one that showed your password as you type it in when you log in, or one that stored passwords in plain text rather than encrypted. I'm writing a script for work for a security audit, and two of the... (5 Replies)
Discussion started by: Anne Neville
5 Replies
7. UNIX for Dummies Questions & Answers
Hi,
I'm new to this site, so my apologies if this is posted to the wrong board.
I'm the student administrator of a small computer science lab (20 Win 7 PCs) at a university. The logins to the PCs are handled by samba (v. 3.5.8) on a CentOS server (kernel v. 2.6.9-100.ELsmp). Recently I ... (1 Reply)
Discussion started by: kerona
1 Replies
8. Shell Programming and Scripting
Hello Experts,
Need some direction on creating shell script for following environment:
We have about 20 people in the team working as Oracle DBA's (sysdba's and appdba's). Total Servers which is a mix of Unix and Linux are 200. We do not have Root user access on any of the servers and... (3 Replies)
Discussion started by: sha2402
3 Replies
LEARN ABOUT DEBIAN
rt-email-group-admin-4
rt-email-group-admin(8) Request Tracker Reference rt-email-group-admin(8)
NAME
rt-email-group-admin - Command line tool for administrating NotifyGroup actions
SYNOPSIS
rt-email-group-admin --list
rt-email-group-admin --create 'Notify foo team' --group Foo
rt-email-group-admin --create 'Notify foo team as comment' --comment --group Foo
rt-email-group-admin --create 'Notify group Foo and Bar' --group Foo --group Bar
rt-email-group-admin --create 'Notify user foo@bar.com' --user foo@bar.com
rt-email-group-admin --create 'Notify VIPs' --user vip1@bar.com
rt-email-group-admin --add 'Notify VIPs' --user vip2@bar.com --group vip1 --user vip3@foo.com
rt-email-group-admin --rename 'Notify VIPs' --newname 'Inform VIPs'
rt-email-group-admin --switch 'Notify VIPs'
rt-email-group-admin --delete 'Notify user foo@bar.com'
DESCRIPTION
This script list, create, modify or delete scrip actions in the RT DB. Once you've created an action you can use it in a scrip.
For example you can create the following action using this script:
rt-email-group-admin --create 'Notify developers' --group 'Development Team'
Then you can add the followoing scrip to your Bugs queue:
Condition: On Create
Action: Notify developers
Template: Transaction
Stage: TransactionCreate
Your development team will be notified on every new ticket in the queue.
USAGE
rt-email-group-admin --COMMAND ARGS
COMMANDS
list
Lists actions and its descriptions.
create NAME [--comment] [--group GNAME] [--user UNAME]
Creates new action with NAME and adds users and/or groups to its recipient list. Would be notify as comment if --comment specified.
add NAME [--group GNAME] [--user UNAME]
Adds groups and/or users to recipients of the action NAME.
delete NAME
Deletes action NAME if scrips doesn't use it.
switch NAME
Switch action NAME from notify as correspondence to comment and back.
rename NAME --newname NEWNAME
Renames action NAME to NEWNAME.
NOTES
If command has option --group or --user then you can use it more then once, if other is not specified.
AUTHOR
Ruslan U. Zakirov <ruz@bestpractical.com>
SEE ALSO
RT::Action::NotifyGroup, RT::Action::NotifyGroupAsComment
perl v5.14.2 2013-05-22 rt-email-group-admin(8)