Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: global password settings
Operating Systems AIX global password settings Post 302140836 by bakunin on Tuesday 16th of October 2007 10:04:13 AM
Old 10-16-2007
Quote:
Originally Posted by zuessh
Any suggestions on the best way to accomplish this?
I'm not quite sure, what you want to do, but i suppose, you want to enforce certain rules for passwords. This is done individually by using the "chuser" command, where some restrictions can be forced onto individual users:

chuser <...some clauses> username

clauses could be:

minlen=<int> => minimum length of password in characters
minalpha=<int> => minimum number of alphanumeric characters in pw
minother=<int> => minimum number of other (non-alpha) chars in pw
maxrepeats=<int> => maximum number of consecutive identical chars
mindiff=<int> => minimum of different characters

and so on... There are also possible restrictions on how many passwords mut be used before a pw could be reused, a maximum age for passwords and the like. Issue "man chuser" for a detailed explanation of which clauses there are and what they do.

All these password-related clauses modify a file named /etc/security/user, where these changes are stored. You can edit this file with any ASCII-editor (its a stanza file) and change the "default"-stanza to modify the systemwide restrictions instead of modifying it for each user separately. Individual user settings override these settings.

Example:

chuser minlen=8 minother=1 john

will change the properties of the user john so that john will have to use passwords at least 8 characters long and with at least 1 non-alpha character in it. "abcd!efg" would be such a password, "abcde123" would not.

bakunin
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Password Settings

Is there an easy way to spit out a screen with all the password setting parameters set out? For example: MINWEEKS=1 MAXWEEKS=8 etc. I'm looking for a way to have all the settings consolidated on a report for inclusion in policy documents. (4 Replies)
Discussion started by: Hoju
4 Replies

2. UNIX Desktop Questions & Answers

list the password settings for all the users

Hi!! How can I list the password settings for all the users?? Best regards (3 Replies)
Discussion started by: irasela
3 Replies

3. UNIX for Advanced & Expert Users

Password settings

Good afternoon/afternoon/evening, I have a solaris 8 machine that if I lock the machine and return I can just press enter and it will log back in, this happens with all users on just this machine. Is there a config file or command to put the password in place? regards will (4 Replies)
Discussion started by: Mr Pink
4 Replies

4. UNIX for Dummies Questions & Answers

I.T. auditor needs help with UNIX password settings

Hi, I'm an I.T. auditor and have to validate the password rules/settings (complexity rules, minimum password length, special characters, etc.)within UNIX for a client. In MS AD, i simply ask for a screen shot of the password settings. How can i do this in UNIX? help much appreciated. Also, how can... (1 Reply)
Discussion started by: gosmartyjones
1 Replies

5. Solaris

How can we copy a directory from Global to Non-global zone?

Hi All, How can we copy a directory from global zone to non-global zone using SCP command? (8 Replies)
Discussion started by: vijaysachin
8 Replies

6. Solaris

Is there two different kernel`s running in global and non global zone?

Hi All, I want to know for non global zone there will be different kernal running? (1 Reply)
Discussion started by: vijaysachin
1 Replies

7. Solaris

How to access ENV variables of non global zones in global zone???

Hi Guys, My requirement is I have file called /opt/orahome/.profile in non global zone. PATH=/usr/bin:/usr/ucb:/etc:/usr/sbin:/usr/local/bin:/usr/openwin/bin:. export PATH PS1="\${ORACLE_SID}:`hostname`:\$PWD$ " export PS1 EDITOR=vi export EDITOR ENV=/opt/orahome/.kshrc export ENV... (1 Reply)
Discussion started by: vijaysachin
1 Replies

8. AIX

default settings of security password in AIX

Hi Guy's Just I want to know the default settings of security password in AIX there is some changes happened in my machine when I try to change my password I'm getting this message Changing password for "root" root's New password: a minimum of 1 elapsed week between changes.... (1 Reply)
Discussion started by: Mr.AIX
1 Replies

9. Solaris

Global and non-global zone resource sharing - tricky

hi all, Just a simple question but i cant get the answers in the book - In my globalzone , assuming i have 4 cpus (psrinfo -pv = 0-3), if i set dedicated-cpu (ncpus=2) for my local zone Is my globalzone left with 2 cpus or still 4 cpus ? Does localzone "resource reservation.e.g. cpu in... (6 Replies)
Discussion started by: javanoob
6 Replies

10. Solaris

Date and time change in global and non global zone

Hi, If I change date and time in global zone, then it will affect in non global zones. During this process what files will get affect in non global zones and which mechanism it's using to change. gloabl zone:Solaris 11.3 X86 TIA (1 Reply)
Discussion started by: Sumanthsv
1 Replies

LEARN ABOUT DEBIAN

expect_mkpasswd

MKPASSWD(1)						      General Commands Manual						       MKPASSWD(1)

NAME

       mkpasswd - generate new password, optionally apply it to a user

SYNOPSIS

       mkpasswd [ args ] [ user ]

INTRODUCTION

       mkpasswd generates passwords and can apply them automatically to users.	mkpasswd is based on the code from Chapter 23 of the O'Reilly book
       "Exploring Expect".

USAGE

       With no arguments, mkpasswd returns a new password.

	    mkpasswd

       With a user name, mkpasswd assigns a new password to the user.

	    mkpasswd don

       The passwords are randomly generated according to the flags below.

FLAGS

       The -l flag defines the length of the password.	The default is 9.  The following example creates a 20 character password.

	    mkpasswd -l 20

       The -d flag defines the minimum number of digits that must be in the password.  The default is 2.  The following example creates a password
       with at least 3 digits.

	    mkpasswd -d 3

       The -c flag defines the minimum number of lowercase alphabetic characters that must be in the password.	The default is 2.

       The -C flag defines the minimum number of uppercase alphabetic characters that must be in the password.	The default is 2.

       The -s flag defines the minimum number of special characters that must be in the password.  The default is 1.

       The -p flag names a program to set the password.  By default, /etc/yppasswd is used if present, otherwise /bin/passwd is used.

       The  -2 flag causes characters to be chosen so that they alternate between right and left hands (qwerty-style), making it harder for anyone
       watching passwords being entered.  This can also make it easier for a password-guessing program.

       The -v flag causes the password-setting interaction to be visible.  By default, it is suppressed.

EXAMPLE

       The following example creates a 15-character password that contains at least 3 digits and 5 uppercase characters.

	    mkpasswd -l 15 -d 3 -C 5

SEE ALSO

       "Exploring Expect: A Tcl-Based Toolkit for Automating Interactive Programs" by Don Libes, O'Reilly and Associates, January 1995.

AUTHOR

       Don Libes, National Institute of Standards and Technology

       mkpasswd is in the public domain.  NIST and I would appreciate credit if this program or parts of it are used.

								  22 August 1994						       MKPASSWD(1)
All times are GMT -4. The time now is 02:49 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy