Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Server wide password enforcement rules? 90 day force change.
Top Forums UNIX for Dummies Questions & Answers Server wide password enforcement rules? 90 day force change. Post 302165627 by LordJezo on Friday 8th of February 2008 10:30:04 AM
Old 02-08-2008
Server wide password enforcement rules? 90 day force change.
Using Solaris 9 and 10.

What we want to do is set up global rules for our password files to restrict all users, not only new ones set up with the rules but also the ones that have been sitting on the system for years.

Is there a global way to force all users to change their password every 90 days instead of manually going into the shadow file and adding in the settings manually?
LordJezo
 

8 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Force Password Change...RedHat 7.1

Hello, I just finished adding a bunch of new users to the linux servers I administer. I add users either via command line or via linuxconf, but I can't seem to find out how to force users to change their passwords on their first login to the system. Anyone know how to do that? My HP-UX... (1 Reply)
Discussion started by: vancouver_joe
1 Replies

2. UNIX for Advanced & Expert Users

Force to change to a different password

Hi, I notice in my Sun Solaris 8 sparc worstation, I am able to change my password to same existing password. That is, right now my password is abc, and I change it with "passwd" command and change it abc again. It will accept. How can I make it such that it will not accept same password?... (3 Replies)
Discussion started by: champion
3 Replies

3. Shell Programming and Scripting

To simultaneously update password change in two server at a time

I am new beginner in Unix and little experienced in BaaN ERP. Problem Statement: I have to run a BaaN session. I have to change the password for both primary and secondary server by using this session. On primary server only few people has access permission (say 10). But on secondary server... (0 Replies)
Discussion started by: s_chandrakar
0 Replies

4. Shell Programming and Scripting

system wide password change

Hello, I am new to shell scripting and I was trying to write a script that would force a system wide password change except for admins. I am having some trouble and any help that someone could give me would be greatly appreciated. I am trying to do it by using the UID as the marker for anyone... (6 Replies)
Discussion started by: kilemark
6 Replies

5. Shell Programming and Scripting

force to change password(shell script)

hi How can I force user to change of password by modifying the password expiry and the grace period so that the user has at least 1 week to login and change the password...... (3 Replies)
Discussion started by: tjay83
3 Replies

6. Shell Programming and Scripting

force to change password(by modifying /etc/shadow)

hi by modifying /etc/shadow how can I Force a change of password so that user has at least 1 week to login? I did it by using: echo "enter username to force password change" read user; chage -M 7 $user; How can I do it by modifying /etc/shadow?? (6 Replies)
Discussion started by: tjay83
6 Replies

7. Red Hat

how to force a user to change the password

RHEL 5 update 4. How to force a user to change the password at his next logon. Thanks in advance. (8 Replies)
Discussion started by: uxadmin007
8 Replies

8. AIX

Change password for many users on an AIX server

Hi I want to change password for around 100 users on an aix server. I have the list of those 100 users with me. instead of doing # passwd username for all the 100 users one by one, can you please help with a script through which we can change the password for all the 100 users in a... (2 Replies)
Discussion started by: newtoaixos
2 Replies

LEARN ABOUT SUSE

pam_unix2

pam_unix2(8)							 Reference Manual						      pam_unix2(8)

NAME

       pam_unix2 - Standard PAM module for traditional password authentication

DESCRIPTION

       The  pam_unix2  PAM  module is for traditional password authentication. It uses standard calls from the glibc NSS libraries to retrieve and
       set account information as well as authentication. Usually this is obtained from the the local files /etc/passwd and /etc/shadow or  from a
       NIS map.

       The  options  can be added in the PAM configuration files for every single service.  /etc/default/passwd defines, which password encryption
       algorithm should be used in case of a password change.

OPTIONS

       The following options may be passed to all types of management groups except session:

       debug  A lot of debug informations are printed with syslog(3).

       nullok Normally the account is disabled if no password is set or if the length of the password is  zero.  With  this  option  the  user	is
	      allowed to change the password for such accounts. This option does not overwrite a hardcoded default by the calling process.

       use_first_pass
	      The  default is, that pam_unix2 tries to get the authentication token from a previous module.  If no token is available, the user is
	      asked for the old password.  With this option, pam_unix2 aborts with an error if no authentication token from a previous	module	is
	      available.

       The following additional options may be passed to the passwd rules of this modules:

       nisdir=<path>
	      This options specifies a path to the source files for NIS maps on a NIS master server. If this option is given, the passwords of NIS
	      accounts will not be changed with yppasswd(1), instead the local passwd and shadow files below <path> will be modified. In  conjunc-
	      tion with rpasswdd(8) and pam_make rpc.yppasswdd(8) can be replaced with a more secure solution on the NIS master server.

       use_authtok
	      Set  the	new password to the one provided by the previously stacked password module. If this option is not set, pam_unix2 would ask
	      the user for the new password.

       One of the following options may be passed to the session rules of this modules:

       debug  Some messages (login time, logout time) are logged to syslog with priority LOG_DEBUG.

       trace  Some messages (login time, logout time) are logged to syslog with priority LOG_NOTICE.

       none   No messages are logged. This is the default.

       The acct management does not recognize any additional options. For root, password and login expire are ignored, only on	aging  warning	is
       printed. If no shadow information exists, it always returns success.

FILES

       /etc/default/passwd

SEE ALSO

       login(1), passwd(1), pam.conf(8), pam.d(8), pam_pwcheck(8), pam(8), rpasswd(1), rpasswdd(8), rpc.yppasswdd(8), yppasswd(1)

pam_unix2							    August 2006 						      pam_unix2(8)
All times are GMT -4. The time now is 12:44 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy