02-06-2009
I don't think these terms have official meanings in UNIX. One can disable an account in several ways: (1) replace the password field with "x", (2) set to 0 the day in /etc/shadow that indicates the password has expired, (3) replace the user's shell with /bin/false or a custom program which does not allow the user to do anything useful and is not in /etc/shells (4) remove the passwd (or shadow or both) entry for that user.
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
I've had Linux when I was young, on one of our first computers and learned it pretty quickly... However, I've been working on Windows for about 7 years now and just made the switch back to Linux, Mandrake 9.1. So I have some problem with creating new user accounts. I could create one, but once I... (3 Replies)
Discussion started by: Arendo
3 Replies
2. Linux
Hi all,
I've been using linux/unix now only for a couple of months and was doing ok until about 30 minutes ago...
I needed to reboot into my windows 2000 partition, so, in a terminal I typed:
shutdown -r now
which duly rebooted the PC for me. On getting to the OS selection screen I... (5 Replies)
Discussion started by: alarmcall
5 Replies
3. Solaris
Hi all,
i have to need one script:
1. it will capture the unused user accounts in /export/home directory.
2. it will capture the locked user accounts in /export/home directory.
Note: locked accounts will show in /etc/passwd like /bin/false --> (instead of ksh it will show false)
the... (1 Reply)
Discussion started by: krishna176
1 Replies
4. UNIX for Dummies Questions & Answers
hello ppl, someone must be able to help with this --> I have an old NCR tower 32 with an ADDS terminal running a unix version 020102 (Im not sure if thats correct but its unix for sure). I have no user names and no passwords and need to login to read a tape. Is there any way to do that? I hear... (3 Replies)
Discussion started by: orestis
3 Replies
5. Solaris
Hi all
In my system we have implemented user lockout feature after 3 failure attempt if he tries to login directly or if he run the any command through sudo and enter wrong password thrice. Now I have requirement in which particular user account shouldn't be locked when he run the command... (1 Reply)
Discussion started by: sb200
1 Replies
6. Shell Programming and Scripting
Hi, I'm new to the world of UNIX and have been asked to create a complex script (at least complex to me:confused:) for AIX UNIX to create a report of all the users on the server including server, user, UID, groups, GID, etc.
Found a script using lsuser, but the output is still lacking. 2 things I... (2 Replies)
Discussion started by: panthur
2 Replies
7. Shell Programming and Scripting
Hello Experts,
Need some direction on creating shell script for following environment:
We have about 20 people in the team working as Oracle DBA's (sysdba's and appdba's). Total Servers which is a mix of Unix and Linux are 200. We do not have Root user access on any of the servers and... (3 Replies)
Discussion started by: sha2402
3 Replies
8. Shell Programming and Scripting
// AIX 6.1
In need of finding which AIX user accounts will be expired and are
locked.
I have placed the following parameters under /etc/security/user... (1 Reply)
Discussion started by: Daniel Gate
1 Replies
9. Solaris
I am facing strange problem where after three failed login attempt user password must be locked. Actually what is happening, when I take the putty session of the server & enter user name on the prompt at the login prompt & then press enter to enter the password at this time when I checked the... (10 Replies)
Discussion started by: sb200
10 Replies
10. UNIX for Advanced & Expert Users
Hello,
i configured rhel linux 6 with AD directory to authorize windows users to connect on the system and it works.
i have accounts with high privileges (oracle for example) if an account is created on the AD server i would to block him.
I looked for how to do, for the moment all the... (3 Replies)
Discussion started by: vincenzo
3 Replies
LEARN ABOUT REDHAT
shadow
SHADOW(5) File Formats Manual SHADOW(5)
NAME
shadow - encrypted password file
DESCRIPTION
shadow contains the encrypted password information for user's accounts and optional the password aging information. Included is
Login name
Encrypted password
Days since Jan 1, 1970 that password was last changed
Days before password may be changed
Days after which password must be changed
Days before password is to expire that user is warned
Days after password expires that account is disabled
Days since Jan 1, 1970 that account is disabled
A reserved field
The password field must be filled. The encryped password consists of 13 to 24 characters from the 64 character alphabet a thru z, A thru
Z, 0 thru 9, . and /. Refer to crypt(3) for details on how this string is interpreted.
The date of the last password change is given as the number of days since Jan 1, 1970. The password may not be changed again until the
proper number of days have passed, and must be changed after the maximum number of days. If the minimum number of days required is greater
than the maximum number of day allowed, this password may not be changed by the user.
An account is considered to be inactive and is disabled if the password is not changed within the specified number of days after the pass-
word expires. An account will also be disabled on the specified day regardless of other password expiration information.
This information supercedes any password or password age information present in /etc/passwd.
This file must not be readable by regular users if password security is to be maintained.
FILES
/etc/passwd - user account information
/etc/shadow - encrypted user passwords
SEE ALSO
chage(1), login(1), passwd(1), su(1), passwd(5), pwconv(8), pwunconv(8), sulogin(8)
AUTHOR
Julianne Frances Haugh (jockgrrl@ix.netcom.com)
SHADOW(5)