Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: root passwd expiration on AIX
Operating Systems AIX root passwd expiration on AIX Post 302330009 by shockneck on Tuesday 30th of June 2009 03:03:31 AM
Old 06-30-2009
Quote:
Originally Posted by kwliew999
[...]by running the command pwdadm -c user, the ADMCHG flags will be removed from /etc/security/passwd file. But in the first place, why it doesn't remove the flags after root id has changed the password? Why we need to run this command of pwdadm -c to remove the flag ADMCHG manually?[...]
This is less a question of whether it would be technically possible but more a question of privacy. Depending on where you where brought up this might not be so obvious but where I live users prefer root not knowing their personal passwords. So while root can get around this little hurdle by removing the ADMCHG flag it is not the default. It has to be done intentionally which makes a difference from the legal perspective.

The ADMCHG flag is set if root changes another user's password. If that user changes his/her password (at first login) the ADMCHG flag is removed and the password is valid until it expires for some defined reason.
If you don't want a password to expire after a defined time set the maxage parameter to "0" in the user's settings. However, keeping a password forever is considered a security risk in certain environments.
From a mere technical point of view you could write a script to change password and run pwdadm in one step though.
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Preventing passwd root?

I knew it would happen sooner or later.... We have a requirement that specific individuals need "sudo root" authority. I knew it only a matter of time before someone decided to change the root password (at least they owned up to it). Now the question is how can I grant all rights except... (4 Replies)
Discussion started by: scottsl
4 Replies

2. UNIX for Dummies Questions & Answers

Dont have the root passwd for Solaris 8

Hello chiefs :) I have a SUN Enterprise 250, running Solaris 8.5 - I have managed to be able to connect a dumb terminal to the box via a standard straight-through rj45 cable, to my ibm laptop. OK so Putty can connect to the box via ssh - nice! But I dont have the password for root - or any... (1 Reply)
Discussion started by: congo
1 Replies

3. UNIX for Dummies Questions & Answers

Need to change root passwd

I booted up Sun V240 server with boot cdrom -s using the Sun Operating System CD. I now am at the # prompt and su - root . The system will not allow me to set password for root. Get following error: # passwd New Password: xxxxxxxx Re-enter new Password: xxxxxxxx passwd: Unexpected failure. ... (4 Replies)
Discussion started by: mayewil
4 Replies

4. Solaris

Recover root passwd

Any body pls let me know the procedure to recover ROOT password in Sun Netra 20 Server..I forgot the password. (5 Replies)
Discussion started by: gini
5 Replies

5. Solaris

How to set new Root Passwd

I forget the Root Passwd of my Sun Netra 20 server and break the same by editing /etc/shadow.Now there is no passwd for Root. And How to set new root passwd?Pls help.... (2 Replies)
Discussion started by: gini
2 Replies

6. UNIX for Dummies Questions & Answers

hw to reterive root passwd

heyy i forgot my root passwd but i cant reinstall due to some reason can anyone tell me hw to reterive root passwd (10 Replies)
Discussion started by: mightypp.nits
10 Replies

7. UNIX for Dummies Questions & Answers

How to edit the /etc/passwd file not using root?

Hi All, Today I faced a problem trying to log in as root. The output error is cannot execute sh: No such file.... I doubted there is something wrong with shell interpreter which resides in /etc/passwd file for every user who logs in. I checked and the line for root account was... (4 Replies)
Discussion started by: elthox
4 Replies

8. Red Hat

forgot root passwd

hi i have a RHEL 4 and have forgot root passwd tried to boot in by singel user and then changing the passwd but it's not letting me do that ......throwing some weird error as .......manipulation i also tried to make a new user from CLI but even though it's not letting me in from that user as... (12 Replies)
Discussion started by: techbravo
12 Replies

9. Red Hat

Root shell in /etc/passwd is corrupted

I accidentally changed root shell from /bin/bash to bash in /etc/password, then logged out from root. Now I can't login as root and got "No shell" error, although I have root password. "su -f -s /bin/bash" command does NOT work. There is no GUI interface for this system. My question: Do I have... (7 Replies)
Discussion started by: aixlover
7 Replies

10. AIX

When did AIX start using /etc/security/passwd instead of /etc/passwd to store encrypted passwords?

Does anyone know when AIX started using /etc/security/passwd instead of /etc/passwd to store encrypted passwords? (1 Reply)
Discussion started by: Anne Neville
1 Replies

LEARN ABOUT HPUX

yppasswd

yppasswd(1)						      General Commands Manual						       yppasswd(1)

NAME

       yppasswd - change login password in Network Information System (NIS)

SYNOPSIS

       [name]

   Remarks
       The  Network  Information  Service  (NIS)  was  formerly known as Yellow Pages (YP).  The functionality remains the same; only the name has
       changed.

DESCRIPTION

       changes or installs a password associated with the login name in the Network Information System (NIS).  The NIS password can  be  different
       from the one on your own machine.  If name is omitted, it defaults to the name returned by (see getlogin(3C)).

       prompts	for  the old NIS password (even if it does not exist), then twice for the new one.  The old password must be entered correctly for
       the change to take effect.  Checks occur to ensure that the new password meets the following construction requirements.

	      o  Only the first eight characters are significant.

	      o  A password can be as few as four characters long if it contains

		    o  at least one special character or

		    o  a mixture of numeric, uppercase and lowercase letters.

	      o  A password can be as few as five characters long if it contains a mixture of

		    o  uppercase and lowercase letters or

		    o  numeric and either uppercase or lowercase letters.

	      o  A password must contain at least six characters if it contains only monocase letters.

       All these rules except the first are relaxed if you try three times to enter an unacceptable new password.  You cannot,	however,  enter  a
       null password.

       Only the owner of the name or the superuser can change a password.

       The  Network  Information  System  password daemon, must be running on the master NIS password server to change NIS passwords.  See yppass-
       wdd(1M).

WARNINGS

       The password update protocol passes the old and new passwords to the master NIS server at once.	Thus, if the old NIS  password	is  incor-
       rect, no notification is given until the new NIS password is successfully entered.

       The password construction rules are different from those of the HP-UX command (see passwd(1)).

       The  root user's password cannot be changed using or Therefore, root users must change their password in the files database and then recon-
       struct the NIS maps using the command.  For more information on how to use the command, see ypmake(1M).

       User applications that call this routine must be linked with For example,

AUTHOR

       was developed by Sun Microsystems, Inc.

SEE ALSO

       id(1), passwd(1), su(1), yppasswdd(1M), getlogin(3C), yppasswd(3N), ypfiles(4).

																       yppasswd(1)
All times are GMT -4. The time now is 10:14 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy