09-28-2009
Chage -d should work. Can you log in as that user on the console?
10 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
Hello,
I just finished adding a bunch of new users to the linux servers I administer. I add users either via command line or via linuxconf, but I can't seem to find out how to force users to change their passwords on their first login to the system.
Anyone know how to do that? My HP-UX... (1 Reply)
Discussion started by: vancouver_joe
1 Replies
2. UNIX for Advanced & Expert Users
Hi,
I notice in my Sun Solaris 8 sparc worstation, I am able to change my password to same existing password.
That is, right now my password is abc, and I change it with "passwd" command and change it abc again. It will accept.
How can I make it such that it will not accept same password?... (3 Replies)
Discussion started by: champion
3 Replies
3. UNIX for Dummies Questions & Answers
All,
I am unable to change a password for the user called : poller
I am logged in as root When I do the following command
passwd poller
New Password:
Permission denied
Whe i enter the new password, it gives the above error.
When i log in as poller and then execute the command, then... (2 Replies)
Discussion started by: rahulrathod
2 Replies
4. UNIX for Dummies Questions & Answers
Using Solaris 9 and 10.
What we want to do is set up global rules for our password files to restrict all users, not only new ones set up with the rules but also the ones that have been sitting on the system for years.
Is there a global way to force all users to change their password every 90... (1 Reply)
Discussion started by: LordJezo
1 Replies
5. Shell Programming and Scripting
hi
How can I force user to change of password by modifying the password expiry and the grace period so that the
user has at least 1 week to login and change the password...... (3 Replies)
Discussion started by: tjay83
3 Replies
6. Shell Programming and Scripting
hi
by modifying /etc/shadow
how can I Force a change of password so that user has at least 1 week to login?
I did it by using:
echo "enter username to force password change"
read user;
chage -M 7 $user;
How can I do it by modifying /etc/shadow?? (6 Replies)
Discussion started by: tjay83
6 Replies
7. Solaris
Hello All,
How to force user to change his login passwd on his first login in solaris 10 ?
while adding user do we need to set the password in theis case?? (7 Replies)
Discussion started by: saurabh84g
7 Replies
8. Red Hat
Hi expert,
after creating users on Redhat, i wantn to change their password with something that easy to remember and the way we use. For example
#passwd username
hello$123
it don't allow me. It may has something to do /etc/pam.d/filesXXXX there which i don't know to change to allow root... (1 Reply)
Discussion started by: lamoul
1 Replies
9. Shell Programming and Scripting
Hi Gurus,
I am lpad user in some of my server. I need to change password at certain period time. I am wondering what is the command to change the passwd.
last time I asked my unix admin, they gave me a comand I chagned it. (I forgot to keep it in safe place, I lost it). this time when... (2 Replies)
Discussion started by: ken6503
2 Replies
10. Linux
hi
I am not able to change user password from root user.
although it is saying updated successfully.
but still I am not able to login direct to abc user.
however I can login from root user by using su - abc
# passwd abc
Changing password for user abc.
New password:
BAD PASSWORD: it... (2 Replies)
Discussion started by: scriptor
2 Replies
LEARN ABOUT CENTOS
pam_console
pam_console(8) System Administrator's Manual pam_console(8)
NAME
pam_console - determine user owning the system console
SYNOPSIS
session optional pam_console.so
auth required pam_console.so
DESCRIPTION
pam_console.so is designed to give users at the physical console (virtual terminals and local xdm-managed X sessions by default, but that
is configurable) capabilities that they would not otherwise have, and to take those capabilities away when the are no longer logged in at
the console. It provides two main kinds of capabilities: file permissions and authentication.
When a user logs in at the console and no other user is currently logged in at the console, pam_console.so will run handler programs speci-
fied in the file /etc/security/console.handlers such as pam_console_apply which changes permissions and ownership of files as described in
the file /etc/security/console.perms. That user may then log in on other terminals that are considered part of the console, and as long as
the user is still logged in at any one of those terminals, that user will own those devices. When the user logs out of the last terminal,
the console may be taken by the next user to log in. Other users who have logged in at the console during the time that the first user was
logged in will not be given ownership of the devices unless they log in on one of the terminals; having done so on any one terminal, the
next user will own those devices until he or she has logged out of every terminal that is part of the physical console. Then the race can
start for the next user. In practice, this is not a problem; the physical console is not generally in use by many people at the same time,
and pam_console.so just tries to do the right thing in weird cases.
When an application attempts to authenticate the user and this user is already logged in at the console, pam_console.so checks whether
there is a file in /etc/security/console.apps/ directory with the same name as the application servicename, and if such a file exists,
authentication succeeds. This way pam_console may be utilized to run some system applications (reboots, config tools) without root pass-
word, or to enter user password on the first system login only.
ARGUMENTS
debug turns on debugging
allow_nonroot_tty
gain console locks and change permissions even if the TTY's owner is not root.
handlersfile=filename
tells pam_console.so to get the list of the handlers from a different file than /etc/security/console.handlers
EXAMPLE
/etc/pam.d/some-system-tool:
auth sufficient pam_rootok.so
auth required pam_console.so
/etc/pam.d/some-login-service:
auth sufficient pam_console.so
auth required pam_unix.so
session required pam_unix.so
session optional pam_console.so
FILES
/var/run/console/
/var/run/console/console.lock
/etc/security/console.apps
/etc/security/console.handlers
SECURITY NOTES
When pam_console "auth" is used for login services which provide possibility of remote login, it is necessary to make sure the application
correctly sets PAM_RHOST variable, or to deny remote logins completely. Currently, /bin/login (invoked from telnetd) and gdm is OK, others
may be not.
SEE ALSO
console.perms(5)
console.apps(5)
console.handlers(5)
pam_console_apply(8)
/usr/share/doc/pam*/html/index.html
BUGS
Let's hope not, but if you find any, please report them via the "Bug Track" link at http://bugzilla.redhat.com/bugzilla/
AUTHORS
Michael K. Johnson <johnsonm@redhat.com>
Support of console.handlers and other improvements by Tomas Mraz <tmraz@redhat.com>
Red Hat 2005/10/4 pam_console(8)