03-08-2012
Can you post "lsuser -a user_name" for this user?
What does "maxexpired" in /etc/security/user have to say for this user? If it's -1, the user will not be forced to change the password even after the maxage duration.
Last edited by admin_xor; 03-08-2012 at 05:55 PM..
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi,
Anyone know the command which identifies how long a user has before their password expires?
I also need to know how I would write and expr to calculate the difference between 2 dates.
e.g. 28/03/05 - 18/03/05 = 10
I was told there is a date function which shows you no of days since... (1 Reply)
Discussion started by: sureshy
1 Replies
2. HP-UX
We are trying to implement an Password Aging system that will force UNIX Accounts to change their passwords every 3 mons or so. This will be done my our Server Support Provider.
We want to identify UNIX IDs that connects to our server via ftp,scp,sftp and other special connection protocols. IN... (2 Replies)
Discussion started by: tads98
2 Replies
3. AIX
Hi All,
I am using AIX
I need to get the Unix "password Expiration Days".
I know that "shadow" file contains this information. But shadow file can only be read by root.
Note that password expiration date will be set differently for diferrent user accounts. I need to get the inormation for... (0 Replies)
Discussion started by: raj_vkr
0 Replies
4. Solaris
Hello
can anyone explain where can be found logic for user password expiration on solaris as well as on reliant UNIX??
there is not much help of /etc/security directory..does not exist!
any help? (3 Replies)
Discussion started by: abdulaziz
3 Replies
5. Linux
Hi All,
I have this user on my /etc/shadow:
mysql:$1$vmw4r078$4.lp6z2s0KJYHKXTuPG2x0:13556:0::12:::
The 5 column is blank. Does it mean the user has no password expiration.
Thanks in advance for any idea. (1 Reply)
Discussion started by: itik
1 Replies
6. Solaris
Hello,
I am using Solaris 10 with CDE and like to change the behaviour of the login process.
I have a user account that is configured for password aging.
Currently, when his password expires, CDE prompts him to change his password when login in.
What I'd like is that the user cannot... (5 Replies)
Discussion started by: gorfou
5 Replies
7. AIX
Hi guys,
A simple question. which mecanism send an email to an unix user for the expiration of his password?
Thank you! (4 Replies)
Discussion started by: Chapel
4 Replies
8. UNIX for Advanced & Expert Users
Hello,
I want to write a script to check for the password expiration date in each server for the user by logging to each server and notify user through mail. If password is about to expire or if already expired , it should also be notified to user by mail. Any help or idea to build this will be... (1 Reply)
Discussion started by: baraghun
1 Replies
9. Ubuntu
Hello Team,
I am using Lubuntu & have DRBL remote boot setup with open Ldap authentication. Currently there is no password expire policy. I want to set Password Policy so that user's password will expire after a month & they will get prompt to change their password.
Using PAM we can do it,... (1 Reply)
Discussion started by: paragnehete
1 Replies
10. Shell Programming and Scripting
Dear Concern,
I want to write a shell script in linux for mail notification of users whose password is about to expire within 7 days or already has expired. Is there any alternative way except to check the "date" command output and compare it with "chage -l username" command output. Please... (1 Reply)
Discussion started by: makauser
1 Replies
shadow(4) Kernel Interfaces Manual shadow(4)
NAME
shadow - shadow password file
SYNOPSIS
DESCRIPTION
The file is created from the file by the command. It is readable only by a privileged user. It can be modified by the and commands. Pro-
grams may use the interfaces described in the getspent(3C) manpage to access this information. These functions return a pointer to an
structure, which is defined in the header file.
Fields
The file is an ASCII file consisting of any number of user entries separated by newlines. Each user entry line consists of the following
fields separated by colons:
login name Each login name must match a login name in puts the user entries in in the same order as the entries.
encrypted password
The password field of each entry contains an "x", and the actual encrypted passwords reside in The encrypted password field
consists of 13 characters chosen from a 64-character set of "digits". The characters used to represent "digits" are for 0,
for 1, through for 2 through 11, through for 12 through 37, and through for 38 through 63.
If the SHA11i3 product is installed, the password field may contain the prefix , where n is a label identifying an alterna-
tive algorithm used for the password hash. Using the new algorithm results in an encrypted password field which is longer
than 13 characters. The password field will consist of digits from the same 64-character set, as well as the additional
character used as a delimiter.
If this field is null, then there is no password and no password is demanded on login. Login can be prevented by entering a
character that is not a part of the set of digits (such as *).
last change
The number of days since January 1, 1970 that the password was last modified.
min days
The minimum period in days that must expire before the password can be changed. See also in security(4) and the command in
passwd(1).
max days
The maximum number of days for which a password is valid. A user who attempts to login after his password has expired is
forced to supply a new one. If min days and max days are both zero, the user is forced to change his password the next time
he logs in. If min days is greater than max days, then the password cannot be changed. These restrictions do not apply to
the superuser. See also in security(4) and the command in passwd(1).
warn days
The number of days the user is warned before his password expires. See also in security(4) and the command in passwd(1).
inactivity
The maximum number of days of inactivity allowed. This field is set with the option of either the or command. If this value
is greater than zero, then the account is locked if there have been no logins to the account for at least the specified num-
ber of days. If this value is less than or equal to zero, the value is determined by the attribute. See the description of
in security(4).
expiration
The absolute number of days since Jan 1, 1970 after which the account is no longer valid. A value of zero in this field
indicates that the account is locked.
reserved
The reserved field is always zero and is reserved for future use.
Notes
The file is not applicable to a system which has been converted to a trusted system.
WARNINGS
HP-UX 11i Version 3 is the last release to support trusted systems functionality.
FILES
system password file
shadow password file
SEE ALSO
login(1), passwd(1), pwconv(1M), pwunconv(1M), useradd(1M), userdel(1M), usermod(1M), crypt(3C), getspent(3C), putspent(3C), nss-
witch.conf(4), passwd(4), security(4).
shadow(4)