You create the golden image presumably via some NIM-procedure. My suggestion is to have a post-install customization script which sets the root password to blank and raises the ADMCHG flag so that the next root logging on is required to set the PW.
It being weekend I have no AIX system at hand to test it, but that should work:
See the man page for the chpasswd command for details.
On another thought you may want to include such a post-install step into the regular NIM-setup of new systems so that - regardless of what golden image was delivered - the root password is always set to a constant value which you can tell the administrators. In regular intervals (like once a year, ...) you just change this post-install-script so that ALL newly iinstalled systems are set to this new password initially.
Hello,
I just finished adding a bunch of new users to the linux servers I administer. I add users either via command line or via linuxconf, but I can't seem to find out how to force users to change their passwords on their first login to the system.
Anyone know how to do that? My HP-UX... (1 Reply)
Hi,
I notice in my Sun Solaris 8 sparc worstation, I am able to change my password to same existing password.
That is, right now my password is abc, and I change it with "passwd" command and change it abc again. It will accept.
How can I make it such that it will not accept same password?... (3 Replies)
We have quite a few threads about this subject. I have collected some of them and arranged them by the OS which is primarily discussed in the thread. That is because the exact procedure depends on the OS involved. What's more, since you often need to interact with the boot process, the... (0 Replies)
Hi, yesterday, I changed root's shell in /etc/passwd, cause a mistake then I can not log in root account (can't find correct shell). I attempted to log in single-mode, however, it prompted for single-mode's password then I type root's password but still can not log in.
I'm using AIX 5L version 5.2... (2 Replies)
hi
How can I force user to change of password by modifying the password expiry and the grace period so that the
user has at least 1 week to login and change the password...... (3 Replies)
hi
by modifying /etc/shadow
how can I Force a change of password so that user has at least 1 week to login?
I did it by using:
echo "enter username to force password change"
read user;
chage -M 7 $user;
How can I do it by modifying /etc/shadow?? (6 Replies)
Hello All,
How to force user to change his login passwd on his first login in solaris 10 ?
while adding user do we need to set the password in theis case?? (7 Replies)
Hi all,
Im having trouble setting up an FTP server and forcing SSL. At the moment i can connect to the server externally using normal FTP but when i try FTP with SSL i get
STATUS:> Connected. Exchanging encryption keys...
ERROR:> SSL: Error in negotiating... (5 Replies)
i do not have root on a solairs 10 server , however i do have the root role, i was wondering if I can change the root password as a a role with the passwd command? I have not tried yet.
and do i have to use the # chgkey -p afterwards?
i need to patch is why i am asking.
thanks (1 Reply)
Discussion started by: goya
1 Replies
LEARN ABOUT OPENSOLARIS
patchmedia
patchmedia(1M) System Administration Commands patchmedia(1M)NAME
patchmedia - modify Solaris media with patches and packages
SYNOPSIS
/usr/bin/patchmedia -d media-root [-v] [-o iso] [-l label]
pkg_or_patch [pkg_or_patch ...]
DESCRIPTION
The patchmedia utility takes a list of patches and packages as input and updates the install miniroot in media-root (the root directory of
an on-disk image of a Solaris installation media) to include the specified patches and packages. These patches and packages are also placed
in a subdirectory called DU under the Solaris install image. For example:
media-root/Solaris_10/DU
When booting a system from the updated media, the patches and packages will be part of the booted Solaris image. They will also be applied
to the target system being installed at the end of the installation process.
If -o is specified, a bootable ISO image is created in the file media.iso that contains the Solaris install media. The ISO image can then
be burned onto a CD/DVD with utilities such as cdrw(1) or cdrecord(1). (The latter is not a SunOS man page.)
OPTIONS
The following options are supported:
-d media-root
Top-level directory of on-disk image of Solaris installation media. This is option must be specified.
-o iso
Create a Solaris ISO image of media-root.
-l label
Label/volume name of the ISO image (if -o option is specified). If -o is not specified, the name of Solaris directory under media-root,
for example, Solaris_10, will be used.
-v
Verbose. Multiple -v options increase verbosity.
OPERANDS
The following operands are supported:
pkg_or_patch [pkg_or_patch ...]
One or more patches or packages (you can have both patches and packages in a single command) with which the Solaris installation media
media-root will be updated.
EXAMPLES
Example 1 Updating a Solaris Install Image with Patch and Package
The following command updates the Solaris install image in s10u1 by adding patch 123456-07 and package SUNWfoo.
# /usr/bin/patchmedia -d s10u1 SUNWfoo 123456-07
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWcsu |
+-----------------------------+-----------------------------+
|Interface Stability |Committed |
+-----------------------------+-----------------------------+
SEE ALSO cdrw(1), mkcd(1M), attributes(5)mkisofs(8), (/usr/share/man/man8/mkisofs.8), in the SUNWfsman package (not a SunOS man page)
SunOS 5.11 29 Jul 2008 patchmedia(1M)