Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Automating UNIX/Solaris password resets
Top Forums UNIX for Beginners Questions & Answers Automating UNIX/Solaris password resets Post 303037196 by Neo on Thursday 25th of July 2019 12:48:21 PM
Old 07-25-2019
I think is is pretty common these days to create web-based interfaces to change user passwords, even for shell accounts.

It can be more secure to do it via a well-written web interface than giving employees direct access to the shell.

In addition, a well written web-based interface can easily enforce local organizational policies for password strength, etc.

You can do a lot with a well-written web app these days.

However, if you do not have a lot of experience writing web apps, creating a password-changing app is not the best place to get started.

On the other hand, it really depends on the "criticality" of the application.

To properly advise, I would need to know the "criticality" of the application. All applications are not created equal and IT security is not a "one size fits all" profession.

Cheers.
This User Gave Thanks to Neo For This Post:
hicksd8
 

9 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

automating password ?

Hi all, I want to write a script which logs into a database (DB2). To do this i need to have a password. This will be done lots and lots of times, so i need to modify the script to automate the response to the password request. How do i this, because at present i do the following: db2 connect... (3 Replies)
Discussion started by: Liamo
3 Replies

2. UNIX for Dummies Questions & Answers

Automating password change

Hi, I'm trying to create a shell to change some user password with random string. I've tried to use stdin redirection to supply the new password by a response file: passwd theuser < respfile but I continue to be prompted for supplying pwd via console keyboard. Can you help me to... (2 Replies)
Discussion started by: nisant
2 Replies

3. Shell Programming and Scripting

Automating Database scripts in UNIX

Hi everybody, can someone please suggest me how to implement the running of SQL table scripts(.sql) at a specific time automatically in UNIX ?Thanks (2 Replies)
Discussion started by: konquistador
2 Replies

4. UNIX for Dummies Questions & Answers

Automating UNIX backups?

Hi all, I'm quite limited in UNIX unfortunately for me, and need to find a solution to something thats giving me headaches every morning. We need to make daily backups of a server we have in the office every morning, as well as then FTPing the created backup files over to a specific FTP address... (3 Replies)
Discussion started by: de049
3 Replies

5. Shell Programming and Scripting

automating ssh session with password

Hi Can anyone help me in automate a ssh session with password using shell script (7 Replies)
Discussion started by: raghav288
7 Replies

6. Shell Programming and Scripting

automating username / password entry

I have a database that contains a list of server names, and the password for the root user on several servers (100+). I need to verify the passwords for each of the servers in an automated fashion because the database continues to grow. All of the users that I'm going to test are ROOT. I can't... (1 Reply)
Discussion started by: jbeck22
1 Replies

7. UNIX for Advanced & Expert Users

Automating Interactive password change

I have written the below scripts . ldap_pwd_prompt.ksh #!/usr/bin/ksh passwd -r ldap interactive_pwd_change.exp #!/usr/local/bin/expect set timeout 10 set curpass set newpass spawn ./ldap_pwd_prompt.ksh expect "Enter existing login password:" send "$curpass\r" expect "New... (6 Replies)
Discussion started by: dr46014
6 Replies

8. UNIX for Advanced & Expert Users

Automating Password reset without shell usage

Our application runs on AIX and the users of the application do not have a way to land at the prompt/shell by any means. When they login to the box, the application opens up directly. I would like to know of a way to automate the password reset process for these user ids, without them having to... (2 Replies)
Discussion started by: ggayathri
2 Replies

9. Solaris

Automating old Boot Environment Cleanup Solaris 11

I'm trying to automate the patching process using scripts and cronjobs in Solaris 11. one of the things I'd like to do is cleanup the old boot environments. unfortunately beadm destroy requires a response :~$ pfexec beadm destroy -f solaris-13 Are you sure you want to destroy... (3 Replies)
Discussion started by: os2mac
3 Replies

LEARN ABOUT HPUX

pwd_strengthd

pwd_strengthd(1m)														 pwd_strengthd(1m)

NAME

       pwd_strengthd - The sample Password Management Server

SYNOPSIS

       pwd_strengthd [+/-all[_spaces]] [+/-alp[ha_num]]
       [-c[ache_size]] size [-d[ebug]]
       [-m[in_len]] pwd_min_len [-t[imeout]] minutes
       [-v[erbose]]

OPTIONS

       Allow  passwords  to be all spaces. If this option is not set, the effective registry policy is used.  Disallow passwords to be all spaces.
       If this option is not set, the effective registry policy is used.  Allow passwords to consist only  of  alphanumeric  characters.  If  this
       option is not set, the effective registry policy is used.  Disallow passwords to consist only of alphanumeric characters. If this option is
       not set, the effective registry policy is used.	Specify the number of hash buckets in the password cache. The password cache  is  used	to
       store  generated passwords which are retrieved when the password is strength checked. The password cache is a hash table with a linked list
       for collisions. The size should be set to a reasonable value based on how large the cache will be on average.  The  default  value  if  not
       specified  is  100.  Run in the foreground. Log messages are written to standard output.  Specify the minimum length of a password. If this
       option is not set, the effective registry policy is used.  Specify the time, in minutes, that  generated  passwords  remain  in	the  cache
       before  they are deleted from memory. If this option is not specified, the default time is 30 minutes.  Runs in verbose mode. More detailed
       messages are sent to the logfile $DCELOCAL/var/security/pwd_strengthd.log.  (Use of this option is recommended.)

DESCRIPTION

       DESCRIPTION

       pwd_strengthd is a sample Password Management Server. It exports the rsec_pwd_mgmt application programming interface.

       pwd_strengthd generates passwords and strength-checks them. It enforces	the  security  registry  policy  for  password	strength-checking.
       Administrators can override the security registry policy via the command-line options (alpha_num, all_spaces, min_len.)

       Administrators can subject principals to password-strength and -generation policies by attaching the following ERAs: Specifies the password
       management policy the user must conform to when selecting passwords.  Specifies information required in order to connect  to  the  password
       management server.

       See the OSF DCE Administrator's Guide -- Core Services for more information and examples.  You may want to enhance pwd_strengthd to support
       your site's policies for password strength and generation.

																 pwd_strengthd(1m)
All times are GMT -4. The time now is 06:43 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy