Re: Passwd aging per user - HP-UX 11.31 (1531 Views)
Reply
Advisor
Posts: 24
Registered: ‎07-14-2011
Message 1 of 6 (1,565 Views)
Accepted Solution

Passwd aging per user - HP-UX 11.31

Hi,

 

I've set security policies in "/etc/default/security":

 

PASSWORD_MAXDAYS=90
PASSWORD_MINDAYS=20
PASSWORD_WARNDAYS=15

and I want some users don't be affected by these settings. So I remove the "Password aging" (through smh or command line) and it works. But everytime the users change their passwords, the password aging is applied again. Is this the normal or expected behavior? Is there any way to fix it to permanently disable the password aging only in a given user?

 

Best Regards,

Acclaimed Contributor
Posts: 25,614
Registered: ‎03-06-2006
Message 2 of 6 (1,559 Views)

Re: Password aging per user - HP-UX 11.31

Are you using standard or trusted mode?

Advisor
Posts: 24
Registered: ‎07-14-2011
Message 3 of 6 (1,554 Views)

Re: Password aging per user - HP-UX 11.31

Standard mode (/etc/shadow not /tcb).

Frequent Advisor
Posts: 51
Registered: ‎11-06-2007
Message 4 of 6 (1,531 Views)

Re: Passwd aging per user - HP-UX 11.31

Hi,

 

If you want to make exceptions for few users in standard mode then you may use "password -x 1 username"

 

where 1=number of days in which the user account should get locked.

 

In trusted mode, to set such policy for specific user please use "/usr/lbin/modprpw –l –m mintm=0 exptm=0 lftm=0 expwarn=0 username"

 

Hope this will help you on your query asked.

 

Thanks & Regards,

Chirag Parikh

Advisor
Posts: 24
Registered: ‎07-14-2011
Message 5 of 6 (1,526 Views)

Re: Passwd aging per user - HP-UX 11.31

[ Edited ]

Hi,

 

As I've said, I've managed to disable password aging for certain users. The problem is every time one of such users change its password, the password aging is applied again. And the system is not trusted. Please, take a time to read my first post.

 

Regards,

 

Advisor
Posts: 24
Registered: ‎07-14-2011
Message 6 of 6 (1,493 Views)

Re: Passwd aging per user - HP-UX 11.31

Hi,

 

As I suppossed, there is no way to disable these settings per user. Each time a user change its password, the settings in /etc/default/security are re-applied. And for account lifetime, it cannot be disabled with userdbset.

 

Regards,

The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.