05-25-2014 06:00 AM - last edited on 05-25-2014 08:05 PM by maikoro
we're running an HP9000 container running 11.11 on an Integrity server running 11.31; the apps run on the 11.11 container and the user log directly into it.
What I want to know is, when a user's password needs resetting they get presented with the dialog offering them the choice of a pronouncable system-generated password, an unpronouncable one, or the option to create their own.
We want to alter this behaivour so that the only option is for them to create their own without the initial "select which option" dialog. All that "man passwd" mentions is:
" When passwd is invoked on a trusted system, the existing password is
requested (if one is present). This initiates the password
solicitation dialog which depends upon the type of password generation
(format policy) that has been enabled on the account doing the passwd
command. There are four possible options for password generation: "
but I can't see where to alter the "password solicitation dialog". Anyone able to help please?
P.S. This thread has been moevd from HP-UX > System Administration to Security. - Hp forum moderator
Solved! Go to Solution.
05-26-2014 08:56 AM
Looks like your container is using the HP-UX Trusted System Mode.
In a real 11.11, this change could be made with the modprpw command for a specific user:
modprpw -m usrpick=YES,syspnpw=NO,syschpw=NO,sysltpw=NO username
(the possible settings for each option are YES, NO, or DFT = use a system-wide default)
Or if you want to change the system-wide (or maybe container-wide in your case) default settings:
/usr/lbin/modprdef -m usrpick=YES,syspnpw=NO,syschpw=NO,sysltpw=NO
05-27-2014 08:54 AM
Yes, that's it, thanks, the modprpw commands did the trick.
We're running trusted on the containers but the host machine is not, so 'modprdef' isn't working., but we'll fix that at next restart time.