Solved

Verifying password expiration settings in HP-UX

Posted on 2004-09-16
2
1,922 Views
Last Modified: 2013-12-04
I am new to HP-UX systems and prior system administration documentation at this site indicate the by entering a ,A/ between the userid and uid will set an automatic expiration of 90 days.  Is that correct? How can I verify that the expiration is being set.  This is on HP-UX 10 and 11.
0
Comment
Question by:pmccorkle
2 Comments
 
LVL 51

Accepted Solution

by:
ahoffmann earned 125 total points
ID: 12076288
don't think so.
Can you please tell us which authetification scheme you're using on that system.
0
 

Author Comment

by:pmccorkle
ID: 12082818
I got the answer to my own question and the answer is yes.

Password aging is put in effect for a particular user if his encrypted
password in the password file is followed by a comma and a nonnull
string of characters from the above alphabet.  (Such a string must be
introduced in the first instance by a superuser.) This string defines
the "age" needed to implement password aging.

The first character of the age, M, denotes the maximum number of weeks
for which a password is valid.  A user who attempts to login after his
password has expired is forced to supply a new one.  The next
character, m, denotes the minimum period in weeks that must expire
before the password can be changed.  The remaining characters define
the week (counted from the beginning of 1970) when the password was
last changed (a null string is equivalent to zero).  M and m have
numerical values in the range 0 through 63 that correspond to the 64-
character set of "digits" shown above.  If m = M = 0 (derived from the
string . or ..), the user is forced to change his password next time
he logs in (and the "age" disappears from his entry in the password
 file).  If m > M (signified, for example, by the string ./), then only
 a superuser (not the user) can change the password.  Not allowing the
 user to ever change the password is discouraged, especially on a
 trusted system.
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

No security measures warrant 100% as a "silver bullet". The truth is we also cannot assume anything but a defensive and vigilance posture. Adopt no trust by default and reveal in assumption. Only assume anonymity or invisibility in the reverse. Safe…
Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question