pmccorkle
asked on
Verifying password expiration settings in HP-UX
I am new to HP-UX systems and prior system administration documentation at this site indicate the by entering a ,A/ between the userid and uid will set an automatic expiration of 90 days. Is that correct? How can I verify that the expiration is being set. This is on HP-UX 10 and 11.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Password aging is put in effect for a particular user if his encrypted
password in the password file is followed by a comma and a nonnull
string of characters from the above alphabet. (Such a string must be
introduced in the first instance by a superuser.) This string defines
the "age" needed to implement password aging.
The first character of the age, M, denotes the maximum number of weeks
for which a password is valid. A user who attempts to login after his
password has expired is forced to supply a new one. The next
character, m, denotes the minimum period in weeks that must expire
before the password can be changed. The remaining characters define
the week (counted from the beginning of 1970) when the password was
last changed (a null string is equivalent to zero). M and m have
numerical values in the range 0 through 63 that correspond to the 64-
character set of "digits" shown above. If m = M = 0 (derived from the
string . or ..), the user is forced to change his password next time
he logs in (and the "age" disappears from his entry in the password
file). If m > M (signified, for example, by the string ./), then only
a superuser (not the user) can change the password. Not allowing the
user to ever change the password is discouraged, especially on a
trusted system.