Solved

How to list security policy of Red Hat Linux, specifically need password expiration and grace period thereof

Posted on 2010-11-11
6
615 Views
Last Modified: 2012-05-10
Hello,
I am running Red Hat Enterprise Linux Server release 5.2 and it has a security policy that expires passwords after 90 days. I want to find out specifically what the grace period is (if any) and generally how to list all of the terms of the security policy.
Thank you,
Peter
0
Comment
Question by:pdegregorio
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 17

Accepted Solution

by:
sweetfa2 earned 250 total points
ID: 34116378
chage --list user
0
 

Author Comment

by:pdegregorio
ID: 34116705
Thanks for the quick reply. Here are my results

ast password change                                    : Nov 11, 2010
Password expires                                        : Feb 09, 2011
Password inactive                                       : Feb 09, 2011
Account expires                                         : never
Minimum number of days between password change          : 0
Maximum number of days between password change          : 90
Number of days of warning before password expires       : 5

I interpret this as meaning that if I don't change my password by Feb 09, 2011 I will be locked out and have to get help from the system administrator. At that point what does the administrator do? Is there a command to reactivate the user so they can log in and change their own password?
0
 
LVL 17

Expert Comment

by:sweetfa2
ID: 34116803
As far as I recall you will not be able to login after this date without changing your password.  

I don't believe that it makes your account inactive.

The account expires value would be the one that you would be concerned about in that case.

The super-user could re-activate your password simply by changing it with the passwd command.

0
Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

 
LVL 40

Assisted Solution

by:noci
noci earned 250 total points
ID: 34116824
you can change the password on behalf of the use by passwd.
Or the chage command can be used to (re)set the last password date to something so it is still valid for few days.
0
 

Assisted Solution

by:pdegregorio
pdegregorio earned 0 total points
ID: 34117051
Thanks experts ... OK so the system has a 90 day expiration so the following command

chage -d `date +"%Y-%m-%d" -d -89days` THE_USER

will set the user's last password change to 89 days ago and they can log in today and change their password with passwd. If they don't do it today they are locked out again. Perfect.

0
 

Author Closing Comment

by:pdegregorio
ID: 34143566
My comment (zero points) is accepted as part of the solution because it gives a specific and practical use example.
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

​Being a Managed Services Provider (MSP) has presented you  with challenges in the past— and by meeting those challenges you’ve reaped the rewards of success.  In 2014, challenges and rewards remain; but as the Internet and business environment evol…
Hello EE, Today we will learn how to send all your network traffic through Tor which is useful to get around censorship and being tracked all together to a certain degree. This article assumes you will be using Linux, have a minimal knowledge of …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Add bar graphs to Access queries using Unicode block characters. Graphs appear on every record in the color you want. Give life to numbers. Hopes this gives you ideas on visualizing your data in new ways ~ Create a calculated field in a query: …

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question