Solved

password policy AIX IBM commands

Posted on 2014-02-11
2
1,353 Views
Last Modified: 2014-02-11
is there a command on AIX IBM to list the password policy (and account lockout) for all accounts on an AIX IBM system? i assume some accounts may be subject to different policy settings...
0
Comment
Question by:pma111
2 Comments
 
LVL 68

Accepted Solution

by:
woolmilkporc earned 500 total points
ID: 39850112
The command to use (for all users) is

lsuser ALL

("ALL" in uppercase)

This will give you quite a lot of output.

The flags which might be of interest to you are:

expires, pwdwarntime, account_locked, minage, maxage,  maxexpired, minalpha, minother, mindiff, maxrepeats, minlen, histexpire, histsize, pwdchecks

So:

lsuser -a expires pwdwarntime account_locked minage maxage maxexpired minalpha minother mindiff maxrepeats minlen histexpire histsize pwdchecks ALL

will show only the mentioned flags.

Replace ALL wit a username or a comma-separated list of usernames to see the settings for a subset of your user community, like this:

lsuser -a expires pwdwarntime account_locked minage maxage maxexpired minalpha minother mindiff maxrepeats minlen histexpire histsize pwdchecks user1,user2,user3

See "man chuser" (!) or look here:
http://publib.boulder.ibm.com/infocenter/aix/v7r1/index.jsp?topic=%2Fcom.ibm.aix.cmds%2Fdoc%2Faixcmds1%2Fchuser.htm
for detailed info on the meaning of the single flags.

If you have difficulties understanding the concept or some flags please don't hesitate to ask, I'll explain.
0
 
LVL 3

Author Closing Comment

by:pma111
ID: 39850123
thanks again..
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Attention: This article will no longer be maintained. If you have any questions, please feel free to mail me. jgh@FreeBSD.org Please see http://www.freebsd.org/doc/en_US.ISO8859-1/articles/freebsd-update-server/ for the updated article. It is avail…
I don't know if many of you have made the great mistake of using the Cisco Thin Client model with the management software VXC. If you have then you are probably more then familiar with the incredibly clunky interface, the numerous work arounds, and …
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now