password policy AIX IBM commands

Posted on 2014-02-11
Last Modified: 2014-02-11
is there a command on AIX IBM to list the password policy (and account lockout) for all accounts on an AIX IBM system? i assume some accounts may be subject to different policy settings...
Question by:pma111
LVL 68

Accepted Solution

woolmilkporc earned 500 total points
ID: 39850112
The command to use (for all users) is

lsuser ALL

("ALL" in uppercase)

This will give you quite a lot of output.

The flags which might be of interest to you are:

expires, pwdwarntime, account_locked, minage, maxage,  maxexpired, minalpha, minother, mindiff, maxrepeats, minlen, histexpire, histsize, pwdchecks


lsuser -a expires pwdwarntime account_locked minage maxage maxexpired minalpha minother mindiff maxrepeats minlen histexpire histsize pwdchecks ALL

will show only the mentioned flags.

Replace ALL wit a username or a comma-separated list of usernames to see the settings for a subset of your user community, like this:

lsuser -a expires pwdwarntime account_locked minage maxage maxexpired minalpha minother mindiff maxrepeats minlen histexpire histsize pwdchecks user1,user2,user3

See "man chuser" (!) or look here:
for detailed info on the meaning of the single flags.

If you have difficulties understanding the concept or some flags please don't hesitate to ask, I'll explain.

Author Closing Comment

ID: 39850123
thanks again..

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
Windows 7 does not have the best desktop search built in. This is something Windows 7 users have struggled with. You type something in, and your search results don’t always match what you are looking for, or it doesn’t actually work at all. There ar…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now