ITEM: D9044L

Changing the expiration date of one user

Question: 

 Can I change the expiration date of just one user's account and/or 
password?


Response:


Yes, you can change the expiration status of just one user's password or 
account.

ACCOUNT:
*******

You can make the changes directly in the /etc/security/user file.  There
is an "expires" attribute which you can set in the format of 
MMDDHHmmYY.  Where MM=month, DD=day, HH=hour, mm=minute, and YY=year.
You will be able to make the changes as root to the file and save them.  
The user account will expire on the date and time specified.

You can also do this through SMIT.

        Security & Users
        Users
        Change / Show Characteristics of a User
*)  Enter User Name
         EXPIRATION date (MMDDhhmmyy)
*)  type in the appropriate choice for this attribute.


PASSWORD:
********

In the /etc/security/login.cfg file there is a pw_restrictions stanza 
which contains password restrictions.  The "maxage" attribute defines the 
maximum age (in weeks) of a password for the users on the system.

You can't give each user a different expiration date, however you can 
make it so that the passwords of administrative users will not expire.

In order to do this you can use the "pwdadm" command as follows  

              "pwdadm -f NOCHECK \"

at the prompt, and the /etc/security/login.cfg guidelines established in
the pw_restrictions stanza will not be followed. 

                             -OR-

You can place the NOCHECK flag in the /etc/security/passwd file in the 
particular user's stanza under the "flags" attribute.

*) Ex:  user_name:
               passwd = HklasdfjhEI
               lastupdate = 746317954 
               flags = NOCHECK  



Support Line: Changing the expiration date of one user ITEM: D9044L

Dated: February 1994 Category: N/A

This HTML file was generated 99/06/24~13:30:55

Comments or suggestions?
Contact us