[SunHELP] Fixing Expired accounts?
Will Mc Donald
wmcdonald at ntlworld.com
Thu Sep 5 02:31:08 CDT 2002
Reading up on password aging in the O'Reily Essential System Administration
book, once an account's been expired/locked out the password field in
/etc/shadow is replaced with something like an asterix, or *LK*.
>From shadow's man page...
Each entry in the shadow file has the form:
username:password:lastchg: min:max:warn:
inactive:expire:flag
password A 13-character encrypted password for the user, a
lock string to indicate that the login is not
accessible, or no string, which shows that there
is no password for the login.
There will be a "lock string" in the second field. You could either edit
/etc/shadow and remove the "lock string" or
passwd -d $user
deleting their password and in the process setting it to null, you'll then
need to set a new one yourself, it appears the user can't (at least on the box
I've just tested, Solaris 7).
The book also mentions a passwd -u $user which unlocks the account (opposite
of the -l option) but I can see no mention of this in the man page so it
doesn't appear to be implemented in Solaris.
Will.
----- Original Message -----
From: "Ben Ricker" <bricker at wellinx.com>
To: "Sun Help List" <sunhelp at sunhelp.org>
Sent: Wednesday, September 04, 2002 3:06 PM
Subject: [SunHELP] Fixing Expired accounts?
> I have password aging on a number of Solaris 8 boxes and I am having the
> HARDEST time figuring out how to unexpire an account. I cannot find
> ANYTHING in the man pages or reference books about how to unexpire a
> password aged account. Can someone point me to some information about
> the procedure?
More information about the SunHELP
mailing list