viewing a locked account
 

hi all,

i have locked an account with usermod -L usrname.
i know i can unlock with -U switch.
but, where can i check that the account is locked or how can i check which r the accounts that r locked in the system?

thanks in advance,

suman:scratch:

If you look in /etc/passwd, locked accounts will have an exclamation mark (!) in the encrypted password section.

Exclamation mark is generally used, but as far as I understand, an account can be "locked" by adding a character into the encrypted password field in /etc/shadow (most systems don't have a password in /etc/passwd because it needs to be readable by the users, the encrypted password is stored in /etc/shadow instead) that "doesn't fit" there. It means that only certain characters can be used in the encrypted password, and if a character is found from the field that is not supposed to be there, the password is unreadable by the program and thus the account is locked.

hi,
thanks a lot to both of you guys.
thanks reddazz, for giving me the quick reply.
but as b0uncer said now a days the password stays in /etc/shadow.
thanks b0uncer, for your detailed explanation.
yes, i have found that my testuser is havin a ! mark in beginning of the password field in shadow.
so, this way i can check whether the login problem is due to disabled account.

thanks a lot guys,

suman

If you use shadow passwords, locking an account prepends an exclamation point to the encrypted password field.
Using usermod -U username removes the asterisk.

So "sudo sed -n '/^[[:alpha:]]*:\!/p' /etc/shadow" will list the locked accounts, which will include locked system accounts.

Actually, its my error there. I meant to say /etc/shadow and not /etc/passwd. Cheers for the correction.