Prompt 4 passwd change after every 3 months

varunkant · 11-24-2008, 11:42 PM

Hello Everyone

Just a quickie question about PAM

how can we make linux to prompt for password change after every 3 months..

Thanks

billymayday · 11-25-2008, 12:45 AM

Will passwd -x do what you want?

anomie · 11-25-2008, 12:56 PM

See the manpages for chage(1).

varunkant · 11-26-2008, 08:10 AM

Hi

Thanks for that, but if i have 300 users in company , i cant do this for every user.
What i am looking for is a policy file somewhere in pam.d , which is universily defined for every user ( that they have to change password every 3 - 4 months )

Thanks for ur answer...

Acron_0248 · 11-26-2008, 08:35 AM

Can't you just use the /etc/login.defs file? like:

Code:

PASS_MAX_DAYS 90
PASS_MIN_DAYS 1
PASS_WARN_AGE 7

anomie · 11-26-2008, 06:39 PM

Quote:

Originally Posted by Acron_0248

Can't you just use the /etc/login.defs file?

He probably should update login.defs for new accounts, but - from the manpages for login.defs(5):

Quote:

PASS_MAX_DAYS, PASS_MIN_DAYS and PASS_WARN_AGE are only used at the
time of account creation. Any changes to these settings won’t affect
existing accounts.

---

Quote:

Originally Posted by varunkant

Thanks for that, but if i have 300 users in company , i cant do this for every user.

Sure you can.

%awk -F: '{print $1}' /etc/passwd > accounts-file

Hand-edit accounts-file to remove system accounts and any other exceptions - e.g. root (do not forget this step). Set up a for loop to iterate through all accounts in accounts-file and update their expirations via chage.

That's just one approach.

Acron_0248 · 11-26-2008, 07:09 PM

Quote:

Originally Posted by anomie

He probably should update login.defs for new accounts, but - from the manpages for login.defs(5):

Quote:

PASS_MAX_DAYS, PASS_MIN_DAYS and PASS_WARN_AGE are only used at the
time of account creation. Any changes to these settings won’t affect
existing accounts.

---

Ohh, I see, thanks for clarifying