How to : Change Password Expiration Policy in Solaris

avklinux · 11-20-2008, 07:54 PM

Hello

any one have any idea for Changing Password Expiration Policy in Solaris

Thanks

Varang

TB0ne · 11-21-2008, 09:28 AM

Quote:

Originally Posted by avklinux

Hello

any one have any idea for Changing Password Expiration Policy in Solaris

Tried Google, or Solaris forums?

/etc/default/passwd is the file related to password aging. Edit that file to suit your needs.

Blinker_Fluid · 11-21-2008, 11:53 AM

In etc shadow you should have a line for each user that looks something like this:
bob:uQI6r6XZeYL3s:14186:7:60:28:::

explanation:
username : password hash:date password was set : Min password days: max password Days: warning days : inactive : Expire : Flag

These values are pulled out of /etc/default/passwd as TB0ne indicated however can be overwritten by editing /etc/shadow directly.

in /etc/default/passwd you should have something like this:
MAXWEEKS=9
MINWEEKS=1
WARNWEEKS=2
PASSLENGTH=6

TB0ne · 11-21-2008, 12:37 PM

Quote:

Originally Posted by Blinker_Fluid

In etc shadow you should have a line for each user that looks something like this:
bob:uQI6r6XZeYL3s:14186:7:60:28:::

explanation:
username : password hash:date password was set : Min password days: max password Days: warning days : inactive : Expire : Flag

These values are pulled out of /etc/default/passwd as TB0ne indicated however can be overwritten by editing /etc/shadow directly.

in /etc/default/passwd you should have something like this:
MAXWEEKS=9
MINWEEKS=1
WARNWEEKS=2
PASSLENGTH=6

You should NEVER edit /etc/shadow directly..it's very dangerous. Can cause all sorts of problems, not the least of which is no one being able to log in at all, from anywhere.

If you want to change what users are currently set to, use the passwd command, and specify the new values.