automatically prompt user to change password

guy_ripper · 12-16-2006, 10:26 AM

Hi...

I'm thinking to ask this in the forum regarding automatically prompt new user to change password upon logging in. Users are being authenticated by LDAP server using Fedora 6 and I used webmin so that I could get a gui interface....

Any ideas are welcome.. Thanks....

derekalan18 · 12-17-2006, 03:10 PM

if you want them to be prompted to change their password when logging in, just change their log-in shell to /bin/passwd

sysinit.d · 12-17-2006, 06:12 PM

Really, and what happens after they change their passwords. Do you think they will get any shell to work on ater that? And do you really want the users to change their passwords every-single-day!!??

I guess the question was to force users to change their passwords on their first logon attempt and not all the damn they login ...

Rite mate?

Quote:

Originally Posted by derekalan18

if you want them to be prompted to change their password when logging in, just change their log-in shell to /bin/passwd

live_dont_exist · 12-18-2006, 12:38 AM

Hey Guy_Ripper,
You might want to look at this link....
http://www.die.net/doc/linux/man/man1/chage.1.html

I quote the relevant stuff here...
====================================================================================
-E, --expiredate EXPIRE_DATE
Set the date or number of days since January 1, 1970 on which the user's account will no longer be accessible. The date may also be expressed in the format YYYY-MM-DD (or the format more commonly used in your area). A user whose account is locked must contact the system administrator before being able to use the system again.
====================================================================================

sysinit.d · 12-23-2006, 08:40 PM

Ya true ... if u want the users to be prompted for changing their passswords on their first logon attempt, just expire all user accounts, so that they will prompted to change their passswords on their first logon attempt

do this >>

chage -E 0 user_name (This will expire the user, cuz 0 stands for Jan 1,1970)

chage -E -1 user_name makes the user account expire NEVER

chage -E YYYY-MM-DD .. use this to expire the user account on the day you want it to ...

Just check out the manual page for the chage command ... that would fit all ur requirements I am sure ...

thanx

SysInitD

mbradbones · 01-17-2007, 11:02 AM

This is fine if you want the user to have to contact the system admin to change their password.

"-E, --expiredate EXPIRE_DATE
Set the date or number of days since January 1, 1970 on which the user's account will no longer be accessible. The date may also be expressed in the format YYYY-MM-DD (or the format more commonly used in your area). A user whose account is locked must contact the system administrator before being able to use the system again. "

How can one force a password change so the user can enter the new password without contacting the admin?

Like on HPux or Sun systems(not 5.8 - bug), you can use the passwd -f userid, thus when user logs in and enters the temporary password, they are then prompted to enter a new password.

mbradbones · 01-18-2007, 10:26 AM

Got my answer, saw another thread and used mix of -d, -M
newbie am I

mbradbones · 01-18-2007, 01:57 PM

This is what I have found to work:

chage -M 90 -d 0 user_id

The -M 90 - sets password to expire every 90 days
The -d 0 - Sets the last date password was changed, in this case it is 01-01-1970

Use chage -l user_id to see the settings.

Know that all you experts out there think this is dumb post, but I hope to help other newbies