On Thu, 25 Mar 2004, shane c branch wrote:
Steven J. Yellin wrote: > I've never done this, but > useradd -D -e expire_date -f inactive_days > might do approximately what you want.
I finally got a chance to start playing around with this today. Yes, the information you provided combined with a reading of the following:
http://www.netsys.com/cgi-bin/display_article.cgi?1088
and I am close to accomplishing my goal. I now have the useradd program defaults set to my expiration requirements. And with the script provided at the link above, creating users should be even easier.
However, I'm still confused as to how to apply the password max age policy to existing users. I'm sure it's in the documentation, but I'm just not making the connection.
Maybe it would work to just edit /etc/shadow. "man 5 shadow" says what the various fields (stuff between ":") mean.
I figured it out not too long after posting that email.
Following the previous suggestion, I did:
#useradd -D to see what my defaults were then #useradd -D -e186
to set the system wide expiration date. That takes care of any future users.
Then for current users #passwd -w14 -x186 username
that set the warning and the max age for the current users. The current users did have to reset passwords, but that's a small price to get the policy in place.
-- regards,
shane
-- Shrike-list mailing list Shrike-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/shrike-list
