Expiring a password manually - SUMMARY from Brian Weaver on 1995-09-13 (tru64-unix-managers)

From: Brian Weaver <weaver_at_pr1.k12.co.us>
Date: Tue, 12 Sep 1995 09:33:59 -0600 (MDT)

I got my answer to the question of manually expiring a password
on an account to force the user to change it. Here are the
responses I received..

--------------------

>From pdf_at_morgan.ucs.mun.ca Mon Sep 11 19:26:11 1995
Received: from piva.ucs.mun.ca by alpha.pr1.k12.co.us; (5.65/1.1.8.2/16Jul95-0251PM)
id AA04462; Mon, 11 Sep 1995 19:26:07 -0600
Received: from plato.ucs.mun.ca (pdf_at_plato.ucs.mun.ca [134.153.2.151]) by piva.ucs.mun.ca (8.6.12/8.6.9) with ESMTP id WAA00677 for <weaver_at_pr1.k12.co.us>; Mon, 11 Sep 1995 22:52:37 -0230
From: Paul David Fardy <pdf_at_morgan.ucs.mun.ca>
Received: (pdf_at_localhost) by plato.ucs.mun.ca (8.6.12/8.6.9) id WAA26888; Mon, 11 Sep 1995 22:52:37 -0230
Message-Id: <199509120122.WAA26888_at_plato.ucs.mun.ca>
To: Brian Weaver <weaver_at_pr1.k12.co.us>
Subject: Re: Expiring a password
In-Reply-To: Your message of "Mon, 11 Sep 95 13:14:45 MDT."
<Pine.OSF.3.91.950911131248.10391A-100000_at_alpha.pr1.k12.co.us>
Reply-To: pdf_at_morgan.ucs.mun.ca
Return-Receipt-To: pdf_at_morgan.ucs.mun.ca
Date: Mon, 11 Sep 95 22:52:36 -0230
Status: RO
X-Status:

Your message dated: Mon, 11 Sep 95 13:14:45 MDT
>Is there a way under enhanced security to manually expire a password
>so the user is forced to change it when they log in? I'm writing
>a bunch of perl stuff to automate adding accounts, and I'd
>like to give newusers a random password, and force them to
>change it the first time they use it. I looked at the manual
>for the u_exp field, but this is an expiration interval, not
>a flag that says "password is currently expired"

Delete or don't add the u_succhg field. I don't know if this is
documented (I don't have the docs here), but I discovered this by
accident (I set ":u_succhange#<now>:"). Setting ":u_succhg#0:"
would lock the account, assuming passwords expire.

Paul Fardy

--
Paul David Fardy                      |  pdf_at_morgan.ucs.mun.ca
Computing and Communications          |  pdf_at_InfoNET.st-johns.nf.ca
Memorial University of Newfoundland   |
St. John's, NF  A1C 5S7               |
>From siegelr_at_teleport.com Mon Sep 11 19:36:46 1995
Received: from desiree.teleport.com by alpha.pr1.k12.co.us; (5.65/1.1.8.2/16Jul95-0251PM)
	id AA05381; Mon, 11 Sep 1995 19:36:45 -0600
Received: from 204.119.62.241 (ip-pdx08-49.teleport.com [204.119.62.241]) by desiree.teleport.com (8.6.12/8.6.9) with SMTP id SAA19290 for <weaver_at_pr1.k12.co.us>; Mon, 11 Sep 1995 18:33:19 -0700
Date: Mon, 11 Sep 1995 18:33:19 -0700
Message-Id: <199509120133.SAA19290_at_desiree.teleport.com>
From: siegelr_at_teleport.com
Subject: Re: Expiring a password
To: Brian Weaver <weaver_at_pr1.k12.co.us>
X-Mailer: AIR Mail 3.X (SPRY, Inc.)
Status: RO
X-Status: 
> Date: Mon, 11 Sep 1995 13:14:45 -0600 (MDT)
> From: Brian Weaver <weaver_at_pr1.k12.co.us>
> Subject: Expiring a password
> To: OSF managers <alpha-osf-managers_at_ornl.gov>
> Is there a way under enhanced security to manually expire a password
> so the user is forced to change it when they log in? I'm writing
> a bunch of perl stuff to automate adding accounts, and I'd
> like to give newusers a random password, and force them to
> change it the first time they use it. I looked at the manual
> for the u_exp field, but this is an expiration interval, not
> a flag that says "password is currently expired"
I pre-expire passwords by setting the successful password change field to 0 
(u_succhg#0) after I change the password.  I guess if you wanted to be really 
precise, you could subtract u_exp from the current time and use that for 
u_succhg but I don't think it matters.  Zero seems to work just fine.

Received on Tue Sep 12 1995 - 18:35:30 NZST

This archive was generated by hypermail 2.4.0 : Wed Nov 08 2023 - 11:53:45 NZDT