Here are the answers I received along with my original question. One
thing that I was suprised by was that the a/c with the expired password
was still able to use that expired password to connect with netscape's
mail program to read and send mail. Our network manager said that a
different and less restrictive login procedure is used for IMAP.
Thanks for all the answers.
Rob
\\|//
(o -)
~~~~~~~~~~~oOOo~(_)~oOOo~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Robert K. Kubarych,
Asst. Director of Systems Admin. & Programming
Rockland Community College
Suffern, NY 10901
Phone: (914) 574-4799
Machine: DEC Alpha 4100 Phone: (914) 574-4799
OS: DU 4.0d Fax (914) 574 - 4354
Unidata Version: UDT 3.3.2-64
Colleague Versions: 16
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
---------- Forwarded message ----------
Date: Wed, 16 Jun 1999 09:35:52 +0100
From: Richard Rogers <r.m.rogers_at_staffs.ac.uk>
To: Robert Kubarych <rkubaryc_at_sunyrockland.edu>
Subject: Re: passwd life expired, even root can't reset
On Tue, 15 Jun 1999 11:35:46 -0400 (EDT) Robert Kubarych
<rkubaryc_at_sunyrockland.edu> wrote:
> Hi All,
>
> We are running c2 security. I had a user who had not used his a/c in so
> long that the passwd life expired. Even as root I could not change his
> passwd. I fixed it by renaming his dir, running userdel on his login,
> deleting him from /etc/passwd, and running edauth -r login on him. I then
> added him again and renamed the dir back. Is there an easier way around
> this? I thought there might be an entry in the edauth dbase that could be
> editted instead.
Yes, there is. I expect you will need to modify the date of last
successful password change (u_succhg) - that's what I end up doing in
these circumstances.
Richard
-----------------------------------
Richard Rogers
Information Technology Services
Staffordshire University
Tel: 01785 (+44 1785) 353395
E-mail: R.M.Rogers_at_staffs.ac.uk
...Sit back, relax, and soon it will just go away...
On Tue, 15 Jun 1999, Davis wrote:
>
> Date: Tue, 15 Jun 1999 12:00:10 -0400
> From: Davis <davis_at_tessco.com>
> To: 'Robert Kubarych' <rkubaryc_at_sunyrockland.edu>
> Subject: RE: passwd life expired, even root can't reset
>
> [The following text is in the "iso-8859-1" character set]
> [Your display is set for the "US-ASCII" character set]
> [Some characters may be displayed incorrectly]
>
> Robert,
>
> You can "unretire" the account and manually set the expiration fields to
> reasonable values.
>
> Alan Davis
>
On Tue, 15 Jun 1999, Ian Goodacre wrote:
>
> Date: Tue, 15 Jun 1999 11:53:51 -0400
> From: Ian Goodacre <ian.goodacre_at_mbs.gov.on.ca>
> To: rkubaryc_at_sunyrockland.edu
> Subject: Re: passwd life expired, even root can't reset
>
> I use edauth and enter a more recent password change time, after which I
> can reset the password. This is crude but effective. Hope you find a more
> elegant solution.
>
> Ian Goodacre
>
> Computer and Telecommunication Services (CTS)
> Management Board Secretariat
> 155 University Avenue, 8th floor
> Toronto, Ontario, M5H 3B7
> Tel: 416-327-1092
> Fax: 416-327-3281
Received on Wed Jun 16 1999 - 12:03:14 NZST