3 Replies Latest reply: Aug 28, 2012 6:23 PM by Soory RSS

    Password soon to expire

    user1466636
      Hello - is there a way within a script to reset a password that is SOON to be expired? will passwd -u reset the counter to expire? or is there another command that will? THanks

      Edited by: user1466636 on Aug 23, 2012 7:10 AM
        • 1. Re: Password soon to expire
          CyberNinja
          You could just change the date in the /etc/shadow file. This will give you more time. The 3rd field is the last password change field and this will be the part you will need to change. This fix works on local accounts and you need to be root to edit the shadow file.

          Also passwd -x does the same thing as above.
          # passwd -x 90
          The example above sets your account to have 90 days between password changes. Again you need to be root.

          If your a NIS, NIS+ or LDAP user then you can do this.
          # passwd -r files -x 90
          In the example above only use -r with one option like -r ldap. Again you need to be root.

          You can also use usermod to modify the user account. Again you need to be root.
          • 2. Re: Password soon to expire
            885866
            yes, "passwd -u" resets the expiration counter and will be safer than manually editing the /etc/shadow file. this will also keep you in line with any existing security requirements as opposed to eliminating the expiration or extending the time period.
            • 3. Re: Password soon to expire
              Soory
              passwd -u unlocks a locked account.

              To set password expiry use passwd -x -1 <some value>, eg. passwd -x -1 90, the value 90 here set the password to expire after 90 days.