Board index Aix

NIS and (pre)expired passwords

NIS and (pre)expired passwords

Post by Klaus Wack » Wed, 12 Feb 1992 02:30:13



We have one NIS master server and one slave server (both RS6000-550, AIX
3.1.5).  On the slave server, I renamed /bin/passwd to something else.
Under the name /bin/passwd I installed something which tells people to
please use yppasswd.

Suppose I create a new user.  I use smit, also to give him an initial
password (BTW, why doesn't smit prompt me for that?).  User logs in on
the slave server (he's supposed to, he has his home directory there),
using the initial password, and is immediately asked to change his
password.  He does so.  Later, he logs out and logs in again.  The new
password doesn't work.  He has to use the old initial password and is
again asked to change the password.  This goes on forever or until user
uses yppasswd to really change his password.

I guess the same will happen when a password expires, but we haven't
had the machines long enough for this to happen.

This is clearly not an acceptable situation.  What have I done wrong?

Regards,


| /  |  _       __  | | |  _   _ |     _   _  Klaus Wacker, Exp.Physik V
|/\  |  _\ | | (_   | | |  _\ /  |_)  /_) |   Uni Dortmund, Postfach 500500
|  \_|_(_|_|_|___)  |_|_|_(_|_\__| \_/\___|   D-4600 Dortmund 50
                                              +49 (231) 755 3587

 
 
 
Top

NIS and (pre)expired passwords

Post by Kevin Coy » Wed, 12 Feb 1992 09:07:41



>We have one NIS master server and one slave server (both RS6000-550, AIX
>3.1.5).  On the slave server, I renamed /bin/passwd to something else.
>Under the name /bin/passwd I installed something which tells people to
>please use yppasswd.

>Suppose I create a new user.  I use smit, also to give him an initial
>password (BTW, why doesn't smit prompt me for that?).  User logs in on
>the slave server (he's supposed to, he has his home directory there),
>using the initial password, and is immediately asked to change his
>password.  He does so.  Later, he logs out and logs in again.  The new
>password doesn't work.  He has to use the old initial password and is
>again asked to change the password.  This goes on forever or until user
>uses yppasswd to really change his password.

>I guess the same will happen when a password expires, but we haven't
>had the machines long enough for this to happen.

>This is clearly not an acceptable situation.  What have I done wrong?

Changing to "expires = 0" under "default:" in /etc/security/user is
one way to solve your problem... :-)

 
 
 
Top

NIS and (pre)expired passwords

Post by John F Haugh » Thu, 13 Feb 1992 00:13:42



>We have one NIS master server and one slave server (both RS6000-550, AIX
>3.1.5).  On the slave server, I renamed /bin/passwd to something else.
>Under the name /bin/passwd I installed something which tells people to
>please use yppasswd.

[ details deleted ... ]

Quote:>This is clearly not an acceptable situation.  What have I done wrong?

There are supposed to be APARs since 3.1.5 which deal with problems
with NIS.  The problem is (as you might have guessed) that /bin/passwd
and friends (actually, I think it is the newpass() function) don't
update the NIS servers.
--
John F. Haugh II        | Every 56 days.   | UUCP: ...!cs.utexas.edu!rpp386!jfh

SigVirusGuard 1.1: Don't Post News Without It!  [ now in handy mail size too! ]

 
 
 
Top

NIS and (pre)expired passwords

Post by Curt Finch 903 2F021 c.. » Fri, 14 Feb 1992 00:28:27


Quote:>There are supposed to be APARs since 3.1.5 which deal with problems
>with NIS.  The problem is (as you might have guessed) that /bin/passwd
>and friends (actually, I think it is the newpass() function) don't
>update the NIS servers.

John is correct.
a22470 contains this fix.  Among other things, I changed the passwd and
pwdadm commands to execute yppasswd in the case that the password of
the user in question comes from NIS.

--


My views are unrelated to those of IBM     |        Austin, TX
 "A little rebellion is a good thing now and then" - Thomas Jefferson

 
 
 
Top

1. Pre expire password working in telnet not ssh

Hello,

Environment:RH linux 7.2, openssh v 3.4

I am setting up users in the following manner:

for user "q"

#Set last day of change to Jan 1 1970 + 1day
chage  -d 1 q
#set passwd to expire in 180 days
chage -M 180

#view results:

Minimum:        0
Maximum:        180
Warning:        7
Inactive:       -1
Last Change:            Jan 02, 1970
Password Expires:       Jul 01, 1970
Password Inactive:      Never
Account Expires:        Never

Looks good.

I have the user ssh into the machine:


I have the user telnet into the machine:
You are required to change your password immediately (password aged)
Changing password for q
(current) UNIX password:    

The users can login and change their passwords
through telnet OK  and they then are setup to be expired 180 days from
today.


Minimum:        0
Maximum:        180
Warning:        7
Inactive:       -1
Last Change:            Jul 15, 2002
Password Expires:       Jan 11, 2003
Password Inactive:      Never
Account Expires:        Never

However, the whole point of this machine was security, so telnet is
not an option, just for troubleshooting the password change.

How do we get this to work over ssh?

Thanks!
-john

2. Obtaining diskinfo

3. Expiring passwords under NIS ?

4. miro dc1 video capture card

5. expired password with NIS

6. xdm help

7. password expired, solaris 2.5.1 and NIS+

8. eth0: device does not exist

9. NIS+ users and expired passwords

10. Expire NIS passwords

11. "Pre-GA" RISC Systems - Free upgrade offer expiring

12. M$ word descrabler---pre-pre-pre-release

13. Can't change NIS+ password in NIS+ client


All times are UTC
Board index