Forcing users to change password at login - Probably "Again"
Ben Kevan
ben.kevan at gmail.com
Mon Jul 14 22:37:36 UTC 2008
On Monday 14 July 2008 02:33:55 pm Hari N wrote:
> On Mon, Jul 14, 2008 at 5:24 PM, Hari N <hari2n at gmail.com> wrote:
> > Ben,
> >
> > After the line in your script where you create a new user, you could try
> > adding a line that will change the third field in /etc/shadow for that
> > new user and make that value zero. Basically passwd -f command does the
> > same. If this value is set to zero, it should prompt the user to change
> > his password when he logs in next time.
> >
> > Regards,
> > Hari
>
> I meant to send an example as well:
>
> cat /etc/shadow | grep username
> username:ovXk64RTyiOeR:*10360*
>
> change it to: username:ovXk64RTyiOeR:*0
> *
> See if this helps.
>
> Regards,
> Hari*
> *
I may have spoken too soon.
Even with shadow's 3rd option in RHEL4 being 0 it still allows me to su tuser
without changing the password:
tuser:paY93y97Lh8sA:0:0:99999:7:::
Again this works fine on a SUSE box (which I did my initial testing) ..
More information about the redhat-list
mailing list