ian_j_albert
18th August 2010, 06:43
Hi guys,
Question on password aging... There have been quite a few postings on password aging on baanboard so my question is regarding how some you deal with it.
We are actually running AIX 6.1
1) We able to enforce Password Aging for the users but we find some impractical usability issues. We've followed things in Infor Solution 119781
and 117156
2) The ttstppwchange session goes into an infinite loop if you try to run it without being triggered by the ttstppwdaging session. Does anyone find this to be a troublesome thing as users can not change their passwords at will
3) Our problem is that when we first create an account in LN for a user, the MIS will know their password. We want to enforce a password change for the user. So what we do is the following
A) MIS personnel create an LN account for a user. OS User Password Policy has been set to force the password to expire when the user will login the first timee f. [Days to Warn user before Password Expires=365, Password Max Age (weeks)=52]
B) User Logs in for the first time in Webtop and ttstppwchange executes and user is forced to change password
C) User must call up and inform MIS that they have changed their password and MIS must now change the User Password Aging Policy so it will not expire next. [Days to Warn user before Password Expires=7, Password Max Age (weeks)=52].
The items in brackets are the aging policy we set for the user in AIX using smitty. We would like skip step C because it is troublesome for MIS to be involved in it. Does anyone face this same issue or use their own scripts.
There's this product that may do the trick but how does everyone handle this issue? Via custom Unix scripts? http://www.disus.com/components/login_controls.html
Question on password aging... There have been quite a few postings on password aging on baanboard so my question is regarding how some you deal with it.
We are actually running AIX 6.1
1) We able to enforce Password Aging for the users but we find some impractical usability issues. We've followed things in Infor Solution 119781
and 117156
2) The ttstppwchange session goes into an infinite loop if you try to run it without being triggered by the ttstppwdaging session. Does anyone find this to be a troublesome thing as users can not change their passwords at will
3) Our problem is that when we first create an account in LN for a user, the MIS will know their password. We want to enforce a password change for the user. So what we do is the following
A) MIS personnel create an LN account for a user. OS User Password Policy has been set to force the password to expire when the user will login the first timee f. [Days to Warn user before Password Expires=365, Password Max Age (weeks)=52]
B) User Logs in for the first time in Webtop and ttstppwchange executes and user is forced to change password
C) User must call up and inform MIS that they have changed their password and MIS must now change the User Password Aging Policy so it will not expire next. [Days to Warn user before Password Expires=7, Password Max Age (weeks)=52].
The items in brackets are the aging policy we set for the user in AIX using smitty. We would like skip step C because it is troublesome for MIS to be involved in it. Does anyone face this same issue or use their own scripts.
There's this product that may do the trick but how does everyone handle this issue? Via custom Unix scripts? http://www.disus.com/components/login_controls.html