wiki

User Tools

Site Tools

Trace:
aix:user_mgmt

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision 		Previous revision
aix:user_mgmt [2021/09/02 17:36]
manu created 		aix:user_mgmt [2024/02/07 14:40] (current)
manu [Unlock a user]
Line 1: Line 1:
 ====== Users and group management ====== ====== Users and group management ======
 +
 +===== Create group / user =====
 +
 +List a user with his parameters
 +<cli prompt='#'>​
 +[root@aix01]/​root#​ lsuser -f root
 +root:
 +        id=0
 +        pgrp=system
 +        groups=system,​bin,​sys,​security,​cron,​audit,​lp
 +        home=/root
 +        shell=/​usr/​bin/​ksh93
 +        auditclasses=general
 +        login=true
 +        su=true
 +        rlogin=true
 +        daemon=true
 +        admin=true
 +        sugroups=ALL
 +        admgroups=
 +        tpath=nosak
 +        ttys=ALL
 +        expires=0
 +        auth1=SYSTEM
 +        auth2=NONE
 +        umask=22
 +        registry=files
 +        SYSTEM=compat
 +        logintimes=
 +        loginretries=0
 +        pwdwarntime=0
 +        account_locked=false
 +        minage=0
 +        maxage=0
 +        maxexpired=-1
 +        minalpha=2
 +        minloweralpha=1
 +        minupperalpha=1
 +...
 +[root@aix01]/​root#​ lsuser -a id home root
 +root id=0 home=/root
 +</​cli>​
 +
 +===== User password management =====
 +
 +Add to the following commands **-R LDAP** if LDAP is used, default is **-R files**
  
 Set password for user user1 Set password for user user1
Line 9: Line 55:
 <cli> <cli>
 echo user1:​passwd1 | chpasswd -c echo user1:​passwd1 | chpasswd -c
 +</​cli>​
 +
 +You can also remove the flag ADMCHG from /​etc/​security/​passwd using
 +<cli>
 +pwdadm -c user1
 +</​cli>​
 +
 +==== How to read user password was last changed in AIX ====
 +
 +To check with particular user’s last password changed in AIX.
 +Admin can check by execute following command
 +<cli prompt='#'>​
 +root@aix-server1:/​etc/​security#​ pwdadm -q user3
 +user3:
 +lastupdate = 1406597936
 +</​cli>​
 +
 +To determine when a password was last set or changed, as indicated in the last update value in pwdadm output. The UTC time stamp in seconds will need to be converted into a more meaningful current date time stamp.
 +<cli prompt='#'>​
 +root@aix-server1:/​etc/​security#​ perl -le ‘print scalar localtime 1406597936’
 +Tue Jul 29 09:38:56 2014
 +</​cli>​
 +
 +read failed login
 +<cli prompt='#'>​
 +root@aix-server1:/​etc/​security#​ who -a /​etc/​security/​failedlogin
 +root      - ssh         Jan 21 09:43      ?
 +root      - ssh         Jan 21 13:25      ?
 +root      - ssh         Jan 21 14:36      ?
 +</​cli>​
 +
 +===== Unlock a user =====
 +
 +Reset count
 +<cli prompt='#'>​
 +root@aix-server1:/​root#​ lsuser -a unsuccessful_login_count user1
 +user1 unsuccessful_login_count=7
 +root@aix-server1:/​root#​ chsec -f /​etc/​security/​lastlog -a "​unsuccessful_login_count=0"​ -s user1
 +</​cli>​
 +
 +Unlock
 +<cli prompt='#'>​
 +root@aix-server1:/​root#​ lsuser -a account_locked user1
 +user1 account_locked=true
 +root@aix-server1:/​root#​ chuser account_locked='​false'​ user1
 +</​cli>​
 +
 +===== Check connexions =====
 +
 +<cli prompt='#'>​
 +root@aixsrv /root# last -f /​var/​adm/​wtmp
 +root      pts/1        172.10.10.10 ​          Feb 07 14:05 - 14:05  (00:00)
 +user1     ​pts/​1 ​       172.10.10.20 ​          Feb 07 14:05 - 14:05  (00:00)
 +user2     ​pts/​1 ​       172.10.10.12 ​          Feb 07 14:05 - 14:05  (00:00)
 +root      pts/1        172.10.10.32 ​          Feb 07 12:27 - 12:29  (00:02)
 +root      pts/0        172.10.10.32 ​          Feb 07 10:52   still logged in
 +kkpk      ftp          timesrv.test.lan ​      Feb 07 02:32 - 02:32  (00:00)
 </​cli>​ </​cli>​
aix/user_mgmt.1630597018.txt.gz · Last modified: 2021/09/02 17:36 by manu

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: GNU Free Documentation License 1.3
GNU Free Documentation License 1.3 Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki