Differences

This shows you the differences between two versions of the page.

--- aix:user_mgmt [2021/10/19 18:15]
manu
+++ aix:user_mgmt [2024/02/07 14:40] (current)
manu [Unlock a user]
@@ Line 1: / Line 1: @@
 ====== Users and group management ======
+===== Create group / user =====
+List a user with his parameters
+<cli prompt='#'>
+[root@aix01]/root# lsuser -f root
+root:
+        id=0
+        pgrp=system
+        groups=system,bin,sys,security,cron,audit,lp
+        home=/root
+        shell=/usr/bin/ksh93
+        auditclasses=general
+        login=true
+        su=true
+        rlogin=true
+        daemon=true
+        admin=true
+        sugroups=ALL
+        admgroups=
+        tpath=nosak
+        ttys=ALL
+        expires=0
+        auth1=SYSTEM
+        auth2=NONE
+        umask=22
+        registry=files
+        SYSTEM=compat
+        logintimes=
+        loginretries=0
+        pwdwarntime=0
+        account_locked=false
+        minage=0
+        maxage=0
+        maxexpired=-1
+        minalpha=2
+        minloweralpha=1
+        minupperalpha=1
+...
+[root@aix01]/root# lsuser -a id home root
+root id=0 home=/root
+</cli>
+===== User password management =====
+Add to the following commands **-R LDAP** if LDAP is used, default is **-R files**
 Set password for user user1
@@ Line 20: / Line 66: @@
 To check with particular user’s last password changed in AIX.
 Admin can check by execute following command
-<cli>
+<cli prompt='#'>
 root@aix-server1:/etc/security# pwdadm -q user3
 user3:
@@ Line 27: / Line 73: @@
 To determine when a password was last set or changed, as indicated in the last update value in pwdadm output. The UTC time stamp in seconds will need to be converted into a more meaningful current date time stamp.
-<cli>
+<cli prompt='#'>
 root@aix-server1:/etc/security# perl -le ‘print scalar localtime 1406597936’
 Tue Jul 29 09:38:56 2014
 </cli>
+read failed login
+<cli prompt='#'>
+root@aix-server1:/etc/security# who -a /etc/security/failedlogin
+root      - ssh         Jan 21 09:43      ?
+root      - ssh         Jan 21 13:25      ?
+root      - ssh         Jan 21 14:36      ?
+</cli>
+===== Unlock a user =====
+Reset count
+<cli prompt='#'>
+root@aix-server1:/root# lsuser -a unsuccessful_login_count user1
+user1 unsuccessful_login_count=7
+root@aix-server1:/root# chsec -f /etc/security/lastlog -a "unsuccessful_login_count=0" -s user1
+</cli>
+Unlock
+<cli prompt='#'>
+root@aix-server1:/root# lsuser -a account_locked user1
+user1 account_locked=true
+root@aix-server1:/root# chuser account_locked='false' user1
+</cli>
+===== Check connexions =====
+<cli prompt='#'>
+root@aixsrv /root# last -f /var/adm/wtmp
+root      pts/1        172.10.10.10           Feb 07 14:05 - 14:05  (00:00)
+user1     pts/1        172.10.10.20           Feb 07 14:05 - 14:05  (00:00)
+user2     pts/1        172.10.10.12           Feb 07 14:05 - 14:05  (00:00)
+root      pts/1        172.10.10.32           Feb 07 12:27 - 12:29  (00:02)
+root      pts/0        172.10.10.32           Feb 07 10:52   still logged in
+kkpk      ftp          timesrv.test.lan       Feb 07 02:32 - 02:32  (00:00)
+</cli>

wiki

User Tools

Site Tools

Differences

Page Tools