aix:user_mgmt
Differences
This shows you the differences between two versions of the page.
| Next revision | Previous revision | ||
|
aix:user_mgmt [2021/09/02 17:36] manu created |
aix:user_mgmt [2024/02/07 14:40] (current) manu [Unlock a user] |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ====== Users and group management ====== | ====== Users and group management ====== | ||
| + | |||
| + | ===== Create group / user ===== | ||
| + | |||
| + | List a user with his parameters | ||
| + | <cli prompt='#'> | ||
| + | [root@aix01]/root# lsuser -f root | ||
| + | root: | ||
| + | id=0 | ||
| + | pgrp=system | ||
| + | groups=system,bin,sys,security,cron,audit,lp | ||
| + | home=/root | ||
| + | shell=/usr/bin/ksh93 | ||
| + | auditclasses=general | ||
| + | login=true | ||
| + | su=true | ||
| + | rlogin=true | ||
| + | daemon=true | ||
| + | admin=true | ||
| + | sugroups=ALL | ||
| + | admgroups= | ||
| + | tpath=nosak | ||
| + | ttys=ALL | ||
| + | expires=0 | ||
| + | auth1=SYSTEM | ||
| + | auth2=NONE | ||
| + | umask=22 | ||
| + | registry=files | ||
| + | SYSTEM=compat | ||
| + | logintimes= | ||
| + | loginretries=0 | ||
| + | pwdwarntime=0 | ||
| + | account_locked=false | ||
| + | minage=0 | ||
| + | maxage=0 | ||
| + | maxexpired=-1 | ||
| + | minalpha=2 | ||
| + | minloweralpha=1 | ||
| + | minupperalpha=1 | ||
| + | ... | ||
| + | [root@aix01]/root# lsuser -a id home root | ||
| + | root id=0 home=/root | ||
| + | </cli> | ||
| + | |||
| + | ===== User password management ===== | ||
| + | |||
| + | Add to the following commands **-R LDAP** if LDAP is used, default is **-R files** | ||
| Set password for user user1 | Set password for user user1 | ||
| Line 9: | Line 55: | ||
| <cli> | <cli> | ||
| echo user1:passwd1 | chpasswd -c | echo user1:passwd1 | chpasswd -c | ||
| + | </cli> | ||
| + | |||
| + | You can also remove the flag ADMCHG from /etc/security/passwd using | ||
| + | <cli> | ||
| + | pwdadm -c user1 | ||
| + | </cli> | ||
| + | |||
| + | ==== How to read user password was last changed in AIX ==== | ||
| + | |||
| + | To check with particular user’s last password changed in AIX. | ||
| + | Admin can check by execute following command | ||
| + | <cli prompt='#'> | ||
| + | root@aix-server1:/etc/security# pwdadm -q user3 | ||
| + | user3: | ||
| + | lastupdate = 1406597936 | ||
| + | </cli> | ||
| + | |||
| + | To determine when a password was last set or changed, as indicated in the last update value in pwdadm output. The UTC time stamp in seconds will need to be converted into a more meaningful current date time stamp. | ||
| + | <cli prompt='#'> | ||
| + | root@aix-server1:/etc/security# perl -le ‘print scalar localtime 1406597936’ | ||
| + | Tue Jul 29 09:38:56 2014 | ||
| + | </cli> | ||
| + | |||
| + | read failed login | ||
| + | <cli prompt='#'> | ||
| + | root@aix-server1:/etc/security# who -a /etc/security/failedlogin | ||
| + | root - ssh Jan 21 09:43 ? | ||
| + | root - ssh Jan 21 13:25 ? | ||
| + | root - ssh Jan 21 14:36 ? | ||
| + | </cli> | ||
| + | |||
| + | ===== Unlock a user ===== | ||
| + | |||
| + | Reset count | ||
| + | <cli prompt='#'> | ||
| + | root@aix-server1:/root# lsuser -a unsuccessful_login_count user1 | ||
| + | user1 unsuccessful_login_count=7 | ||
| + | root@aix-server1:/root# chsec -f /etc/security/lastlog -a "unsuccessful_login_count=0" -s user1 | ||
| + | </cli> | ||
| + | |||
| + | Unlock | ||
| + | <cli prompt='#'> | ||
| + | root@aix-server1:/root# lsuser -a account_locked user1 | ||
| + | user1 account_locked=true | ||
| + | root@aix-server1:/root# chuser account_locked='false' user1 | ||
| + | </cli> | ||
| + | |||
| + | ===== Check connexions ===== | ||
| + | |||
| + | <cli prompt='#'> | ||
| + | root@aixsrv /root# last -f /var/adm/wtmp | ||
| + | root pts/1 172.10.10.10 Feb 07 14:05 - 14:05 (00:00) | ||
| + | user1 pts/1 172.10.10.20 Feb 07 14:05 - 14:05 (00:00) | ||
| + | user2 pts/1 172.10.10.12 Feb 07 14:05 - 14:05 (00:00) | ||
| + | root pts/1 172.10.10.32 Feb 07 12:27 - 12:29 (00:02) | ||
| + | root pts/0 172.10.10.32 Feb 07 10:52 still logged in | ||
| + | kkpk ftp timesrv.test.lan Feb 07 02:32 - 02:32 (00:00) | ||
| </cli> | </cli> | ||
aix/user_mgmt.1630597018.txt.gz · Last modified: 2021/09/02 17:36 by manu
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: GNU Free Documentation License 1.3
