From: Colin Jenkins (cdj@ANTALIS.CO.UK)
Date: Wed Apr 14 2004 - 06:46:40 EDT
Thanks Efty,
I saw this but did not realize what it meant. Just tried it and this works fine. I can now modify my script to 'clean' up the 'flags = NOCHECK' although given what I am doing there is no real need.
Regards,
Colin
----
Colin Jenkins
Antalis
UK
-----Original Message-----
From: IBM AIX Discussion List [mailto:aix-l@Princeton.EDU] On Behalf Of Eftychios Eftychiou
Sent: 14 April 2004 11:13
To: aix-l@Princeton.EDU
Subject: Re: flags = ADMCHG
Colin,
Check out the "pwdadm -f NOCHECK <user>" command. This will reset the ADMCHG flag. Regards, efty . . . ______________________________________________________________________
Eftychios Eftychiou | Computer Center
I.T.Officer | University of Cyprus
Tel...... +357-22-892135 (ext.2135) | P.O.Box 537
Fax...... +357-22-756082 | 1678 Nicosia
E-mail... efty@ucy.ac.cy | CYPRUS
_______________________________________|______________________________
_o
_`\<,_
.......(_)/ (_)
On Wed, 14 Apr 2004, Colin Jenkins wrote:
> I have 3 AIX boxes for which I synchronize passwords for a subset of
> the user accounts.
>
> I do this by a script which once a day copies /etc/security/passwd
> from the 'master' box and then slots in the password for each of the
> users in the subset into /etc/security/passwd on the other 2 boxes,
> the script also removes ADMCHG if 'flags = ADMCHG' is set.
>
> Users normally telnet to the master box and them from a menu rlogin to
> the other boxes which fires off the selected application.
>
> This all seems to work fine.
>
> My problem is that when I create a new user, then flags = ADMCHG is
> set on all boxes. This means that when this new user signs in to the
> 'master' box, they are prompted to change their password, when they
> select an application on one of the other boxes, then unless my
> 'password copy' script has run, then they are prompted to change their
> password again.
>
> Is there any way I can unset 'flags = ADMCHG' for a user ?
>
> I have been looking through the docs, but have not been able to see
> anything.
>
> Please excuse the lengthy preamable to a simple question, but I though
> it best to (try) and explain the background.
>
> Regards,
>
> Colin
>
> ---
>
> Colin Jenkins
> Antalis
> UK
>
>
>
> **********************************************************************
> ****************************
> The contents of this email and any attachments are confidential.
> It is intended for the named recipient(s) only.
> If you have received this email in error please notify the system manager or the
> sender immediately and do not disclose the contents to any one or make copies.
>
> ** eSafe scanned this email for viruses, vandals and malicious content
> **
> **************************************************************************************************
>
**************************************************************************************************
The contents of this email and any attachments are confidential.
It is intended for the named recipient(s) only.
If you have received this email in error please notify the system manager or the
sender immediately and do not disclose the contents to any one or make copies.
** eSafe scanned this email for viruses, vandals and malicious content **
**************************************************************************************************
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 22:17:49 EDT