Force password change

[xDamox]

Hey all,

 

I thought I would do a little tutorial on how to force users to change their passwords when they first

login to the system.

 

Ok lets get started, first we will need to choose a user or create a users to enforce password chaning in my example

we will have a user called: znx ;) and we want him to change his password when he logs in.

 

The thing we need to do is lock the account to make sure he doesn't login until we have finished so we

can issue the following:

 

Code:

usermod -L znx

 

Now that znx's account is locked we can change the password expiry date to 0 so he will be forced

to change the password:

 

Code:

chage -d 0 znx

 

Now znx's password has expired and we can now unlock his account with the following:

 

Code:

usermod -U znx

 

Done, that's all that is require to make the user znx change his password. When znx attempts to login he will

be presented with:

 

Code:

You are required to change your password immediately (root enforced)
Changing password for znx
(current) UNIX password:

 

Notice they have to enter their CURRENT password first before having to enter a new one.

[hybrid]

Does this work with GUIs as well? And if so, does it look nice or do users get presented with a nasty terminal window?

[xDamox]

Good question hybrid,

 

Last time I checked it did not work with X Windows :( I even emailed shadow man of the redhat magazine no reply

tho. If you do get it working with the GUI let me know :)

[znx]

a user like WHO ! .. i think this is copyright infringement :P

[xDamox]

Does this work with GUIs as well? And if so, does it look nice or do users get presented with a nasty terminal window?

 

On fedora core five it works excellent with X Windows really well handled :)