modprpw man page on HP-UX

Man page or keyword search:  
man Server   10987 pages
apropos Keyword Search (all sections)
Output format
HP-UX logo
[printable version]

modprpw(1M)							   modprpw(1M)

NAME
       modprpw - modify protected password database

SYNOPSIS

	username

       value,... ]  username

DESCRIPTION
       updates	the user's protected password database settings.  This command
       is available only to the superuser in a trusted system.

       Usage other than via SAM, and/or modifications out  of  sync  with  may
       result  in  serious database corruption and the inability to access the
       system.

       All updated values may be verified using the command.  See getprpw(1M).

       uses the configuration file default if  is  not	specified.   See  nss‐
       witch.conf(4).

   Options
       sets  user's  parameters as defined by the options specified.  At least
       one option is required.	If a field is not specified in the option then
       its value remains unchanged in the database.

       recognizes the following options:

       To add a new user entry and to return a random password
	    which  the	new user must use to login the first time.  This entry
	    has to be created with the given username and the

	    Error is returned if the user already exists.

	    May be combined with the option.

	    Unlike the command, it does	 not  create  nor  populate  the  home
	    directory, and it does not update

       This option is specified WITHOUT a user name to expire
	    all	 user's	 passwords.   It  goes	through the protected password
	    database and zeroes the successful change time of all users.   The
	    result  is	all  users  will need to enter a new password at their
	    next login.

	    May be combined with the option.

       This option is specified with a user name to expire
	    the specified user's password. It  zeroes  the  successful	change
	    time.

	    May be combined with the and/or options.

       To unlock/enable a user's account that has become disabled,
	    except when the lock is due to a missing password or * password.

	    May be combined with the and/or options.

       This option modifies data for a local user,
	    username.  This option must be specified with other options.

       Modify the database field to the specified value
	    and/or resets locks.  Valid with one of the following options: or

	    A  list  of database fields may be used with comma as a delimiter.
	    An "invalid-opt" is printed, and processing terminates, if a  list
	    of database fields passed to contains an invalid database field.

	    Boolean values are specified as YES, NO, or DFT for system default
	    values Numeric values are specified as positive numbers, 0, or -1.
	    If	the  -1	 is  specified,	 the  numeric value in the database is
	    removed, allowing the system default value to be used.  Time  val‐
	    ues	 are  specified	 in  days, although the database keeps them in
	    seconds.

	    No aging is present if the following 4 database parameters are all
	    zero:

	    Unless  specified  by  all	database  fields can be set.  They are
	    listed below in the order shown in The database fields  are	 fully
	    explained in prpwd(4).

	    DATABASE FIELD

	    database

	    database

				Set  the  uid of the user.  No sanity checking
				is done on this value.

	    database

	    database

	    database

				Set boot authorization privilege,  removes  it
				from the user file.

	    database

				Set  audit  id.	 Automatically	limited not to
				exceed the next available id.

	    database

				Set audit flag.

	    database

				Set the minimum time interval between password
				changes (days). 0 = none.  Same as non-trusted
				mode minimum time.

	    database

				Set the maximum	 password  length  for	system
				generated passwords.

	    database

				Set  password expiration time interval (days).
				0 = not expired.   Same	 as  non-trusted  mode
				maximum time.

	    database

				Set  password  life time interval (days).  0 =
				infinite.

	    database

				Modified by options maybe

	    database

	    database

				Set account expiration time  interval  (days).
				This  interval	is  added to "now" to form the
				value in the database (database 0 = no expira‐
				tion).

	    database

				Set the last login time interval (days).  Used
				with

	    database

				Set password expiration warning time  interval
				(days). 0 = none.

	    database		Obsoleted field.

	    database

				Set whether User Picks Password,

	    database

				Set  whether  system  generates	 pronounceable
				passwords,

	    database

				Set if generated password  is  restricted,  If
				password will be checked for triviality.

	    database

				Set whether null passwords are allowed, is not
				recommended!

	    database		Obsolescent field.

	    database		Obsoleted field.

	    database

				Set whether system generates passwords	having
				characters only,

	    database

				Set  whether system generates passwords having
				letters only,

	    database

				Set the time-of-day allowed for login.

				The format is:

				Where key has the following values:
				  - Monday
				  - Tuesday
				  - Wednesday
				  - Thursday
				  - Friday
				  - Saturday
				  - Sunday
				  -  everyday
				  - Monday -> Friday

				  and Starttime and Endtime  are  in  military
				  format: HHMM, where:
				  00 <= HH <= 23, and 00 <= MM <= 59.

	    database

	    database

	    database

	    database

	    database

	    database

				Set  Maximum Unsuccessful Login tries allowed.
				0 = infinite.

	    database

				Set the administrator lock,

       This option is specified WITHOUT a user name to
	    "validate/refresh" all user's passwords.  It goes through the pro‐
	    tected  password  database	and sets the successful change time to
	    the current time for all users. The	 result	 is  that  all	user's
	    password aging restarts at the current time.

	    May be combined with the option.

       This option is specified with a user name to
	    "validate/refresh"	the  specified	user's	password.  It sets the
	    successful change time to the current time.

	    May be combined with the and/or options.

       Delete the user's password and return a random password that
	    the user must later supply to the login process to login and  pick
	    a new password. Not valid for root.	 Also resets locks.

	    May be combined with the option.

RETURN VALUE
	      0	     Success.
	      1	     User not privileged.
	      2	     Incorrect usage.
	      3	     Can not find the entry or file.
	      4	     Can not change the entry.
	      5	     Not a Trusted System.

EXAMPLES
       Set  the	 Minimum  time	between password changes to 12 (days), set the
       System generates pronounceable password flag to NO, and set the	System
       generates password having characters only flag to YES.

       The  following  example	is to restrict the times that user joeblow can
       get on the system on Mondays and Fridays to 5PM-9PM, and	 Sundays  from
       5AM-9AM. Other days are not restricted.

WARNINGS
       This  command  is  intended  for SAM use only.  It may change with each
       release and can not be guaranteed to be backward compatible.

       Several database fields interact with others.  Side effects may not  be
       apparent until much later.

       Special meanings may apply in the following cases:

	      · an absent field,
	      · a field without a value,
	      · a field with a zero value.

       Very little, if any checking is done to see if values are valid.	 It is
       the user's responsibility to range check values.

       HP-UX 11i Version 3 is the last	release	 to  support  trusted  systems
       functionality.

FILES
       System Password file
       Protected Password Database
       System Defaults Database

AUTHOR
       was developed by HP.

SEE ALSO
       getprpw(1M), prpwd(4), nsswitch.conf(4).

				TO BE OBSOLETED			   modprpw(1M)
[top]

List of man pages available for HP-UX

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net