[techtalk] password policy?
Nicole Zimmerman
colby at wsu.edu
Tue Jun 19 10:54:36 EST 2001
Thanks Caity :o)
<snip intro>
> chage -M 90 -W 10 <username>
>
> will set the account of username to expire every 90 days and issue a
> warning that the password is going to expire 10 days in advance. This
> command actually edits the /etc/shadow file to produce the desired results.
Will I have to do this for every username? Yes I can write a script (which
I have done a lot of lately), but if there is an easy way to do it
automatically that would be nice :o)
<snip the pam_cracklib stuff>
Good that I can use one tool to do it all, or at least most of it. I
couldn't find the password policy explicit on our local win2k domain
controller, I think it is inherited from the peer-ish domain controller or
I would be able to get exact details on what the policy is beyond what is
in our written policy (win2k just says "meets complexity requirements" and
I couldn't navigate through the help for the life of me).
I'll have to dig up more on cracklib for appropriate use to meet/exceed
the windows policy.
thanks again,
-nicole
More information about the Techtalk
mailing list