4 replies to this topic

[xDamox]

Hey all,

I thought I would do a little tutorial on how to force users to change their passwords when they first
login to the system.

Ok lets get started, first we will need to choose a user or create a users to enforce password chaning in my example
we will have a user called: znx and we want him to change his password when he logs in.

The thing we need to do is lock the account to make sure he doesn't login until we have finished so we
can issue the following:

usermod -L znx

Now that znx's account is locked we can change the password expiry date to 0 so he will be forced
to change the password:

chage -d 0 znx

Now znx's password has expired and we can now unlock his account with the following:

usermod -U znx

Done, that's all that is require to make the user znx change his password. When znx attempts to login he will
be presented with:

You are required to change your password immediately (root enforced)
Changing password for znx
(current) UNIX password:

Notice they have to enter their CURRENT password first before having to enter a new one.

[hybrid]

Does this work with GUIs as well? And if so, does it look nice or do users get presented with a nasty terminal window?

[xDamox]

Good question hybrid,

Last time I checked it did not work with X Windows I even emailed shadow man of the redhat magazine no reply
tho. If you do get it working with the GUI let me know

[znx]

a user like WHO ! .. i think this is copyright infringement

[xDamox]

Does this work with GUIs as well? And if so, does it look nice or do users get presented with a nasty terminal window?

On fedora core five it works excellent with X Windows really well handled