Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations wOOdy-Soft on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

How to deactivate a login

Status
Not open for further replies.
mm8294

mm8294

MIS
Oct 12, 2001
73
US
We need disable some user accounts. I know we can open SAM and deactivate user accounts, but there are hundreds of them and it takes too long. My boss said it can be done with 'usermod' and asked me to write a script to do it. However, I checked the man page of usermod and I don't think it can do it.

Does anybody know how to disable/deactivate user accounts with command line?


Thanks in advance.
 
Sort by date Sort by votes
I got it: you can user either 'passwd -l username' or 'usermod -e 6/14/06 username' to do it.


But, now the question is: how do enable those accounts through command?
 
Upvote 0 Downvote
I guess to enable them again you could just set the -e date parameter to a date later than the day you're issuing the command. You may have to reset the password at the same time.

I take it you're OK with the script to disable these accounts en-masse?
 
Upvote 0 Downvote
KenCuningham,

'usermod -e' should work if the accounts were disabled with the same command. If they were disabled with 'passwd -l', it won't.

Thank you very much.
 
Upvote 0 Downvote
as Ken wrote: using 'passwd -l username' you can not enable the user, since the encrypted password is replaced by a n asterisk in /etc/passwd

If you have converted your system into a secure system you could use getprpw and modprpw to check and set user attributes

Best Regards, Franz
--
UNIX System Manager from Munich, Germany
 
Upvote 0 Downvote
daFranze,

It's interesting: on hour system, the password for every account in /etc/passwd is '*'
 
Upvote 0 Downvote
this is depending on how you set up the host: you could use default UNIX behavour, password is encrypted and saved in /etc/passwd file; for higher security it is crypted and stored in /etc/shadow, and for paranoids ;-) hp offers the /tcb Structures
if you have the standard UNIX version a locked user has an undecryptable password like an asterisk

I currently participate in a hp Training in BadHomburg Germany and the passwd file looks like this:
Code: 
root@bhg168   [/root]
# head -5 /etc/passwd
root:9oTPronwCKT9w:0:3::/root:/sbin/sh
instr:5iIpsxhIAieBA:0:3:INSTRUCTOR USE ONLY:/home/instr:/sbin/sh
daemon:*:1:5::/:/sbin/sh
bin:*:2:2::/usr/bin:/sbin/sh
sys:*:3:3::/:

daemon, bin, sys are locked users

Best Regards, Franz
--
UNIX System Manager from Munich, Germany
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

ziggy6
  • Locked
  • Question
Help using awk or some kind of Tool in Unix to Read a file, cut fields and write to a file
Replies
2
Views
1K
mikrom
mikrom
ziggy6
  • Locked
  • Question
Trying to Install Openssl 1.1.1. on SCO 5.0.7
Replies
0
Views
869
ziggy6
ziggy6
mduddytel
  • Locked
  • Question
Unix Root inbox - how to clear
Replies
0
Views
811
mduddytel
mduddytel
MikeDave888
  • Locked
  • Question
Run a Crontab job on odd/even weeks 1
Replies
2
Views
922
MikeDave888
MikeDave888
keerthi2016
  • Locked
  • Question
how list two files in a single command 1
Replies
4
Views
397
johnherman
johnherman

Part and Inventory Search

Sponsor

Back
Top