<div>I don't know about Linux, but on Solaris you can do a passwd -f <user> in order to force their password to expire making them have to change it on next login.</div>
<div> </div>
<div>As far as disabling accounts of 30 days of non-use, I know of no automated way of doing this.<br>Perhaps you can set the passwords to expire every 25 days and then your ability to disable the account after 5 days fo the password being expired will put you within compliance.
</div>
<div> </div>
<div>Our systems do not have users on them except for the Sys Admins. They are all application servers and we aren't really concerned with this type of stuff. We just kill someone's account once they leave the company (the user database is only about 10 users!)
<br> </div>
<div><span class="gmail_quote">On 8/18/05, <b class="gmail_sendername">Barry Von Ahsen</b> <<a href="mailto:barry@vonahsen.com">barry@vonahsen.com</a>> wrote:</span>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">Yea for government mandated busywork!<br><br>I've gotten nearly everything done except two (pam can do a lot, I'm not
<br>surprised, but I'd never needed to check):<br><br>User must change password on initial login - I could write a script to<br>set chage to 1 if they haven't logged in, and to $max_pass_age after,<br>but is there a better way?
<br><br>and<br><br>Disable user accounts after 30 days idle - I have chage -m 0 -M 65 -I 5<br><user> which will disable an account 5 days after the password expires,<br>which is close enough for me, but probably not for the SEC
<br><br>anybody else gone through this joy?<br><br>-barry<br><br><br>_______________________________________________<br>Cialug mailing list<br><a href="mailto:Cialug@cialug.org">Cialug@cialug.org</a><br><a href="http://cialug.org/mailman/listinfo/cialug">
http://cialug.org/mailman/listinfo/cialug</a><br></blockquote></div><br>