[Cialug] Sarbanes-Oxley related issues

[Barry Von Ahsen]

thanks, it doesn't have -f (it does, but it's to change the users real 
name), but it does have -e (which expires the password) and -d which 
deletes it.  well, debian does, mandrake doesn't

-barry


Jerry Weida wrote:
> I don't know about Linux, but on Solaris you can do a passwd -f <user> in 
> order to force their password to expire making them have to change it on 
> next login.
>  As far as disabling accounts of 30 days of non-use, I know of no automated 
> way of doing this.
> Perhaps you can set the passwords to expire every 25 days and then your 
> ability to disable the account after 5 days fo the password being expired 
> will put you within compliance.
>  Our systems do not have users on them except for the Sys Admins. They are 
> all application servers and we aren't really concerned with this type of 
> stuff. We just kill someone's account once they leave the company (the user 
> database is only about 10 users!)
>  On 8/18/05, Barry Von Ahsen <barry at vonahsen.com> wrote: 
> 
>>Yea for government mandated busywork!
>>
>>I've gotten nearly everything done except two (pam can do a lot, I'm not
>>surprised, but I'd never needed to check):
>>
>>User must change password on initial login - I could write a script to
>>set chage to 1 if they haven't logged in, and to $max_pass_age after,
>>but is there a better way?
>>
>>and
>>
>>Disable user accounts after 30 days idle - I have chage -m 0 -M 65 -I 5
>><user> which will disable an account 5 days after the password expires,
>>which is close enough for me, but probably not for the SEC
>>
>>anybody else gone through this joy?
>>
>>-barry
>>
>>
>>_______________________________________________
>>Cialug mailing list
>>Cialug at cialug.org
>>http://cialug.org/mailman/listinfo/cialug
>>
> 
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug