Post date: Mar 11, 2011 3:59:51 AM
PASSWORD AGING
Response after setting password aging in Apps tier development (appsdev.indonesiapower.corp)
on our previous settings have been setting up for a user expired on March 1, 2011 so that when on the date of March 2, 2011 we do login as root and as appldev then there will be notification that the password has expired and we have to change their password. Here is a look such notification :
ROOT
[root@orafin_web ~]# ssh 192.168.10.23
root@192.168.10.23's password:
You are required to change your password immediately (password aged)
Last login: Wed Mar 2 10:16:13 2011 from 192.168.100.14
Changing password for root
(current) UNIX password:
New UNIX password:
Retype new UNIX password:
[root@appsdev ~]# chage -l root
Minimum: 7
Maximum: 60
Warning: 14
Inactive: -1
Last Change: Mar 02, 2011
Password Expires: May 01, 2011
Password Inactive: Never
Account Expires: Never
APPLDEV
[tes@appsdev ~]$ su - appldev
Password:
You are required to change your password immediately (password aged)
Changing password for appldev
(current) UNIX password:
New UNIX password:
Retype new UNIX password:
[appldev@appsdev ~]$ chage -l appldev
Minimum: 7
Maximum: 60
Warning: 14
Inactive: -1
Last Change: Mar 02, 2011
Password Expires: May 01, 2011
Password Inactive: Never
Account Expires: Never
Nb :
Ø Because we change the password on March 2, 2011 so the Last Change have been changed to March 2, 2011.
Ø Password Expires also changed became May 01, 2011 because Password Expires = Last Change + Maximum.
Ø New password for root is appsdev23.
Ø New password for appldev is appsuserdev23.
Response after setting password aging in DB tier development (dbdev.indonesiapower.corp)
on our previous settings have been setting up for a user expired on March 1, 2011 so that when on the date of March 2, 2011 we do login as root and as appldev then there will be notification that the password has expired and we have to change their password. Here is a look such notification :
ROOT
[root@orafin_web ~]# ssh 192.168.10.22
root@192.168.10.22's password:
You are required to change your password immediately (password aged)
Last login: Wed Mar 2 08:49:26 2011 from orafin_web.indonesiapower.corp
Changing password for root
(current) UNIX password:
New UNIX password:
Retype new UNIX password:
[root@dbdev ~]# chage -l root
Minimum: 7
Maximum: 60
Warning: 14
Inactive: -1
Last Change: Mar 02, 2011
Password Expires: May 01, 2011
Password Inactive: Never
Account Expires: Never
ORADEV
[tes@dbdev ~]$ su - oradev
Password:
You are required to change your password immediately (password aged)
Changing password for oradev
(current) UNIX password:
New UNIX password:
Retype new UNIX password:
[oradev@dbdev ~]$ chage -l oradev
Minimum: 7
Maximum: 60
Warning: 14
Inactive: -1
Last Change: Mar 02, 2011
Password Expires: May 01, 2011
Password Inactive: Never
Account Expires: Never
Nb :
Ø Because we change the password on March 2, 2011 so the Last Change have been changed to March 2, 2011.
Ø Password Expires also changed became May 01, 2011 because Password Expires = Last Change + Maximum
Ø New password for root is rootdbdev22.
Ø New password for appldev is dbuserdev22.
Deploy on Apps tier Production (orafin_web.indonesiapower.corp)
Before Change (appldev):
[root@orafin_web ~]# chage -l appldev
Minimum: 0
Maximum: 99999
Warning: 7
Inactive: -1
Last Change: Oct 13, 2008
Password Expires: Never
Password Inactive: Never
Account Expires: Never
Before Change (root):
[root@orafin_web ~]# chage -l root
Minimum: 0
Maximum: 99999
Warning: 7
Inactive: -1
Last Change: Dec 08, 2010
Password Expires: Never
Password Inactive: Never
Account Expires: Never
Change the setting using command :
· /usr/bin/ chage -m 7 -M 60 -W 14 -d 2011-03-02 appldev
· /usr/bin/ chage -m 7 -M 60 -W 14 -d 2011-03-02 root
After Change (appldev) :
[root@orafin_web ~]# chage -l appldev
Minimum: 7
Maximum: 60
Warning: 14
Inactive: -1
Last Change: Mar 02, 2011
Password Expires: May 01, 2011
Password Inactive: Never
Account Expires: Never
After Change (root) :
[root@orafin_web ~]# chage -l root
Minimum: 7
Maximum: 60
Warning: 14
Inactive: -1
Last Change: Mar 02, 2011
Password Expires: May 01, 2011
Password Inactive: Never
Account Expires: Never
Nb :
Ø Minimum : A minimum of 7 days between password changes.
Ø Maximum : Password expiration after 60 days.
Ø Warning : Begin warning about password expiration 14 days in advance.
Ø Inactive : Set the number of days of inactivity after a password has expired before the account is locked. Passing the number -1 (Never) will remove an Inactive.
Ø Last Change : Set the number of days since January 1st, 1970 when the password was last changed. The date may also be expressed in the format YYYY-MM-DD (or the format more commonly used in your area). The last change date was March, 2 2011
Ø Password Expires : Date when the password is expired and the to be changed. The password will be expired on May, 01 2011
Deploy on DB tier Production (orafin_db.indonesiapower.corp)
Before Change (oradev):
[root@orafin_db ~]# chage -l oracle
Minimum: 0
Maximum: 99999
Warning: 7
Inactive: -1
Last Change: Jun 21, 2010
Password Expires: Never
Password Inactive: Never
Account Expires: Never
Before Change (root):
[root@orafin_db ~]# chage -l root
Minimum: 0
Maximum: 99999
Warning: 7
Inactive: -1
Last Change: Dec 08, 2010
Password Expires: Never
Password Inactive: Never
Account Expires: Never
Change the setting using command :
· /usr/bin/ chage -m 7 -M 60 -W 14 -d 2011-03-02 oracle
· /usr/bin/ chage -m 7 -M 60 -W 14 -d 2011-03-02 root
After Change (oradev) :
[root@orafin_db ~]# chage -l oracle
Minimum: 7
Maximum: 60
Warning: 14
Inactive: -1
Last Change: Mar 02, 2011
Password Expires: May 01, 2011
Password Inactive: Never
Account Expires: Never
After Change (root) :
[root@orafin_db ~]# chage -l root
Minimum: 7
Maximum: 60
Warning: 14
Inactive: -1
Last Change: Mar 02, 2011
Password Expires: May 01, 2011
Password Inactive: Never
Account Expires: Never
Nb :
Ø Minimum : A minimum of 7 days between password changes.
Ø Maximum : Password expiration after 60 days.
Ø Warning : Begin warning about password expiration 14 days in advance.
Ø Inactive : Set the number of days of inactivity after a password has expired before the account is locked. Passing the number -1 (Never) will remove an Inactive.
Ø Last Change : Set the number of days since January 1st, 1970 when the password was last changed. The date may also be expressed in the format YYYY-MM-DD (or the format more commonly used in your area). The last change date was March, 2 2011
Ø Password Expires : Date when the password is expired and the to be changed. The password will be expired on May, 01 2011