AIX - Password MAX. AGE parameter

[pascalou3]

Hi All,

On a AIX, we used these parameters for each unix user:
Password MAX. AGE = 4 weeks
Password MIN. AGE = 2 weeks
It appears that TELNET or SU command ignore these parameters and allow
always the connection on the machine.

Can you explain to me why these programs ignore parameters ?
Is it normal ?

Regards,
Pascal.

[Flossyfloss]

Pascal,

Where did you set these parameters and how exactly did
you set them?
The file that you edit should be /etc/security/user and the syntax is:

minage = 2
maxage = 4

They should not be ignored.

Also, remember in the /etc/security/user file:
minage - Defines the minimum number of weeks between password
changes.
maxage - Defines the maximum number of weeks a password is valid.
maxexpired - Defines the maximum number of weeks after maxage that
an expired password can be changed by a user.  Default is -1 (unlimited).

Make sure that you are setting the parameters for exactly the behavior
you want.  If you want to lock users out after a certain amount of time,
make sure all the parameters do not conflict with each other and are
set correctly.



--flossy