Valid on UNIX
The sepass utility sets a new password or replaces an existing password in the local host, in a Policy Model, or in the NIS or NIS+ server, as applicable.
The sepass utility changes the user password. Additionally, privileged users can use sepass to change the passwords of other users. When changing your own password, sepass prompts you for your old password.
Note: If seosd is not running, sepass runs a default password program. The DefaultPasswdCmd token in the passwd section of the seos.ini file specifies the default password program. Passwords are stored and transferred over the network in an encrypted format.
This command has the following format:
sepass [‑d] [‑l] [‑p] [‑s policy_model@hostname] \
[-g number] [‑x] [userName]
Displays all the information it has regarding the password update, such as on which stations the update succeeded and if you did not activate setoptions class+(PASSWORD), that the password's quality was not checked. This switch is useful when debugging.
Defines the number of grace logins for userName.
Displays the help for this utility.
Replaces the password only on the local station; that is, in the local password file (usually /etc/passwd), security files, and the local database.
In the NIS/NIS+ environments, users are not usually defined in the /etc/passwd file of the client; therefore, the password on the client station is not updated.
In NIS/NIS+ server stations, the password is updated locally and propagated by NIS/NIS+.
This switch and the ‑p and ‑s switches are mutually exclusive.
Changes the password only on the remote station and on the PMDB at the host specified in the switch. This switch and the ‑l and ‑s switches are mutually exclusive.
Replaces the password on the local station and on the PMDB at the host specified in the switch. This switch and the ‑l and ‑p switches are mutually exclusive.
Replaces the password as if changed by the user username. This switch updates the time and date of the last change in the database. Grace logins are terminated.
Note: To let you change the root password as if changed by root, you have to set the RootPwAsOwn appropriately. For more information about seos.ini tokens, see the Reference Guide.
(Optional) Specifies the name of the user whose password sepass changes. If you omit this option, your own password is set.
Examples
The following examples illustrate how you can use sepass in a variety of situations:
sepass ‑l
Note: If no PMDB is defined at the site, you can omit the ‑l switch. If a PMDB is in use at the site, omitting the ‑l switch changes your password on all subscriber databases of the PMDB. In an NIS/NIS+ client, this switch does not change the password; in an NIS/NIS+ server, the password is changed and then propagated.
sepass ‑l username
username must exist in the /etc/passwd file, the appropriate UNIX security files, and the database.
In an NIS/NIS+ client, sepass does not change the password. In an NIS/NIS+ server, the password is changed and then propagated.
Note: For more information about creating PMDBs, see the Endpoint Administration Guide for UNIX.
passwd_pmd = PMD1@morocco parent_pmd = PMD1@casablanca
sepass username
When sepass completes execution, the user's password is changed on all the subscriber databases.
|
Copyright © 2013 CA Technologies.
All rights reserved.
|
|