hi folk,
i try to setup a new password policy for our solaris box user, below are the /etc/default/passwd/, but then when i tried to create a user, it didn't ask for numeric character, and the new password also didn't ask for special characters.
# useradd testing
# passwd testing
New Password:
Re-enter new Password:
passwd: password successfully changed for testing
useradd <<<<<< error, it didnt ask for any special character, the username should has 1 numberic or special characters
passwd <<<< error, it didnt ask for any special character, the password should contains special characters
please helps ?
MINALPHA=4
MINDIFF=7
MINDIGIT=1
MINSPECIAL=1
MINUPPER=2
MINLOWER=2
MAXREPEATS=1
WHITESPACE=YES
NAMECHECK=YES
DICTIONDBDIR=/var/passwd
DICTIONLIST=/usr/share/lib/dict/words
HISTORY=12
MINWEEKS=NONE
MAXWEEKS=4
WARNWEEKS=NONE
PASSLENGTH=8
Password policies are enforced for regular users but not for root which is the account you are using here.
1 Like
Thanks, but only as root I can add user, not regular users. How do I test my policy ?
adm@testbank> useradd testing
UX: useradd: ERROR: Permission denied.
Create a user as root then test your policy under that user's account.
1 Like
thanks, but how do I enforce when the user or root add the new user, it should include 1 numberic char ?
because right now, when i add a newuser, it didnt ask for the numberic char should be included.
# useradd testing
I'm afraid you missed an important fact so let me rephrase it:
password policies aren't enforced when you are root.
1 Like
apologies for the trouble, but even-thought i'd created the user "testing", i still can't create a new user without root permission ?
testing@testbank> useradd testing2
UX: useradd: ERROR: Permission denied.
i mean, i need to test when create the new user, the username should include numberic char
You can't do that. The password policy is there to check users changing their own passwords, not to restrict the administrator's privileges.
However, achieving what you want is quite simple. As root, first set the password to a temporary one then substitute your account to the target user account and update its password.