Specifications
Chapter 8 Managing User and Group Accounts 135
To change a user’s password:
$ pwpolicy -n /LDAPv3/
ipaddress
-a
adminusername
-u
usertochange
-setpassword
newpassword
To view the global password policy:
$ pwpolicy -getglobalpolicy
To set the minimum password length to 5 characters:
$ pwpolicy -n /LDAPv3/
ipaddress
-a
adminusername
-setglobalpolicy
“minChars=
5
”
To set a more secure global password policy:
$ pwpolicy -n /LDAPv3/
ipaddress
-a
adminusername
-setglobalpolicy
"minChars=
6
usingHistory=
4
requiresNumeric=
1
maxMinutesUntilChangePassword=
43200
"
This sets the global password policy for users and requires the following:
 The password must have a minimum of six characters.
 The users cannot reuse a password from the previous four passwords.
 The password must contain at least one number.
 The password must be changed every 30 days.
Parameter Description
ipaddress
Location of the LDAP directory
adminusername
User name of an administrator
usertochange
Name of the user whose password is changing
newpassword
Password the user is changing to
Parameter Description
ipaddress
Location of the LDAP directory
adminusername
User name of an administrator
minChars
Minimum number of characters in the password
Parameter Description
ipaddress
Location of the LDAP directory
adminusername
User name of an administrator
minChars
Minimum number of characters in the password
usingHistory
Number of previous passwords the user cannot reuse
requiresNumeric
Number of numeric characters that must be in the password
maxMinutesUntilChangePas
sword
Number of minutes until a password must be changed