DOC HOME SITE MAP MAN PAGES GNU INFO SEARCH PRINT BOOK
 
Administering user accounts

Controlling account expiration

Two types of account expiration can be used to lock an account after a set interval has elapsed:


inactive accounts
that have gone unused for a long period.

temporary accounts
that can be used for a limited time.
Once such an account expires, its owner can no longer log on without intervention from an administrator.

Locking inactive accounts

To set a limit on inactivity when creating an account, use the command:

useradd -f n login_name

where n is the maximum number of days allowed between uses of a login. To change the inactivity limit on an existing account, substitute the usermod(1M) command for useradd(1M).

To set a default value used for all new accounts, set the INACT parameter in /etc/default/useradd file using the System Defaults Manager or the defadm(1M) command:

defadm useradd INACT=n

Creating a temporary account

To set an expiration date when creating an account, use the command:

useradd -e mm/dd/yy login_name

where mm, dd, and yy are digits representing the month day, and year (as in 12/31/99 for December 31, 1999). To add an expiration date, or extend an already established date, substitute the usermod(1M) command for useradd(1M).

To set a default expiration date used for all new accounts, set the EXPIRE parameter in /etc/default/useradd using the System Defaults Manager or the defadm(1M)

defadm useradd EXPIRE=mm/dd/yy

Next topic: Locking or unlocking a user account
Previous topic: Setting login restrictions on accounts

© 2004 The SCO Group, Inc. All rights reserved.
UnixWare 7 Release 7.1.4 - 22 April 2004