Hi,
I am not a unix admin by all means. Most of our work is done by the vendors. We have over 600 users that we have to change their password to default every 90 days. End user can not change this password, it can only by done through us. In order to reuse the old password, we have to change it 4 times b4 we can use the previous password. It is begenning to be a pain in the wazoo. Is there a script or something we can do for these users? out of that 600 some users, we have about 100 that can change their own password, and we don't want to touch this group of users. I am thinking something in the line of building this user list and when the time comes, we just run the script.

any recommendation will be helpful. Our vendor is looking into putting something together, but i really have no faith with these guys, it has been over a year since they made that promise.

please help.

cat /etc/passwd |awk -F: '{print $1}' > /tmp/users

for i in 'cat /tmp/users'
do
passwd $i
done

Hello I am working extensively on SCM and Unix

Sakka:

If you follow ravi.kumar's advice you are going to have to change the user's password "by hand" - probably not what you want to do. Unfortunately, passwd is strictly an interactive program.

Use can use the expect language to automate interactive programs such as passwd. Here's a mod of a program bundled with expect:

#!/usr/local/bin/expect --
# wrapper to make passwd(1) be non-interactive
# username is passed as 1st arg, passwd as 2nd
# Executable only by root

set password [lindex $argv 1]
spawn /usr/bin/passwd [lindex $argv 0]
expect "password:"
send "$password\r"
expect "password:"
send "$password\r"
expect eof

Get your list of users and a default password into a file and then call the above script.

If you don't have expect, you can obtain it by checking out the expect home page at:

http://expect.nist.gov/

Hey Ravi, what's up with using cat? It is totally unnecessary! Do a google search on UUOC. Your example qualifies.

#!/bin/ksh

for user in $(awk -F: '{print $1}' /etc/passwd)
do
print $user > /tmp/users.data
done

Sakka, this will produce your users list.
Next, edit the /tmp/users.data file and remove the users who can change their own passwords. Then, if you really want to do this efficiently, look into using "expect" so you don't have to type in 500 passwords twice manually. You could then open up the /tmp/users.data file, read in the user names, and set up "expect" to automatically change the password.

I have to agree that expect is the best way to do this. I wrote one for work for windows users to reset their unix password that applications use it for authentication.

I would like to thank you all for a prompt responds. I will have to look into this procedures and run some testing b4 recommending it to my boss.

again you guys are the greatest..

thanks.