Linux - How to unlock and reset user’s account

Linux - How to unlock and reset user's account

 
Sometimes a user cannot remote login to a linux machine might not due to just password expired issue. His/her account might have some other settings that prevent them from logging in. Below is a quick check procedure and how to resolve the issue if it is due to account setting issue.


To check status of the password for a given account.
==========================================================
[root@server ~]# passwd -S james
james PS 2014-02-21 0 99999 7 -1 (Password set, MD5 crypt.)
      |       |        |   |   |  |
      |       |        |   |   |  |
      |       |        |   |   |  |
      |       |        |   |   |  |__ Inactivity period for password
      |       |        |   |   |__ Password expiry warning period
      |       |        |   |__ Password expiry after max age
      |       |        |__ Password can be change after min age
      |       |___ Date of last password change
      |____if value is LK means the account is locked

==========================================================


You can also use chage command as below.
==========================================================
[root@server ~]# chage -l james
Last password change                                    : Feb 21, 2014
Password expires                                        : never
Password inactive                                       : never
Account expires                                         : never
Minimum number of days between password change          : 0
Maximum number of days between password change          : 99999
Number of days of warning before password expires       : 7

==========================================================


To change any of the parameters listed above you can use chage command.
==========================================================
[root@server ~]# chage -<option> <value> <userid>
==========================================================


Options available for chage.
==========================================================
OPTIONS
       The options which apply to the chage command are:

       -d, --lastday LAST_DAY
          Set the number of days since January 1st, 1970 when the password was last changed. 

          The date may also be expressed in the format YYYY-MM-DD
          (or the format more commonly used in your area).

       -E, --expiredate EXPIRE_DATE
          Set the date or number of days since January 1, 1970 on which the userâs account will 

          no longer be accessible. The date may also be expressed in the format YYYY-MM-DD 
          (or the format more commonly used in your area). 
          A user whose account is locked must contact the system administrator before being 
          able to use the system again.

          Passing the number -1 as the EXPIRE_DATE will remove an account expiration date.

       -h, --help
          Display help message and exit.

       -I, --inactive INACTIVE
          Set the number of days of inactivity after a password has expired before the account 

          is locked. The INACTIVE option is the number of days of inactivity. 
          A user whose account is locked must contact the system administrator before being 
          able to use the system again.

          Passing the number -1 as the INACTIVE will remove an accountâs inactivity.

       -l, --list
          Show account aging information.

       -m, --mindays MIN_DAYS
          Set the minimum number of days between password changes to MIN_DAYS. 

          A value of zero for this field indicates that the user may change his/her password at 
          any time.

       -M, --maxdays MAX_DAYS
          required to change his/her password before being able to use his/her account. 

          This occurrence can be planned for in advance by use of the -W option, which 
          provides the user with advance warning.

          Passing the number -1 as MAX_DAYS will remove checking a passwordâs validity.

       -W, --warndays WARN_DAYS
          Set the number of days of warning before a password change is required. 

          The WARN_DAYS option is the number of days prior to the password expiring that a 
          user will be warned his/her password is about to expire.
==========================================================


To unlock user account.
==========================================================
[root@server ~]# passwd -u <userid>
==========================================================


To reset user password.
==========================================================
[root@server ~]# passwd <userid>
==========================================================
0 (0)
Article Rating (No Votes)
Rate this article
Attachments
There are no attachments for this article.
Comments
There are no comments for this article. Be the first to post a comment.
Full Name
Email Address
Security Code Security Code
Related Articles RSS Feed
watchdog How to restart a process out of crontab on a Linux/Unix
Viewed 6122 times since Tue, Jul 31, 2018
debian Debian/Ubuntu Linux: Find If Installed APT Package Includes a Fix/Patch Via CVE Number
Viewed 9564 times since Sun, Sep 23, 2018
Red Hat ADDING SWAP SPACE
Viewed 2153 times since Fri, Jun 8, 2018
Cron YUM How to use yum-cron to automatically update RHEL/CentOS Linux
Viewed 2582 times since Fri, Oct 26, 2018
LVM: Extend an existing Volume Group by adding a new disk
Viewed 2159 times since Sat, Jun 2, 2018
RHEL: Services basic management - systemd
Viewed 18856 times since Sat, Jun 2, 2018
SYS: Configure a local repository. local repo
Viewed 11092 times since Mon, Oct 29, 2018
LOGROTATE – ARCHIWIAZACJA LOGÓW
Viewed 2104 times since Fri, Nov 30, 2018
Migrate a Linux System from Red Hat Enterprise to CentOS
Viewed 10432 times since Fri, May 15, 2020
Top 4 Reasons for Node Reboot or Node Eviction in Real Application Cluster (RAC) Environment
Viewed 99987 times since Thu, Jun 21, 2018