diff options
-rw-r--r-- | doc/admin.md | 11 |
1 files changed, 5 insertions, 6 deletions
diff --git a/doc/admin.md b/doc/admin.md index 3229827..3c36ffa 100644 --- a/doc/admin.md +++ b/doc/admin.md @@ -68,22 +68,21 @@ FIXME: localmaildomainupdate should email diff file to postmaster@homebase.dk ## Extend password lifespan -When a user has changed password into something personal, the password lifespan is extended to 1 year: +If a user exceeds password lifespan, and still remembers the old password, the lifespan can be extended slightly to open a new window for changing it: - (user=<username>; chage -M360 -W30 $user) + localresetpasswdexpiry <username> - -TODO: The above command should ideally never ever be invoked manyally, but automatically through PAM +TODO: The above command should ideally emit an sms and/or email rewuesting the user to immediately change password ## Reset password 1. Reset the actual password using the following command: - (user=<username>; gpw 10 11 && finger $user && passwd $user && chage -M30 -W14 $user) + localresetpasswd <username> 2. Send a cellphone text message similar to the one for creating a new account. -TODO: Write a script to do the above + inject a self-chosen password + warn before resetting + spit out sms +TODO: The above command should ideally emit an sms and/or email rewuesting the user to immediately change password ## Warn about password expiry |