| The password aging function must be HP proprietary. Certainly, we don't
have it on Digital UNIX with base security. Digital UNIX with Enhanced
security
does have a password aging function, but it is not compatible with HP. If HP
has modified the format of the password field in any way to implement password
aging, the standard Digital UNIX identification and authorization (I&A)
routines
will not recognize the password.
Your customer can look into writing their own I&A (SIA) routines for the
Digital
UNIX systems, but this is not a trivial task. Check out the Security manual
for information on SIA and siad_* routines. Even after doing this, I don't
think your customer could use yppasswd(1) on the Digital UNIX machines to
change the password. I did a quick check through the code and it appears that
yppasswd(1) doesn't use SIA.
[Posted by WWW Notes gateway]
|
|
This issue has risen several times, and about year ago I asked
our PM's if we could add a functionality, that would ignore
HP's extra password aging "bits". Implementing this would
be very straightforward as the HP's aging format is simple
enough.
Answer I received after exchanging few mails was "We'll look
at it and see if it could be done", but I have neither heard
or checked what was the final decicion on this. We have
at least three large HP customers asking us to implement it, so
it might be worth of revisiting this topic. I'll see if I find
the old mail converstation I had...
Of course opening a product requirement (as I once did for this)
would be better way to proceed...
-jari
PS: Yes, this is HP's NON-STANDARD way of implementing the
functionality!!! And HP dares to call our DIGITAL UNIX "non-
standard UNIX implementation" in the fron of our customers!!!!
|