HP Sentry User Manual

SENTRY User’s Guide

Section 2 - 13

Fitzgerald & Long

8. Command - This field normally defines the startup UNIX shell the user invokes. The System Profile
provides a “default”. If you wish to use the default you need only press <RETURN>. Otherwise, enter the
path to the UNIX shell you wish this user to invoke at startup.

9. Groups - This field is multi-valued and lists the user’s supplementary groups. The GID for each
group is displayed along with the group name in parentheses. Some systems allow only 8 simultaneous
supplementary groups. Take care that you plan your group memberships carefully so that you do not need
to exceed this limit.

At this prompt you may enter a new group name, an existing group name, a “@” for a list of existing
groups and their GID’s, or a “@” followed by part of a group name to see a cross reference list by group
name.

Enter field number, “C”ustom, “F”ile, “DEL”ete or <ESC> to exit - This is the standard
modifications prompt for the User Maintenance program. You may access any field by entering the
number to the left of the field, such as “2” for the Department field prompt.

SUN

Custom User Data Maintenance

08/16/00

User : peggy

1: Minimum password change (days)

: 5

2: Maximum password change (days)

: 90

3: Password change warning (days)

: 5

4: Maximum inactive time (days)

: 21

5: Expiration date (MM/DD/YY)

: 12/31/00

Enter field number, "F"ile or "<ESC>" to exit :

Figure 15 - This is an example of the ”Custom User Data Maintenance” data entry screen.

To execute this program, enter “2.” User Maintenance from the Main Sentry menu, after recalling an
exiting user or entering a new user you may enter “C” at the bottom prompt. Entering “C” invokes this
program. The following paragraphs describe the five available options.

1. Minimum password change (days): Enter the number of days before a user is allowed to change
his existing password. For example, if UNIX has just expired a users password and the user enters a new
one, you can use this parameter to prevent the user from resetting his password to the old one for the
number of days you specify. The idea is that if the user is forced to keep the new password for several
days, he will not change it back to the older one. We recommend 5 days.

2. Maximum password change (days): Enter the number of days before a user is forced by UNIX
to change his password. Many companies use 90 days as a standard. This would allow a user to keep a