I am sorry, I thought you wanted a "$0.00" answer. If the users have access to the colon prompt then why not trust them.
Trusting users with changing passwords is not always a good thing but you could always audit the users by requesting the change and then reviewing the changes they make after the fact.
Password works if for anyother reason it is FREE. No consulting needed and it does force you to use a different password when making the change:-)
Example
password
ENTER OLD USER PASSWORD:
ENTER NEW USER PASSWORD:
ENTER NEW USER PASSWORD AGAIN:
PASSWORD WAS CHANGED SUCCESSFULLY.
:password
ENTER OLD USER PASSWORD:
ENTER NEW USER PASSWORD:
New PASSWORD must be different from old password. (CIERR 2528)
PASSWORD WAS NOT CHANGED.
:
It may not enforce the rules but you can give the users a try. It may $ave you $oney
-------------- Original message from Bill Lancaster <[log in to unmask]>: --------------
> Robert,
>
> You won't be able to accomplish this using MPE's password scheme.
> You'll either need to find the money for Security/3000 or
> write/creatively acquire a passwording system that sits on top of MPE
> and can apply all the rules you want. The absolute best option is to
> get Security/3000 but short of that maybe some on this list will have
> something they can contribute to you.
>
> Bill
>
> -----Original Message-----
> From: HP-3000 Systems Discussion [mailto:[log in to unmask]] On
> Behalf Of Robert Mills
> Sent: Tuesday, January 31, 2006 9:41 AM
> To: [log in to unmask]
> Subject: Re: [HP3000-L] User passwords.
>
> When I first read the requirements I immediately thought of giving users
> access to the PASSWORD command.
>
> But then I read it again the way Alfredo says you should (like a
> love-letter).
> The result was the following paragraph in my original posting:
>
> > What management now want is for a user to be forced to change their
> > password on a regular basis. Also, certain rules must be applied to
> > the new password.
>
> Rules include password must not be same a last n passwords and certain
> words are not allowed.
>
> regards,
>
> Robert W.Mills
> MIS Systems Development Manager
> Windsong Services
> +44 (0)20 8309 3604
>
>
> -----Original Message-----
> From: HP-3000 Systems Discussion [mailto:[log in to unmask]] On
> Behalf Of J Dolliver
> Sent: 31 January 2006 16:53
> To: [log in to unmask]
> Subject: Re: [HP3000-L] User passwords.
>
> Try using the password command if users have access to the colon prompt:
>
> help password
> PASSWORD
> Creates or changes a user password.
> Syntax
> PASSWORD
>
> KEYWORDS: PARAMETER,OPERATION,EXAMPLE
> :help password example
> EXAMPLE(S)
>
> PASSWORD
> ENTER OLD USER PASSWORD:
> ENTER NEW USER PASSWORD:
> ENTER NEW USER PASSWORD AGAIN:
> PASSWORD WAS CHANGED SUCCESSFULLY.
>
>
> -------------- Original message from "Skeet, Nigel"
> : --------------
>
>
> > Hi Robert,
> >
> > >> Also, certain rules must be applied to the new password
> >
> > Remember MPE user passwords aren't case sensitive and don't allow
> > special chars so you're restricted to alpha-numeric.
> >
> > As for the user changing them for this to happen they'll need access
> > to MPE to use the ALTUSER command and I'm sure you don't allow normal
> > users to gain access to the MPE level... What sort of application
> > front end do you have ? Maybe you could include an option within that
> > to allow the user to change their passwords.
> >
> > Nige...
> >
> > -----Original Message-----
> > From: HP-3000 Systems Discussion [mailto:[log in to unmask]] On
> > Behalf Of Robert Mills
> > Sent: 31 January 2006 17:39
> > To: [log in to unmask]
> > Subject: [HP3000-L] User passwords.
> >
> > Greetings to the -L,
> >
> > Currently we do not allow users to change their own passwords. When
> > they are added to the system they are given a password to use by their
>
> > account manager. If they need a new password then they have to contact
>
> > their account manager who changes it and then tells them what it is.
> > Some have not been changed for years.
> >
> > What management now want is for a user to be forced to change their
> > password on a regular basis. Also, certain rules must be applied to
> > the new password.
> >
> > We don't have Vesoft's Security, although we do have MPEX, and I am
> > unable to get the funds to buy it. I therefore have two options. 1)
> > Write something myself, 2) See if there is anything in the CSL that
> > will do the job OR can be modified to supply the required solution.
> >
> > Question: Is anybody using a contribution from the CSL that they can
> > recommend for this?
> >
> >
> > regards,
> >
> > Robert W.Mills
> > MIS Systems Development Manager
> > Windsong Services
> > +44 (0)20 8309 3604
> >
> > * To join/leave the list, search archives, change list settings, *
> > * etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
> >
> > * To join/leave the list, search archives, change list settings, *
> > * etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
>
> * To join/leave the list, search archives, change list settings, *
> * etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
>
> * To join/leave the list, search archives, change list settings, *
> * etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
>
> * To join/leave the list, search archives, change list settings, *
> * etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
|
