CentOS / RHEL: Set Accounts To Disable After Password Expiration

by on December 1, 2012 · 0 comments· last updated at December 1, 2012

How do I automatically disable user accounts after 30 days after password expiration date under CentOS / Fedora / Red Hat / RHEL / Scientific Linux server operating systems?

Tutorial details
DifficultyEasy (rss)
Root privilegesYes
RequirementsRHEL and friends

You can use usermod or passwd command to disable existing user accounts. For new user accounts edit /etc/default/useradd file. The date on which the user account will be disabled is defined using the following syntax while adding user account:

useradd -e YYYY-MM-DD -option1 -option 2username

If -e not specified, useradd command will use the default expiry date specified by the EXPIRE variable in /etc/default/useradd, or an empty string (no expiry) by default. Edit /etc/default/useradd, enter:
# vi /etc/default/useradd
Set it as follows:

INACTIVE=30

Save and close the file. The number of days after a password expires until the account is permanently disabled is now set to 30. A value of 0 disables the account as soon as the password has expired, and a value of -1 disables the feature. If INACTIVE=60 and if the password is about to expire, then 60 days remain until the account is automatically disabled.

How do I disable existing user account?

The syntax is:

 
passwd -l userNameHere
 

OR

 
usermod -L -e 1 userNameHere
 

OR

 
usermod -L -e 1970-01-01 userNameHere
 

The last syntax is recommended. See man page for more details:
man passwd
man useradd
man usermod

See also


You should follow me on twitter here or grab rss feed to keep track of new changes.

Featured Articles:

{ 0 comments… add one now }

Leave a Comment

You can use these HTML tags and attributes for your code and commands: <strong> <em> <ol> <li> <u> <ul> <kbd> <blockquote> <pre> <a href="" title="">

Tagged as: , , , ,

Previous Faq:

Next Faq: