≡ Menu

CentOS / RHEL: Set Accounts To Disable After Password Expiration

How do I automatically disable user accounts after 30 days after password expiration date under CentOS / Fedora / Red Hat / RHEL / Scientific Linux server operating systems?

Tutorial details
DifficultyEasy (rss)
Root privilegesYes
RequirementsRHEL and friends
Estimated completion timeN/A

You can use usermod or passwd command to disable existing user accounts. For new user accounts edit /etc/default/useradd file. The date on which the user account will be disabled is defined using the following syntax while adding user account:

useradd -e YYYY-MM-DD -option1 -option 2username

If -e not specified, useradd command will use the default expiry date specified by the EXPIRE variable in /etc/default/useradd, or an empty string (no expiry) by default. Edit /etc/default/useradd, enter:
# vi /etc/default/useradd
Set it as follows:

INACTIVE=30

Save and close the file. The number of days after a password expires until the account is permanently disabled is now set to 30. A value of 0 disables the account as soon as the password has expired, and a value of -1 disables the feature. If INACTIVE=60 and if the password is about to expire, then 60 days remain until the account is automatically disabled.

How do I disable existing user account?

The syntax is:

 
passwd -l userNameHere
 

OR

 
usermod -L -e 1 userNameHere
 

OR

 
usermod -L -e 1970-01-01 userNameHere
 

The last syntax is recommended. See man page for more details:
man passwd
man useradd
man usermod

See also
Tweet itFacebook itGoogle+ itPDF itFound an error/typo on this page?

{ 3 comments… add one }

  • Anonymous User January 14, 2014, 4:32 pm

    Now when we say “permanently disabled”, do we mean PERMANENT? Or can root re-enable the user?

    • SV February 8, 2014, 8:19 pm

      The only way to permanently disable an account is to remove it. The commands above disable the account for use. The root or superuser can always undo the above commands.

  • aref ghobadi August 17, 2015, 4:08 pm

    Hi
    thanks, very nice article

Leave a Comment