Passwd - Brocade Communications Systems 8 Command Reference Manual

2

passwd

passwd
Changes the password for a specified user.
Synopsis passwd [user_account] [-old old_password] [-new new_password]
Description Use this command to change a user account password.
Passwords can be changed locally on any switch. For the password database to be distributed to
other switches in the fabric, the switches must be configured to accept the password database
with the fddCfg command. The password database is distributed manually with the distribute
command.
If RADIUS authentication is enabled, password change is blocked for users changing their own
password. Administrators with the privilege to change passwords for other accounts may do so
regardless of whether RADIUS authentication is enabled; all such password changes operate on
the local password database.
The passwd command cannot be run on the Standby CP. When an admin account or a
SecurityAdmin account changes the password for other accounts, it does not prompt for the current
password, unless the target account is a factory or root account.
Any chosen password must satisfy the following password strength rules:
•
•
•
•
•
•
•
The password history policy is enforced across all user accounts when the user is setting his own
password. The password history policy is not enforced when an administrator sets a password for
another user, but the user's password history is preserved and the password set by the
administrator is recorded in the user's password history.
The passwd command behaves as follows:
•
•
•
•
540
Password contains the minimum required number of lowercase characters.
Password contains the minimum required number of uppercase characters.
Password contains the minimum required number of numeric characters.
Password contains the minimum required number of punctuation characters.
Password must be between minlength and 40 characters long. The minlength parameter is set
with the passwdCfg command.
Password may not contain the colon (:) character.
Password must satisfy repeated and sequential character constraints.
If you are changing your own password, you are prompted to enter the old password and, if your
entry is valid, you are prompted to enter the new password. Alternately, you may specify the old
and new password on the command line.
If a you are changing another user's password with greater privileges than your current login
level, you are prompted to enter that user level's old password and, if your entry is valid, you
are prompted for a new password.
If you are changing another user's password, the target account's AD member list must be a
subset of your account's AD member list.
If you are logged in as the root user when changing another user's password, you are not
prompted to enter the old password. If you are a factory account, an admin, or SecurityAdmin
account, you are not prompted to enter the current password unless the target account is root.
Fabric OS Command Reference
53-1001764-02