Some /etc/shadow Magic: find locked accounts, no password accounts and expired accounts

Posted on August 11, 2012 by Geekster 1 Comment ↓

In this short article I will show you how to match the accounts with no password, the locked and the expired accounts.

If you see this in the second field (password field) of /etc/shadow, it means:

  • !  – the account has no password
  • * – the account is locked, the user cannot log in
  • !! – the password has expired

Find the users with no passwd:
# cat shadow | cut -d: -f 1,2 | grep '!'

Find the locked accounts:
# cat shadow | cut -d: -f 1,2 | grep '*'

Find the accouns with an expired password:
# cat shadow | cut -d: -f 1,2 | grep '!!'

Related Posts

Tagged with: , , , ,
Posted in The Linux and Unix Articles!
One comment on “Some /etc/shadow Magic: find locked accounts, no password accounts and expired accounts
  1. santiago says:
    September 6, 2012 at 8:20 am

    What exactly does it mean when you have accounts with expired passwords, with !! in the fields? I haven’t found an answer yet. Should new passwords be created, or something else?

    Also been looking for users rtkit and tss, found some things but not much so far. A bug with tss and it has something to do with the screensaver. Well, so little stuff so far, not sure what to search on.

    BTW user tss is expired in current shadow, user tss doesn’t exist in shadow-, and is under my username.

    Thanks.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

*

Article Series
Subscribe

  

Subscribe to get the latest Linux news and how to guides directly on your e-mail!