How to check that a user/password is expired in AIX?

Is there any chage sort of command on AIX? check /etc/shadow file thats where the expiry information is stored.

Update: It seems there is a passwdexpired subroutine that can be loaded and Checks the user's password to determine if it has expired. However, it seems to be used as root.

http://publib.boulder.ibm.com/infocenter/aix/v6r1/index.jsp?topic=%2Fcom.ibm.aix.basetechref%2Fdoc%2Fbasetrf1%2Fpasswdexpired.htm

This link has excellent documentation of what you would require

http://www.torontoaix.com/scripting/when_pwd_exp

As demonstrated earlier in the above article, the expiry of a password is governed by the maxage attribute.

For example:
maxage=0 means never to expire
maxage=2 means will expire in two weeks.

AIX stores the time in the epoch format in seconds, so first you must determine how many seconds in a week, as this is how maxage measures the time between password expiry, that is in week numbers. There are 86400 seconds in a day, so multiplying that by seven comes in at 604800. So there are 604800 seconds in a week. The next command you need to look at is the pwdadm, which in turn queries the file /etc/security/passwd. This file holds the values in seconds when a user last changed their password. Interrogating the file or using the pwdadm command will return the same result. For this demonstration, let us query the user spoll:

# grep -p "spoll:" /etc/security/passwd
spoll:
        password = EvqNjMMwJzXnc
        lastupdate = 1274003127
        flags =       ADMCHG

# pwdadm -q spoll
spoll:
        lastupdate = 1274003127
        flags = ADMCHG

You can see the lastupdate value in seconds from the above output. In other words, the last time the password was changed: 1274003127

Next, using the lsuser or interrogating the file with /etc/security/user, you can determine the number of weeks before the user spoll password will expire:

# grep -p "spoll:" /etc/security/user
spoll:
        admin = false
        maxage = 4

# lsuser -a maxage spoll
spoll maxage=4

You can see from the above output that the number of weeks before password expiry is 4. The next task is then to multiply the number of seconds in a week by the number of weeks before the user spoll password is due to expire. In this case, it is 4: 604800 * 4

# expr 604800 \* 4
2419200

Next, you need to add the maxage value in seconds (604800 * 4) to the last time the password was changed: 2419200 + 1274003127

# expr 2419200 + 1274003127
1276422327

You can now convert that number of seconds from UNIX epoch into a more meaningful current time presentation. You can use different tools, but for this demonstration you'll use gawk with the strftime function:

# gawk 'BEGIN {print strftime("%c",'1276422327')}'
Sun Jun 13 10:45:27 BST 2010

The above calculation gives the time of the next password expiry. So, you now know that user spoll's password was last changed on ( from the pwdadm command):

# gawk 'BEGIN {print strftime("%c",'1274003127')}'
Sun May 16 10:45:27 BST 2010

And that it will expire on:

Sun Jun 13 10:45:27 BST 2010

------------------Perl script-let--------

#!/bin/perl
use POSIX qw(strftime);
$maxage=4; 
$last_update = 1274003127
$max_week_seconds = 86400 * $maxage;
print strftime("%C ", localtime($max_week_seconds));

---

Related videos on Youtube