- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: HP-UX 11.23 - Trusted Mode is not availble ......
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-18-2011 04:07 AM
05-18-2011 04:07 AM
HP-UX 11.23 - Trusted Mode is not availble ....
We normally applied Trusted Mode on our HP-UX 11.23 but password policy does not work properly.
for example,
1. Password that is same as userid was created .
2. Directory "/tcb/files/auth/system/pwhist"
is not created.
please give us your tips...
thanks.
- Tags:
- trusted mode
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-28-2011 09:30 AM
06-28-2011 09:30 AM
Re: HP-UX 11.23 - Trusted Mode is not availble ....
Hey;
The trusted mode has been deprecated in favor of the shadow method. Personally, I think that was a mistake; as the trusted mode seemed to offer more options and be more secure than is the shadow file. For some reason, HP neglected to ask me before doing that, however.
You can still convert to trusted in HPUX 11.23 and 11.31 although 11.31 gives birght glaring warnings about not doing so. /usr/lbin/tsconvert is the command you'll need or you can use sam.
pwconv is the command to move the passwords into the /etc/shadow file.
Hope that helps.
Doug O'Leary
------
Senior UNIX Admin
O'Leary Computers Inc
linkedin: http://www.linkedin.com/dkoleary
Resume: http://www.olearycomputers.com/resume.html
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-01-2011 07:41 AM - edited 07-01-2011 07:42 AM
07-01-2011 07:41 AM - edited 07-01-2011 07:42 AM
Re: HP-UX 11.23 - Trusted Mode is not available ....
Trusted mode os fully supported on 11.23 and 11.31. After 11.31, that feature will (probably) not be available. But that does not affect your 11.23 system.
>> We normally applied Trusted Mode on our HP-UX 11.23 but password policy does not work properly.
>> for example,
>> 1. Password that is same as userid was created .
Converting to Trusted does not turn on password restrictions automatically. Go into SAM and under:
Auditing and Security -->> System Security Policies
select: [X] Use Restriction Rules
>> 2. Directory "/tcb/files/auth/system/pwhist" is not created.
The history directory is created in /tcb/auth/system is created when someone first changes a password.
Bill Hassell, sysadmin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-01-2011 10:09 AM
07-01-2011 10:09 AM
Re: HP-UX 11.23 - Trusted Mode is not available ....
Trusted mode does not use /etc/shadow.
Shadow passwords, a different depot uses /etc/shadow.
swlist -l product | grep -i shadow
Trusted mode is part of the base OS and is always there.
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com