https://community.hpe.com/t5/operating-system-hp-ux/root-password-in-trusted-system/m-p/3125792#M151978 Hi Roberto,<BR /><BR />I think that reasons of the problem are different.<BR />Just a few things that you can try/verify:<BR /><BR />1. pwconv command should be executed, from man pwcon:<BR /><BR />pwconv - update secure password facility<BR /><BR />It is enough to type from command line<BR /><BR /># pwconv<BR /><BR />2.<BR /># authck -pv <BR /><BR />from man of command:<BR /><BR />authck - check internal consistency of Authentication database<BR /><BR />If you found messages or problems by last two commands you should solve them.<BR /><BR />3. You should verify /etc/nsswitch.conf, if it contains<BR /><BR />passwd: compat<BR />group: compat<BR /><BR />They are in this way if your system uses NIS service; if it is not then just change the word 'compat' to 'files'.<BR /><BR />In all the three cases above after the action, you could re-try root password change.<BR /><BR />I hope this helps you.<BR /><BR />Best regards,<BR />Ettore Fri, 21 Nov 2003 10:14:30 GMT Fabio Ettore 2003-11-21T10:14:30Z https://community.hpe.com/t5/operating-system-hp-ux/root-password-in-trusted-system/m-p/3125790#M151976 Hi,<BR /><BR />my system is in trusted mode.<BR />Changing root password by 'passwd root' command I get error<BR /> <BR />"Unexpected failure. Password file unchanged." <BR /><BR />I already tried to delete root password in /tcb/files/auth/r/root and re-tried passwd command but it didn't help.<BR />I tried to unconvert the system, change password of root and convert system in trusted again; I succeeded to change password but I cannot login with new password.<BR /><BR />Helps would be appreciated, thanks!<BR />Roberto Fri, 21 Nov 2003 06:48:28 GMT https://community.hpe.com/t5/operating-system-hp-ux/root-password-in-trusted-system/m-p/3125790#M151976 Roberto Paris 2003-11-21T06:48:28Z https://community.hpe.com/t5/operating-system-hp-ux/root-password-in-trusted-system/m-p/3125791#M151977 /usr/lbin/modprpw -l -k root<BR /><BR />That will unlock the root password, if the /etc/passwd file has not been corrupted.<BR /><BR />A console login might unlock the id.<BR /><BR />You may need to boot into single user mode to correct this.<BR /><BR />Last resort, edit the /tcb/files/auth/r/root file and null out the encrypted password.<BR /><BR />This may need to be done in single user mode, but if you have a root session open, you can still do it.<BR /><BR />SEP Fri, 21 Nov 2003 09:32:42 GMT https://community.hpe.com/t5/operating-system-hp-ux/root-password-in-trusted-system/m-p/3125791#M151977 Steven E. Protter 2003-11-21T09:32:42Z https://community.hpe.com/t5/operating-system-hp-ux/root-password-in-trusted-system/m-p/3125792#M151978 Hi Roberto,<BR /><BR />I think that reasons of the problem are different.<BR />Just a few things that you can try/verify:<BR /><BR />1. pwconv command should be executed, from man pwcon:<BR /><BR />pwconv - update secure password facility<BR /><BR />It is enough to type from command line<BR /><BR /># pwconv<BR /><BR />2.<BR /># authck -pv <BR /><BR />from man of command:<BR /><BR />authck - check internal consistency of Authentication database<BR /><BR />If you found messages or problems by last two commands you should solve them.<BR /><BR />3. You should verify /etc/nsswitch.conf, if it contains<BR /><BR />passwd: compat<BR />group: compat<BR /><BR />They are in this way if your system uses NIS service; if it is not then just change the word 'compat' to 'files'.<BR /><BR />In all the three cases above after the action, you could re-try root password change.<BR /><BR />I hope this helps you.<BR /><BR />Best regards,<BR />Ettore Fri, 21 Nov 2003 10:14:30 GMT https://community.hpe.com/t5/operating-system-hp-ux/root-password-in-trusted-system/m-p/3125792#M151978 Fabio Ettore 2003-11-21T10:14:30Z https://community.hpe.com/t5/operating-system-hp-ux/root-password-in-trusted-system/m-p/3125793#M151979 Roberto,<BR /><BR />If your password has more than 8 characters, try logging in with just the first 8 characters. Trusted systems get set to a max of 8 character passwords by default when implemented. You can adjust this limit via SAM in the auditing and security section once logged in.<BR /><BR />Hope this helps,<BR />Eric Fri, 21 Nov 2003 11:22:47 GMT https://community.hpe.com/t5/operating-system-hp-ux/root-password-in-trusted-system/m-p/3125793#M151979 erics_1 2003-11-21T11:22:47Z https://community.hpe.com/t5/operating-system-hp-ux/root-password-in-trusted-system/m-p/3125794#M151980 Let me clarify Eric's comment. When you first convert a system from standard mode to trusted mode, only the first 8 characters of the EXISTING password are used. That's because in standard mode the way the password is encoded in /etc/passwd has no room to hold anything longer. You may THINK you have a longer password in standard mode, but the excess characters are actually ignored by the system. So if you set your password to foobar37, you could login with a password of foobar37, foobar375, or foobar37abcdefg. Likewise, if you set your password to foobar37abcdefg, you could login with a password of just foobar37. This is standard UNIX behavior for the old style /etc/passwd file format.<BR /><BR />When you convert from standard to trusted, you get passwords of up to 80 chracters. But there is no way for the conversion process to recreate the characters that were previously thrown away, so only the first 8 characters are initially used. And since anything after the first 8 is now checked, not ignored, this causes some confusion until the first password change by that user after the conversion to trusted mode. <BR /><BR />Actual behavior varies slightly from release to release as code was added to try to make this difference less confusing to users. But the bottom line is that you can't create missing characters out of thin air.<BR /><BR />You do not need to edit anything with SAM to get trusted mode to accept the longer passwords.<BR /><BR /> Sat, 22 Nov 2003 21:23:47 GMT https://community.hpe.com/t5/operating-system-hp-ux/root-password-in-trusted-system/m-p/3125794#M151980 doug hosking 2003-11-22T21:23:47Z https://community.hpe.com/t5/operating-system-hp-ux/root-password-in-trusted-system/m-p/3125795#M151981 Hi at all and thanks for your helps!<BR />Fantastic forum...<BR />I solved my password problem...<BR /><BR />It was the string 'compat' on password and group into /etc/nsswitch.conf file. I changed it to 'files' and I could modify the root password.<BR />Now I can login with the new password.<BR /><BR />Roberto. Mon, 24 Nov 2003 03:42:03 GMT https://community.hpe.com/t5/operating-system-hp-ux/root-password-in-trusted-system/m-p/3125795#M151981 Roberto Paris 2003-11-24T03:42:03Z https://community.hpe.com/t5/operating-system-hp-ux/root-password-in-trusted-system/m-p/3125796#M151982 Ah, the missing information. Now it makes more sense. Trusted mode is not compatible with NIS.<BR /> Mon, 24 Nov 2003 05:24:56 GMT https://community.hpe.com/t5/operating-system-hp-ux/root-password-in-trusted-system/m-p/3125796#M151982 doug hosking 2003-11-24T05:24:56Z