https://community.hpe.com/t5/operating-system-hp-ux/trusted-mode-root-lockout/m-p/3326346#M188380 Hi Randy,<BR /><BR />You can change the values for root either as RAC suggested, or via SAM. It's also worth looking at the output of /usr/lbin/getprpw root regularly to see attempted login times and ttys to give you a clue as to what's going on.<BR /><BR />Which logs do you suspect are filling up? If your system is configured such that / can fill up with logs then it's possible that this is the cause. However, in this instance I believe that root is only locked out because there's no way of writing logs when you attempt to login, rather than being locked out within the /tcb area.<BR /><BR />regards,<BR /><BR />Darren. Thu, 08 Jul 2004 08:25:07 GMT Darren Prior 2004-07-08T08:25:07Z https://community.hpe.com/t5/operating-system-hp-ux/trusted-mode-root-lockout/m-p/3326342#M188376 Is there a way to force trusted mode to NOT lockout the root account? <BR /><BR />We have not identified exactly why the root account is getting locked out but we think it is do to logs filling up.<BR /><BR /> Thu, 08 Jul 2004 07:19:24 GMT https://community.hpe.com/t5/operating-system-hp-ux/trusted-mode-root-lockout/m-p/3326342#M188376 Randy Gelineau 2004-07-08T07:19:24Z https://community.hpe.com/t5/operating-system-hp-ux/trusted-mode-root-lockout/m-p/3326343#M188377 On trusted system, three unsuccessfuly logins attempts will lock the account. This is controlled by umaxlntr.<BR /><BR />/usr/lbin/getprdef -m umaxlntr<BR />/usr/lbin/modprdef -m umaxlntr=5<BR /><BR />Now 5 unsuccessfult logins attempts will lock the account<BR /><BR />Anil Thu, 08 Jul 2004 07:27:08 GMT https://community.hpe.com/t5/operating-system-hp-ux/trusted-mode-root-lockout/m-p/3326343#M188377 RAC_1 2004-07-08T07:27:08Z https://community.hpe.com/t5/operating-system-hp-ux/trusted-mode-root-lockout/m-p/3326344#M188378 HI,<BR />Have a look at the doc attached.<BR />Hope that helps.<BR />Regards, Thu, 08 Jul 2004 07:46:54 GMT https://community.hpe.com/t5/operating-system-hp-ux/trusted-mode-root-lockout/m-p/3326344#M188378 Bharat Katkar 2004-07-08T07:46:54Z https://community.hpe.com/t5/operating-system-hp-ux/trusted-mode-root-lockout/m-p/3326345#M188379 root will not be able to get into the machine to run any commands if its account is locked. <BR /><BR />I would rather not boot into single user mode to unlock it. This is the situation we are trying to avoid. Thu, 08 Jul 2004 07:59:17 GMT https://community.hpe.com/t5/operating-system-hp-ux/trusted-mode-root-lockout/m-p/3326345#M188379 Randy Gelineau 2004-07-08T07:59:17Z https://community.hpe.com/t5/operating-system-hp-ux/trusted-mode-root-lockout/m-p/3326346#M188380 Hi Randy,<BR /><BR />You can change the values for root either as RAC suggested, or via SAM. It's also worth looking at the output of /usr/lbin/getprpw root regularly to see attempted login times and ttys to give you a clue as to what's going on.<BR /><BR />Which logs do you suspect are filling up? If your system is configured such that / can fill up with logs then it's possible that this is the cause. However, in this instance I believe that root is only locked out because there's no way of writing logs when you attempt to login, rather than being locked out within the /tcb area.<BR /><BR />regards,<BR /><BR />Darren. Thu, 08 Jul 2004 08:25:07 GMT https://community.hpe.com/t5/operating-system-hp-ux/trusted-mode-root-lockout/m-p/3326346#M188380 Darren Prior 2004-07-08T08:25:07Z https://community.hpe.com/t5/operating-system-hp-ux/trusted-mode-root-lockout/m-p/3326347#M188381 You can log in through console.<BR /><BR />Anil Thu, 08 Jul 2004 08:33:53 GMT https://community.hpe.com/t5/operating-system-hp-ux/trusted-mode-root-lockout/m-p/3326347#M188381 RAC_1 2004-07-08T08:33:53Z https://community.hpe.com/t5/operating-system-hp-ux/trusted-mode-root-lockout/m-p/3326348#M188382 Hi,<BR /><BR />If the root account is locked, it will allow you to login from the console and you can enable the account by running "modprpw -k root".<BR /><BR />If you do not want your root account locked, then turn off (make it 99) maximum number of unsuccessful attempts as previously mentioned. If you are planning to do so, then make sure you have /etc/securetty file so that no one will be able to login from other than console. Have a mechanism to notify you after certain number (say 10) of successive unsuccesful attempts so you can keep an eye on malicious attempts.<BR /><BR />To find out why root account is getting locked, look at your 'lastb' and the 'unsuccessful su - root' entries in /var/adm/sulog. <BR /><BR />-Sri Thu, 08 Jul 2004 08:38:52 GMT https://community.hpe.com/t5/operating-system-hp-ux/trusted-mode-root-lockout/m-p/3326348#M188382 Sridhar Bhaskarla 2004-07-08T08:38:52Z