topic Re: Password Reset issue. in Operating System - HP-UX

Password Reset issue.

Mitchell Gaddy — Thu, 05 Jan 2006 12:40:12 GMT

I reset a password using sam. But when I try to login as the user to test it out I keep getting "password change by root" and sends me back to a login prompt. Is there a step that I'm missing? I check to see if the system was using ldap using nsquery passwd username and its going through the /etc/passwd.

Re: Password Reset issue.

A. Clay Stephenson — Thu, 05 Jan 2006 12:46:55 GMT

Execute /usr/lbin/getprpw user and note the values in the lockout field. If any of them are '1' rather than '0' then the account is locked. Next do a man getprpw and that will tell you how to interpret the positional values within the lockout field. Other things to look for are missing home directory or invalid tty device. (All of this assumes you are setup as a Trusted system.

Re: Password Reset issue.

Raj D. — Thu, 05 Jan 2006 12:58:23 GMT

Hi Gaddy ,

Check if the user is deactivated , go to SAM and reactivate and , login again.

Good luck,

hth,
Raj.

Re: Password Reset issue.

Mitchell Gaddy — Thu, 05 Jan 2006 13:19:01 GMT

I used the command and everything looks ok. I recreated the account and I'm able to su to the account and enter the password without any problems. When I try to telnet to the server this is where it doesn't recognize the password.

Re: Password Reset issue.

baiju_3 — Thu, 05 Jan 2006 13:20:25 GMT

try /usr/lbin/modprpw -k username .

You can force a user password to expire by

passwd -f username.

Next time when user logs in , he has to login with old passwd and immediately select a new passwd .

thx,
bl.

Re: Password Reset issue.

A. Clay Stephenson — Thu, 05 Jan 2006 13:34:43 GMT

Okay, this sounds like you are using some characters which have special meanings in the password. e.g '#' - the defgault erase character before it is reset by a stty command in .profile. Possibly '@' - EOL.

Another quirk I discovered when using Microsoft's FTP client was passwords beginning with "-". The first "-" was eaten so to use "-topsecret" as a password, you would actually have to enter "--topsecret" but that was FTP only not telnet. The fact that as an ordinary user you can su to this user and sucessfully login indicates that the password itself is valid. However, this is done after a .profile with more sane stty settings has already been run --- not the case with an initial login via telnet. You are probably the victim of a '#' in the password.