https://community.hpe.com/t5/operating-system-hp-ux/shadow-passwd/m-p/4776359#M390499 <P>[Will it affect applications?]<BR /><BR />The answer will be very similar to the situation with the Trusted System mode in your earlier thread:<BR /><BR /><A href="http://h30499.www3.hp.com/t5/System-Administration/Changing-Untrusted-system-to-Trusted-System/m-p/4775901#M390435" target="_blank">http://h30499.www3.hp.com/t5/System-Administration/Changing-Untrusted-system-to-Trusted-System/m-p/4775901#M390435</A></P> <P>&nbsp;</P> <P>If your application does not use HP-UX system passwords or any other authentication information, it will not be affected at all.<BR /><BR />If the application uses PAM libraries to perform authentication, it will most likely not be affected at all.<BR /><BR />But if the application expects to read password hashes from /etc/passwd (either by reading the file directly, or by using getpwent()/getpwuid()/getpwnam() system calls) and cannot support the /etc/shadow-specific fgetspent()/getspnam() system calls, the authentication functions of the application will fail.<BR /><BR />On one hand, the getsp...() system calls are standard in many other Unix-style OSs, so many multi-platform applications should be easy to convert to use them on HP-UX too. <BR /><BR />On the other hand, the shadow password system is much newer on HP-UX specifically than the old Trusted System mode, so if the application is old and it has not been updated for 11.23/11.31, it is somewhat more likely to have problems with shadow passwords than with the Trusted System mode.<BR /><BR />MK</P> Thu, 04 Aug 2011 16:14:37 GMT Matti_Kurkela 2011-08-04T16:14:37Z https://community.hpe.com/t5/operating-system-hp-ux/shadow-passwd/m-p/4776357#M390497 Hi,<BR /><BR />Converting /etc/passwd to /etc/shadow using pwconv will affect applications.I have oracle users in my system.System is HP-UX 11.23.<BR /><BR />Regards,<BR />PVM. Tue, 12 Apr 2011 04:13:08 GMT https://community.hpe.com/t5/operating-system-hp-ux/shadow-passwd/m-p/4776357#M390497 PVM_2 2011-04-12T04:13:08Z https://community.hpe.com/t5/operating-system-hp-ux/shadow-passwd/m-p/4776358#M390498 Hello PVM,<BR /><BR />When you convert /etc/passwd file to /etc/shadow, all the user's password gets lock.You need to reset the password with password complexity.So if your application user created on OS level then you need to reset/unlock the user.<BR /><BR />Thanks<BR /><BR /> Tue, 12 Apr 2011 07:37:24 GMT https://community.hpe.com/t5/operating-system-hp-ux/shadow-passwd/m-p/4776358#M390498 YMP 2011-04-12T07:37:24Z https://community.hpe.com/t5/operating-system-hp-ux/shadow-passwd/m-p/4776359#M390499 <P>[Will it affect applications?]<BR /><BR />The answer will be very similar to the situation with the Trusted System mode in your earlier thread:<BR /><BR /><A href="http://h30499.www3.hp.com/t5/System-Administration/Changing-Untrusted-system-to-Trusted-System/m-p/4775901#M390435" target="_blank">http://h30499.www3.hp.com/t5/System-Administration/Changing-Untrusted-system-to-Trusted-System/m-p/4775901#M390435</A></P> <P>&nbsp;</P> <P>If your application does not use HP-UX system passwords or any other authentication information, it will not be affected at all.<BR /><BR />If the application uses PAM libraries to perform authentication, it will most likely not be affected at all.<BR /><BR />But if the application expects to read password hashes from /etc/passwd (either by reading the file directly, or by using getpwent()/getpwuid()/getpwnam() system calls) and cannot support the /etc/shadow-specific fgetspent()/getspnam() system calls, the authentication functions of the application will fail.<BR /><BR />On one hand, the getsp...() system calls are standard in many other Unix-style OSs, so many multi-platform applications should be easy to convert to use them on HP-UX too. <BR /><BR />On the other hand, the shadow password system is much newer on HP-UX specifically than the old Trusted System mode, so if the application is old and it has not been updated for 11.23/11.31, it is somewhat more likely to have problems with shadow passwords than with the Trusted System mode.<BR /><BR />MK</P> Thu, 04 Aug 2011 16:14:37 GMT https://community.hpe.com/t5/operating-system-hp-ux/shadow-passwd/m-p/4776359#M390499 Matti_Kurkela 2011-08-04T16:14:37Z https://community.hpe.com/t5/operating-system-hp-ux/shadow-passwd/m-p/4776360#M390500 &gt;When you convert /etc/passwd file to /etc/shadow, all the user's password gets lock.<BR />&gt;You need to reset the password with password complexity<BR /><BR />this is not true. with pwconv, all the password hashes in /etc/passwd will be replaced with an "x", and the existing hashed will be transferred to /etc/shadow. so this means that after a pwconv every user can log in with his/her old password. this is also true to backconverting with pwunconv, the passwords will be retained. Tue, 12 Apr 2011 12:52:48 GMT https://community.hpe.com/t5/operating-system-hp-ux/shadow-passwd/m-p/4776360#M390500 Viktor Balogh 2011-04-12T12:52:48Z https://community.hpe.com/t5/operating-system-hp-ux/shadow-passwd/m-p/5888433#M482526 <P>we have ia64 hp server rx8640 setup as nPar running 11.23 and we ran pwconv to convert the system to use the shadow&nbsp;passwords. System was not&nbsp;a trusted system. System has locked out all the users login including root. No user can login incl root. Now have to reset the super user password using Single user mode and reboot !!</P> Mon, 03 Dec 2012 11:48:05 GMT https://community.hpe.com/t5/operating-system-hp-ux/shadow-passwd/m-p/5888433#M482526 aht 2012-12-03T11:48:05Z