https://community.hpe.com/t5/operating-system-hp-ux/reactivation-of-disabled-accounts/m-p/4904138#M404684 Hey;<BR /><BR />for user in sys adm daemon lp<BR />do<BR />echo ${user}<BR />passwd -l ${user}<BR />modprpw -e ${user}<BR />done<BR /><BR />HTH;<BR /><BR />Doug Thu, 26 May 2005 14:27:36 GMT Doug O'Leary 2005-05-26T14:27:36Z https://community.hpe.com/t5/operating-system-hp-ux/reactivation-of-disabled-accounts/m-p/4904137#M404683 I got a bit overzealous trying to clean up user accounts on our HPUX 11i systems. I turned on global password aging expiration using SAM. after doing so, I went back to reactivate some accounts for some users.....even some of the system accounts. <BR /><BR />Now I am trying to disable those accounts that are supposed to be disabled, such as sys, adm, daemon, lp...etc. I have a system which I haven't done this to, and I would like to copy their /tcb/files/auth/[daemon] file over to restore the default. is this a wise move? or is there a better way to restore. <BR /><BR />the default i believe is supposed to have no password, an * indicating that the account is disabled.<BR /><BR />Thank you in advance.<BR />Yurika Thu, 26 May 2005 13:44:34 GMT https://community.hpe.com/t5/operating-system-hp-ux/reactivation-of-disabled-accounts/m-p/4904137#M404683 yurika 2005-05-26T13:44:34Z https://community.hpe.com/t5/operating-system-hp-ux/reactivation-of-disabled-accounts/m-p/4904138#M404684 Hey;<BR /><BR />for user in sys adm daemon lp<BR />do<BR />echo ${user}<BR />passwd -l ${user}<BR />modprpw -e ${user}<BR />done<BR /><BR />HTH;<BR /><BR />Doug Thu, 26 May 2005 14:27:36 GMT https://community.hpe.com/t5/operating-system-hp-ux/reactivation-of-disabled-accounts/m-p/4904138#M404684 Doug O'Leary 2005-05-26T14:27:36Z https://community.hpe.com/t5/operating-system-hp-ux/reactivation-of-disabled-accounts/m-p/4904139#M404685 modprpw is not found when I try to excute it.<BR />my system IS in trusted mode, what else could be preventing me from finding the command?<BR /><BR />Thank you, Thu, 26 May 2005 14:37:58 GMT https://community.hpe.com/t5/operating-system-hp-ux/reactivation-of-disabled-accounts/m-p/4904139#M404685 yurika 2005-05-26T14:37:58Z https://community.hpe.com/t5/operating-system-hp-ux/reactivation-of-disabled-accounts/m-p/4904140#M404686 If you have trusted system, all passwds are * in the /etc/passwd file.<BR /><BR />This does not indicate that the account is disabled. Thu, 26 May 2005 14:39:59 GMT https://community.hpe.com/t5/operating-system-hp-ux/reactivation-of-disabled-accounts/m-p/4904140#M404686 Rick Garland 2005-05-26T14:39:59Z https://community.hpe.com/t5/operating-system-hp-ux/reactivation-of-disabled-accounts/m-p/4904141#M404687 /usr/lbin/modprpw Thu, 26 May 2005 14:42:28 GMT https://community.hpe.com/t5/operating-system-hp-ux/reactivation-of-disabled-accounts/m-p/4904141#M404687 erics_1 2005-05-26T14:42:28Z https://community.hpe.com/t5/operating-system-hp-ux/reactivation-of-disabled-accounts/m-p/4904142#M404688 yudi ... check out this document . It has some good tips for troubleshooting this type of issue: KBRC00010639<BR /> Thu, 26 May 2005 14:47:43 GMT https://community.hpe.com/t5/operating-system-hp-ux/reactivation-of-disabled-accounts/m-p/4904142#M404688 Kent Ostby 2005-05-26T14:47:43Z https://community.hpe.com/t5/operating-system-hp-ux/reactivation-of-disabled-accounts/m-p/4904143#M404689 For those system accounts (daemon, bin, adm...) you could also move aside the users protected passwd file and running pwconv will recreate it. the prpw entry will now be set to an "*", pretty much where they were before you made the global change.<BR /><BR />ex:<BR />mv /tcb/auth/files/d/daemon /tmp<BR />pwconv<BR /><BR /><BR />hope this helps,<BR />-denver Thu, 26 May 2005 14:52:26 GMT https://community.hpe.com/t5/operating-system-hp-ux/reactivation-of-disabled-accounts/m-p/4904143#M404689 Denver Osborn 2005-05-26T14:52:26Z https://community.hpe.com/t5/operating-system-hp-ux/reactivation-of-disabled-accounts/m-p/4904144#M404690 Thank you all for all your help!<BR />the update secure password facility, pwconv seems to do the trick!<BR />Yurika Thu, 26 May 2005 15:00:04 GMT https://community.hpe.com/t5/operating-system-hp-ux/reactivation-of-disabled-accounts/m-p/4904144#M404690 yurika 2005-05-26T15:00:04Z https://community.hpe.com/t5/operating-system-hp-ux/reactivation-of-disabled-accounts/m-p/4904145#M404691 thank you! Thu, 26 May 2005 15:01:21 GMT https://community.hpe.com/t5/operating-system-hp-ux/reactivation-of-disabled-accounts/m-p/4904145#M404691 yurika 2005-05-26T15:01:21Z