HPE Community
Operating System - HP-UX
1752683 Members
5216 Online
108789 Solutions
New Discussion юеВ

root account lockout in a secured environment

 
SOLVED
Go to solution
Pando
Regular Advisor

тАО04-28-2005 07:10 PM

тАО04-28-2005 07:10 PM

root account lockout in a secured environment

dear gurus,

I have already applied the needed security to my hpux ia64 server. unfortunately, the root account was locked! From single user mode, how can i unlocked it.

Maximum points for all correct replies!
0 Kudos
7 REPLIES 7
Naveej.K.A
Honored Contributor

тАО04-28-2005 07:14 PM

тАО04-28-2005 07:14 PM

Solution

Re: root account lockout in a secured environment

Hi,

Boot into single user mode,

# mount -a
# usr/lbin/tsconvert -r
this untrusts the system

do # passwd root

Changes the password

# /usr/lbin/tsconvert -rto put the system trusted

Regards,
Naveej
practice makes a man perfect!!!
0 Kudos
T G Manikandan
Honored Contributor

тАО04-28-2005 07:14 PM

тАО04-28-2005 07:14 PM

Re: root account lockout in a secured environment

If you have the system in trusted mode,

you can still login into the console and then enable root using

#modprpw -k root


0 Kudos
Ian Vaughan
Honored Contributor

тАО04-28-2005 07:15 PM

тАО04-28-2005 07:15 PM

Re: root account lockout in a secured environment

Howdy,
Even a trusted system witha "locked" root account will let you in on the console. Use the management console and then "CO" to get UX console.
HTH
Ian
Hope that helps - please click "Thumbs up" for Kudos if it does
## ---------------------------------------------------------------------------##
Which is the only cheese that is made backwards?
Edam!
Tweets: @2techie4me
0 Kudos
Joseph Loo
Honored Contributor

тАО04-28-2005 07:24 PM

тАО04-28-2005 07:24 PM

Re: root account lockout in a secured environment

hi,

# /usr/lbin/modprpw -k root
unlocks the account.

but if u have forgotten your password and need to re-boot to single user mode to change it:

. Boot in attended mode:
Press Escape while the machine is
searching for a system to boot.

. Boot up with an extra argument of "isl":
Select from the menu: bo pri isl

. When ISL appears, boot in init state `s':
ISL> hpux -is

once u r in single-user mode:

# /sbin/passwd
enter new and confirm password

regards.
what you do not see does not mean you should not believe
0 Kudos
Ravi_8
Honored Contributor

тАО04-28-2005 07:28 PM

тАО04-28-2005 07:28 PM

Re: root account lockout in a secured environment

Hi

even if the system is trusted, console should allow root login.

activate the root as TG said
or sam-->user admin-->users select the root using action unlock the user
never give up
0 Kudos
renarios
Trusted Contributor

тАО04-28-2005 07:34 PM

тАО04-28-2005 07:34 PM

Re: root account lockout in a secured environment

Hi Fernando,

Do you have another server that you can rlogin (w/o PW) from?

If you have another trusted system, you might also try to ftp the /tcb/files/auth/r/root entry from that system to this one - then use that system's root PW.

But I think there's a good likelihood that you'll be having to get to single-user
mode to properly resolve this

Cheers,

Renarios
Nothing is more successfull as failure
0 Kudos
Pando
Regular Advisor

тАО04-28-2005 07:51 PM

тАО04-28-2005 07:51 PM

Re: root account lockout in a secured environment

thanks for all the quick answers!
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.