- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: LDAP-UX asking for system password
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-05-2007 06:03 AM
тАО04-05-2007 06:03 AM
when i try to telnet as that user i get asked for system password
example
telnet
login:
Password:
System Password:
i tried entering the user password again, and i get the login prompt again
any ideas on why this is happening
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-05-2007 06:55 AM
тАО04-05-2007 06:55 AM
Re: LDAP-UX asking for system password
I would assume that some part of the configuration process was not completed.
Some suggestions:
1) was /etc/nsswtich.conf changed?
2) Did the machine use "net join" to join the domain (this requires an admin password on the windows PDC).
Any number of things could have gone wrong.
I'd check the logfiles like /var/adm/syslog/syslog.log and the event viewer on the windows system for clues as to what went wrong. Then you can post some meaningful data and get some real help.
I believe one of those scripts you ran has an error log that should also be checked.
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-05-2007 07:10 AM
тАО04-05-2007 07:10 AM
Re: LDAP-UX asking for system password
i looked at syslog.log but no important data is in it,
the nsswitch.conf is as follow
passwd: files ldap
group: files ldap
hosts: dns [NOTFOUND=return] files ldap
networks: files ldap
protocols: files ldap
rpc: files ldap
publickey: files
netgroup: files ldap
automount: files
aliases: files
services: files ldap
i can query the AD with the proxy user we setup,
it's a single domain AD, right now this is the test server,
# more krb5.conf
ENTERPRISE.CORP = {
[libdefaults]
default_realm = ENTERPRISE.CORP
default_tgs_enctypes = DES-CBC-CRC
default_tkt_enctypes = DES-CBC-CRC
ccache_type = 2
[realms]
ENTERPRISE.CORP = {
kdc = SRVC.ENTERPRISE.CORP:88
kpasswd_server = SRVC.ENTERPRISE.CORP:761
}
[domain_realm]
.enterprise.corp = ENTERPRISE.CORP
[logging]
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmin.log
default = FILE:/var/log/krb5lib.log
i went to /var/log but no logs are available
pam.conf looks at krb5 then local
login auth sufficient /usr/lib/security/libpam_krb5.1
login auth required /usr/lib/security/libpam_unix.1 try_first_pass
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-05-2007 08:14 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-05-2007 08:16 AM
тАО04-05-2007 08:16 AM
Re: LDAP-UX asking for system password
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-05-2007 08:25 AM
тАО04-05-2007 08:25 AM
Re: LDAP-UX asking for system password
just this
#
# This file defines PAM configuration for a user. The configuration
# here overrides pam.conf.
#
# The format for each entry is:
# user_name module_type module_path options
#
# For example:
#
# user_a auth /usr/lib/security/libpam_unix.1 debug
# user_a auth /usr/lib/security/libpam_dce.1 try_first_pass
# user_a password /usr/lib/security/libpam_unix.1 debug
#
# user_b auth /usr/lib/security/libpam_unix.1 debug use_psd
# user_b password /usr/lib/security/libpam_unix.1 debug use_psd
#
# See the pam_user.conf(4) manual page for more information
#
#
and pam.conf is
#
# Authentication management
#
login auth sufficient /usr/lib/security/libpam_krb5.1
login auth required /usr/lib/security/libpam_unix.1 try_first_pass
su auth sufficient /usr/lib/security/libpam_krb5.1
su auth required /usr/lib/security/libpam_unix.1 try_first_pass
dtlogin auth sufficient /usr/lib/security/libpam_krb5.1
dtlogin auth required /usr/lib/security/libpam_unix.1 try_first_pass
dtaction auth sufficient /usr/lib/security/libpam_krb5.1
dtaction auth required /usr/lib/security/libpam_unix.1 try_first_pass
ftp auth sufficient /usr/lib/security/libpam_krb5.1
ftp auth required /usr/lib/security/libpam_unix.1 try_first_pass
OTHER auth required /usr/lib/security/libpam_unix.1
#
# Account management
#
login account sufficient /usr/lib/security/libpam_krb5.1
login account required /usr/lib/security/libpam_unix.1
su account sufficient /usr/lib/security/libpam_krb5.1
su account required /usr/lib/security/libpam_unix.1
dtlogin account sufficient /usr/lib/security/libpam_krb5.1
dtlogin account required /usr/lib/security/libpam_unix.1
dtaction account sufficient /usr/lib/security/libpam_krb5.1
dtaction account required /usr/lib/security/libpam_unix.1
ftp account sufficient /usr/lib/security/libpam_krb5.1
ftp account required /usr/lib/security/libpam_unix.1
OTHER account required /usr/lib/security/libpam_unix.1
#
# Session management
#
login session sufficient /usr/lib/security/libpam_krb5.1
login session required /usr/lib/security/libpam_unix.1
dtlogin session sufficient /usr/lib/security/libpam_krb5.1
dtlogin session required /usr/lib/security/libpam_unix.1
dtaction session sufficient /usr/lib/security/libpam_krb5.1
dtaction session required /usr/lib/security/libpam_unix.1
OTHER session required /usr/lib/security/libpam_unix.1
#
# Password management
#
login password sufficient /usr/lib/security/libpam_krb5.1
login password required /usr/lib/security/libpam_unix.1
passwd password sufficient /usr/lib/security/libpam_krb5.1
passwd password required /usr/lib/security/libpam_unix.1
dtlogin password sufficient /usr/lib/security/libpam_krb5.1
dtlogin password required /usr/lib/security/libpam_unix.1
dtaction password sufficient /usr/lib/security/libpam_krb5.1
dtaction password required /usr/lib/security/libpam_unix.1
OTHER password required /usr/lib/security/libpam_unix.1
#
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-05-2007 08:27 AM
тАО04-05-2007 08:27 AM
Re: LDAP-UX asking for system password
# pamkrbval -v
Validating the pam configuration files
---------- --- --- ------------- -----
Validating the /etc/pam.conf file
[LOG] : The /etc/pam.conf files permissions are fine
[LOG] : Opened : /etc/pam.conf
[PASS] : The validation of config file: /etc/pam.conf passed
[NOTICE] : The validation of config file: /etc/pam_user.conf is not done
as libpam_updbe library is not configured
Validating the kerberos config file
---------- --- -------- ------ -----
[PASS] : Initialization of kerberos passed
Connecting to default Realm
---------- -- ------- -----
[LOG] : The default realm is : ENTERPRISE.CORP
[LOG] : KDC hosts for realm ENTERPRISE.CORP :SRVC.ENTERPRISE.CORP
[LOG] : Trying to contact KDC for realm ENTERPRISE.CORP...
[LOG] : Realm ENTERPRISE.CORP is answering ticket requests
[PASS] : Default Realm is issuing tickets
Validating the keytab entry for the host service principal
---------- --- ------ ----- --- --- ---- ------- ---------
[LOG] : Host HPUXLAB, aka HPUXLAB.
[LOG] : The default keytab name is : /etc/krb5.keytab
[LOG] : Keytab file /etc/krb5.keytab is present
[LOG] : Permissions on /etc/krb5.keytab are correct.
Keytab entry
Principal: host
Host : hpuxlab
Realm : ENTERPRISE.CORP
Version : 3
[LOG] : Pinging KDC to verify whether host/hpuxlab@ENTERPRISE.CORP exists
[LOG] : The keytab entry for the host service principal host/hpuxlab@ENTERPRISE.
CORP is valid
[PASS] : The keytab validation is successful
Validating the rc_host file for ownership
-------- ------ ---- -------- ------ -----
[PASS] : rc_host file /usr/tmp/rc_host_0 is owned by root, validation successful
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-10-2007 12:26 AM
тАО04-10-2007 12:26 AM
Re: LDAP-UX asking for system password
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-10-2007 06:22 AM
тАО04-10-2007 06:22 AM