- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: Converting untrusted system to trusted
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-23-2006 06:18 AM
01-23-2006 06:18 AM
I've got and HP-UX 11.00 system, it's Un-Trusted, and I would like to convert it into a Trusted system... I know that I use sam to do it, but I would like to know if I need a specific patch to do it?? And if I do it will it impact my system access for the user, I mean lock the account or anything like that??
Thanks
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-23-2006 06:27 AM
01-23-2006 06:27 AM
SolutionJonathan,
If you have system patched to the latest patch bundle you should be good to go.
A couple of potential issues: The conversion only carries over the first eight charactors of the password - so some users may have login issues.
Also, keep a root window open when you do the conversion. Test roots login after the conversion, and if it needs to have it's password reset, you have a root window open to reset the password.
to unlock a users account after conversion
/usr/lbin/modprpw -k userID
to view a users account after conversion
/usr/lbin/getprpw userID
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-23-2006 06:34 AM
01-23-2006 06:34 AM
Re: Converting untrusted system to trusted
http://docs.hp.com/en/B2355-90950/B2355-90950.pdf
Trusted System Security starts at page 789.
Rgds...Geoff
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-23-2006 07:23 AM
01-23-2006 07:23 AM
Re: Converting untrusted system to trusted
If the conversion happens, you are patched enough to do it.
I do recommend haveing the latest well tested patch on any 11.00 system. That's a quarterly update from some time in 2004 if I'm not mistaken.
Some users with expired passwords or who have not used their accounts for some time will become locked. There is a standard set of rules that this process uses to make your system more trustable.
I'm a big believer in trusted systems and try to do it whenever possible. There are NIS impacts to think about though.
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-23-2006 07:28 AM
01-23-2006 07:28 AM
Re: Converting untrusted system to trusted
It won't lock any users .
You can do it on command line by
#/usr/lbin/tsconvert
Regards ..bl.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-23-2006 12:31 PM
01-23-2006 12:31 PM
Re: Converting untrusted system to trusted
See on the attachment and you will find what you want!
PS: You should assign point to everyone who takes time to help you.
"I have assigned points to 280 of 404 responses to my questions."
Thanks and best regard,
Hoang Chi Cong
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-23-2006 04:30 PM
01-23-2006 04:30 PM
Re: Converting untrusted system to trusted
http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=638058
Use Bharat's document.
--
Muthu
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-23-2006 08:38 PM
01-23-2006 08:38 PM
Re: Converting untrusted system to trusted
will actvate the user acount when there are 3 unsucesfull logins,
/usr/lbin/modprpw -v userID
will set you passwd age to 0, this is usefull if there are already passwd ages on your untrusted system this is visable if you have dots in your encripted passwd like so:
username:jkhfdskjfh.??.??:200:200
Kind regarts.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-10-2006 06:14 AM
02-10-2006 06:14 AM
Re: Converting untrusted system to trusted
Thanks
Jonathan