Security
cancel
Showing results for 
Search instead for 
Did you mean: 

USER ID unlock in NIS and Enhanced Security on Tru64 4.0f

SR Rao
Advisor

USER ID unlock in NIS and Enhanced Security on Tru64 4.0f

HI all,

One of the user is locked and I need to unlock the user. The setup is of NIS and enhanced Security.
There are 3 servers involved and the user doesnt exist in any of the local /etc/passwd.

How do I unlock the user???

I tried editing the users profile using edauth command and tried to add the parameter "u_lock@" to it... but all it did was just add "u_lock" and it didnt add that '@' symbol which I believe should disable the lock. Please advice.
5 REPLIES
Venkatesh BL
Honored Contributor

Re: USER ID unlock in NIS and Enhanced Security on Tru64 4.0f

use 'dxaccounts'
Alexey Borchev
Regular Advisor

Re: USER ID unlock in NIS and Enhanced Security on Tru64 4.0f


It's done on NIS Master server.
If You have graphic console - run dxaccounts utility, - View - NIS Users - etc..

if only terminal - try edauth, with -N key
and probably usermod.

User can be locked by administrtive lock OR by timeouts, unsussesful attempts, etc - then altering grace periode will help.

Your users are in /var/yp/src/passwd and /var/yp/src/prpasswd files.
Handle with care, make a backup of /var/yp/src.

after altering users in the files NIS maps shold be rebuileded to make effect.

Good luck!
The fire follows shedule...
SR Rao
Advisor

Re: USER ID unlock in NIS and Enhanced Security on Tru64 4.0f

Thanks, I dont have GUI, hence only terminal. I am not clear how to use edauth and usermod - do you mean together or individually. Can you give me an idea as to how to do this...

If we have to change with edauth - which fields to change and to what value??

There must be some file which holds all the data about the users edauth details, where and which is that - and is it safe enuf to modify directly in that file???
SR Rao
Advisor

Re: USER ID unlock in NIS and Enhanced Security on Tru64 4.0f

Also, when i try to increase the grace limit using the passwd_lifetime attribute, I get the following error:

"usermod: User to be modified is no longer in the password file
The password file has changed since the Account Manager started
Please exit and restart the Account Manager"

How to do this??
Ann Majeske
Honored Contributor

Re: USER ID unlock in NIS and Enhanced Security on Tru64 4.0f

You should be setting the "grace_limit" option in usermod to set the grace limit. See "man usermod".

You can use edauth to edit the database directly. The description of the various fields for the protected password database is in "man prpasswd".

It sounds like you might have a database corruption problem. Try using the authck command, see "man authck".

Good luck!