HPE Community
Operating System - HP-UX
1752551 Members
4605 Online
108788 Solutions
New Discussion юеВ

Problem with user accounts, kerberos, active directory, hp-ux

 
SOLVED
Go to solution
Rahim Johnson
Advisor

тАО02-12-2009 08:08 AM

тАО02-12-2009 08:08 AM

Problem with user accounts, kerberos, active directory, hp-ux

recently discovered a problem when specific users log onto our HP-UX servers.

The server allows them to log in, but then a bad password request is passed onto our domain controller.
I can track these bad request using Microsoft's LockoutStatus.exe.

As soon as the user logs on with their Unix username (which is the same as their windows username) the server grants access, but there is a bad password logged on the domain controller. If they don't log on successfully to AD (as in log off of windows, or log in to unix with their windows account) they will keep passing bad passwords until their account is locked out.

We have kerberos installed on our UX servers, and users can authenticate with the unix password and the windows password. We plan to authenticate soley by Active Directory some time later. So allowing them to log with the windows password is not ok for now, technically. So I would like to know the cause nonetheless.

This is only affecting 3 users, they do work in the same department, and it only happens when they log onto unix with their unix password. All users are setup the same way on unix.

Thanks in advance, the responses are always great.

Rahim Johnson
It can be fixed!! We just have to figure out how.
0 Kudos
Reply
2 REPLIES 2
Steven E. Protter
Exalted Contributor

тАО02-12-2009 08:14 AM

тАО02-12-2009 08:14 AM

Solution

Re: Problem with user accounts, kerberos, active directory, hp-ux

Shalom,

This document should help:

http://forums11.itrc.hp.com/service/forums/questionanswer.do?threadId=1312879

pdf inside

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Reply
Rahim Johnson
Advisor

тАО08-21-2009 04:23 AM

тАО08-21-2009 04:23 AM

Re: Problem with user accounts, kerberos, active directory, hp-ux

Thanks for your help. It turns out that all logins are being reported as bad passwords in Active Directory. These users were unique in that they were opening up four terminal windows in succession and this was locking them out. It was ironic that although we have dozens of users in multiple departments, only these 3 users had the problem. That is what initially threw us off.

Since then other users have had the problem as well. So we need to adjust how are authentication works. We would like to use windows passwords but there is an 8 character limit until we upgrade to HP-UX 3.

Thanks again
It can be fixed!! We just have to figure out how.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.