HPE Community
Operating System - HP-UX
1751914 Members
4930 Online
108783 Solutions
New Discussion юеВ

Re: User account locking/unlocking in HPUX 11i with SC + SMSE

 
Sanjay Sutar
Frequent Advisor

тАО03-06-2007 06:48 PM

тАО03-06-2007 06:48 PM

User account locking/unlocking in HPUX 11i with SC + SMSE

Hi All,
What command I can use to lock and unlock user accounts on HPUX 11i with "Security Containment" (SC) and "Standard Mode Security Extensions" (SMSE)

Can we consider such system as trusted or they are still non-Trusted?
And how does the iscomsec behaves on such system?

Thanks for your assistance!!
0 Kudos
Reply
5 REPLIES 5
Chan 007
Honored Contributor

тАО03-06-2007 10:19 PM

тАО03-06-2007 10:19 PM

Re: User account locking/unlocking in HPUX 11i with SC + SMSE

Hi,

This PD gives information that you looking for

http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=SecurityExt

Chan
0 Kudos
Reply
Sunny Jaisinghani
Trusted Contributor

тАО03-06-2007 10:33 PM

тАО03-06-2007 10:33 PM

Re: User account locking/unlocking in HPUX 11i with SC + SMSE

Hi Sanjay

you can lock a user account by using "passwd -l".

0 Kudos
Reply
Sanjay Sutar
Frequent Advisor

тАО03-06-2007 11:30 PM

тАО03-06-2007 11:30 PM

Re: User account locking/unlocking in HPUX 11i with SC + SMSE

chan, Sunny,
Thanks for you reply!!

I can lock the accounts but not able to unlock them with modprpw -k command.

So my question is is there any other command to unlock the account on HPUX with Security Containment and Standard Mode Security Extension.
0 Kudos
Reply
Sanjay Sutar
Frequent Advisor

тАО03-07-2007 05:53 PM

тАО03-07-2007 05:53 PM

Re: User account locking/unlocking in HPUX 11i with SC + SMSE

One more update on this!

I could get my hands on a HPUX v2 (11.23) machine with SC + SMSE and checked iscomsec.

as per iscomsec output, the machine is NOT trusted.

So clearly modprpw -k will not work.

So what should I use to unlock the user ( I am interested in doing it from command line)

Thanks for your help!!
0 Kudos
Reply
Reshma Malusare
Trusted Contributor

тАО03-07-2007 06:11 PM

тАО03-07-2007 06:11 PM

Re: User account locking/unlocking in HPUX 11i with SC + SMSE

Hi sanjay,
Deactivating an account places an ├в *├в in the user├в s password field & prevents user from logging in. However, the user entry remains in the /etc/passwd file & can be reactivated.

#passwd ├в l
Deactivate a user account.

you can also do it with sam. You can either use SAM to reactivate the account or simply change the user├в s password using the passwd command.
Choose Users from the next menu. SAM will display a list of users. If there are more than 500 users on your system, you will be asked to select a subset of users.
Choose either Remove or Deactivate... from the Actions menu. SAM will display a list of
choices for handling the user├в s files.

Thanks & Regards
Reshma
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.