HPE Community
Operating System - HP-UX
1834053 Members
2588 Online
110063 Solutions
New Discussion

Authck error: cannot have a password set on the account

 
SOLVED
Go to solution
Alex Paton
New Member

‎09-09-2003 01:31 AM

‎09-09-2003 01:31 AM

Authck error: cannot have a password set on the account

Sorry, first time posting so forgive me if I miss anything out.
I'm having a problem running passwd for certain user accounts on a trusted HP 10.20 machine. When I try setting a password I get the following:
passwd csmcred
Password cannot be changed. Reason: Not allowed to execute passwd for the given user.
I've checked and the user exists in the passwd file and the tcb database. When I run pwck, I get no significant errors, however authck -p shows the following error for every user account:
Userid cannot have a password set on the account
(Although the authck error is reported for every user in the passwd file, the passwd error only occurs for certain users).
I reckon untrusting and retrusting the box will probably solve this, but I was hoping someone out there might be able to suggest a more elegant solution or explain what's going wrong. Many thanks - Sand
Don't tell my girlfriend I've joined a forum
0 Kudos
Reply
6 REPLIES 6
Robert-Jan Goossens
Honored Contributor

‎09-09-2003 01:44 AM

‎09-09-2003 01:44 AM

Solution

Re: Authck error: cannot have a password set on the account

Hi Alex,

check next doc from the technical knowledge base,

Document description: OTHER: root unable to change user's password on trusted system
Document id: A5462641

http://www4.itrc.hp.com/service/cki/docDisplay.do?docLocale=en_US&docId=200000062950780

Hope it helps,

Robert-Jan.
Reply
Alex Paton
New Member

‎09-09-2003 02:13 AM

‎09-09-2003 02:13 AM

Re: Authck error: cannot have a password set on the account

Much appreciated Jan-Robert, I had a look at the default file and couldn't find a duplicate root entry:
default: :d_name=default: :d_boot_authenticate@: :u_pwd=*: :u_owner=root:u_auditid#385: :u_auditflag#-1: :u_minchg#604800:u_maxlen#8:u_exp#2592000:u_life#15552000: :u_pw_expire_warning#259200:u_pswduser=root:u_pickpw:u_genpwd: :u_restrict@:u_nullpw@:u_genchars@:u_genletters: :u_suclog#0:u_unsuclog#0:u_maxtries#5:u_lock: : :t_logdelay#2:t_maxtries#10:t_login_timeout#0: :chkent:
I checked this file on another trusted 10.20 machine (that doesn't exhibit this error) and it looked pretty much identical. I also checked the passwd file for duplicateroot accounts ( userid 0) but this too drew a blank. Any further feedback would be great. Cheers - sandy
Don't tell my girlfriend I've joined a forum
0 Kudos
Reply
Alex Paton
New Member

‎09-09-2003 02:19 AM

‎09-09-2003 02:19 AM

Re: Authck error: cannot have a password set on the account

Whoops, just realised i assigned you a few too many points on that last one Jan-Roberts, think it should have been 7 instead of ten - I still need some help with the error. Cheers - Sandy
Don't tell my girlfriend I've joined a forum
0 Kudos
Reply
Darren Prior
Honored Contributor

‎09-09-2003 02:39 AM

‎09-09-2003 02:39 AM

Re: Authck error: cannot have a password set on the account

Hi,

It would be useful to see the tcb file for one of your problem users; it's best to attach it as a txt file rather than pasting it into your post.

Are there are files under /tcb/files/auth ending in -t?

Before you dig any deeper into these errors, how well patched is this machine; and when did the problem start occuring? The patching issue is vital for trusted systems at 10.20, there being patches for login, SAM that you shouldn't be missing. Although 10.20 is no longer supported by HP, you can still download patches for it. Also knowing when it started may give you a hint of something that was changed around that time.

regards,

Darren
Calm down. It's only ones and zeros...
Reply
john korterman
Honored Contributor

‎09-09-2003 02:44 AM

‎09-09-2003 02:44 AM

Re: Authck error: cannot have a password set on the account

Hi,

you say that the passwd error only occurs for certain users. Do these users have something in common? Do they occur consecutively in /etc/passwd?

regards,
John K.
it would be nice if you always got a second chance
0 Kudos
Reply
Alex Paton
New Member

‎09-09-2003 04:05 AM

‎09-09-2003 04:05 AM

Re: Authck error: cannot have a password set on the account

Thanks to all concerned - The problem did affect consecutive entries in the passwd file and following your suggestion to check the tcb file parameters I found that all the users had the u_pswduser option set to their own userid. The following link provided information on all the parameters:
http://osr5doc.ca.caldera.com:457/cgi-bin/man/man?prpw+F
and explained that this means only the user themselves can set the password for the account. Thanks again for your responses.
Don't tell my girlfriend I've joined a forum
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.