HPE Community
Operating System - HP-UX
1826331 Members
3436 Online
109692 Solutions
New Discussion

Can't change password in Trusted system

 
SOLVED
Go to solution
Chris Fung
Frequent Advisor

‎01-16-2002 12:00 AM

‎01-16-2002 12:00 AM

Can't change password in Trusted system

Hi,

After I enable the trusted system through sam in my L1000 machine which running HP-UX 11.0 (64-bit), I cannot change the password for any account even root. I only got the error message "Unexpected failure, Password file unchanged" after I issue the command > passwd [account name]

I tried to open another terminal to login to the system, but even I provide the correct password, the system just won't allow me to login. Now I only got a running session left!! And I am afraid I could not login again with any account after I close this session. Pls help!!

By the way, I counldn't locate the restore command for tcb both in command line or in SAM.

Thanks for help,

Chris Fung,
0 Kudos
Reply
8 REPLIES 8
Michael Tully
Honored Contributor

‎01-16-2002 12:17 AM

‎01-16-2002 12:17 AM

Solution

Re: Can't change password in Trusted system

Hi Chris,

You need to un-trust the system first.

# /usr/lbin/tsconvert -r

These commands do not have on-line
man pages.

-Michael
Anyone for a Mutiny ?
Reply
JACQUET
Frequent Advisor

‎01-16-2002 12:21 AM

‎01-16-2002 12:21 AM

Re: Can't change password in Trusted system

Hi,

In case you want to go back :
/usr/lbin/tsconvert -r
That will restore your old /etc/passwd and /etc/group as it was before in non trusted system.
Then, chack if you have the latest HP-UX Patch for passwd/add/mod/delete and SAM Patch :
PHCO_20679 (user/group add/mod/del)
PHCO_20187 (SAM)
PHCO_24189 (passwd)
PHKL_24276 (trusted system)

It may help

PJA
PJA
Reply
Chris Fung
Frequent Advisor

‎01-16-2002 12:23 AM

‎01-16-2002 12:23 AM

Re: Can't change password in Trusted system

Thanks for Micheal !!! U save my life..!!!
0 Kudos
Reply
Michael Tully
Honored Contributor

‎01-16-2002 12:26 AM

‎01-16-2002 12:26 AM

Re: Can't change password in Trusted system

Hi,

If you wished to try this again, your
will need to change your 'root'
password. (after) I use sudo on all of my
systems, so I don't need to use this....
Anyway to trust your system use

# /usr/lbin/tsconvert
to convert back use -r
In the link below are man pages where
you can administer some of your trusted
system. Just a word of caution... If you trust
a system all users will need to change their
passwords.... Watch out for potential
mutiny... The best method is of course to
trust a system during the initial build
stages.

Use the modprpw -k to unlock
accounts.


http://forums.itrc.hp.com/cm/QuestionAnswer/1,,0x98153d853cd9d5118ff40090279cd0f9,00.html

-Michael
Anyone for a Mutiny ?
Reply
Stefan Farrelly
Honored Contributor

‎01-16-2002 12:31 AM

‎01-16-2002 12:31 AM

Re: Can't change password in Trusted system


It sounds like the process to convert to a trusted system didnt work properly. Did you use SAM to convert it ? (I presume so seeing as you couldnt find the tsconvert command). So do you have the latest SAM patches ? Theres always patches coming out for it. I make the latest; PHCO_23876

Try to get your system back to how it was (/etc/passwd looks good, can login aok etc. make sure the /tcb directory is not there or rename it) then update your patches and retry. There is no particular patch for the tsconvert command.
Im from Palmerston North, New Zealand, but somehow ended up in London...
0 Kudos
Reply
Animesh Chakraborty
Honored Contributor

‎01-16-2002 12:54 AM

‎01-16-2002 12:54 AM

Re: Can't change password in Trusted system

Hi,
Try this

#/usr/sam/lbin/usermod.sam -F -p "" root
#passwd

Password should not be more than 8 chars.

Best of luck
Animesh

Did you take a backup?
0 Kudos
Reply
Chris Fung
Frequent Advisor

‎01-16-2002 12:55 AM

‎01-16-2002 12:55 AM

Re: Can't change password in Trusted system

Hey guys,

I tried to reconver my system to tcb again and I found that there was an error message generated after I issue the password command for an normal user account:

Quote

>passwd xxx

Changing password for xxx
Last successful password change for xxx: NEVER
Last unsuccessful password change for xxx: NEVER

Current user has no Protected Password Entry

>

Unquote

What I am wondering is that, the last message - "no protected password entry" What's going on for my machine? I got all the patches mentioned-above except PHCO_20187 which I couldn't find it in patch database as well !!

Any recommendations for implementing the tcb are appreciated.

Chris,

0 Kudos
Reply
Steve Steel
Honored Contributor

‎01-16-2002 01:01 AM

‎01-16-2002 01:01 AM

Re: Can't change password in Trusted system

Hi


Sounds like an entry in passwd not in protected passwd

Try Running ' /usr/sbin/authck -pv '


Correct any problems


Steve Steel
If you want truly to understand something, try to change it. (Kurt Lewin)
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.