HPE Community
Operating System - HP-UX
1838105 Members
3786 Online
110124 Solutions
New Discussion

Re: Cannot modify user policies through SAM

 
Philip Dunn_1
Frequent Advisor

‎04-17-2008 05:43 AM

‎04-17-2008 05:43 AM

Cannot modify user policies through SAM

Hi,
Wonder if someone can help.
I am trying to disable password aging for a user (I only know how to do this through SAM), however when I try to apply the changes it tells me it cannot modify the user as it is logged in.

however checking `who` and `ps -ef |grep ssh` root is the only user logged in?

Has anyone seen this before and know how to resolve (hopefully without rebooting)

Thanks

Phil
0 Kudos
Reply
7 REPLIES 7
Philip Dunn_1
Frequent Advisor

‎04-17-2008 05:48 AM

‎04-17-2008 05:48 AM

Re: Cannot modify user policies through SAM

Sorry...
using HPUX 11.23, June 2007 Patch bundle.
0 Kudos
Reply
OFC_EDM
Respected Contributor

‎04-17-2008 06:07 AM

‎04-17-2008 06:07 AM

Re: Cannot modify user policies through SAM

hmmm sounds odd.

Are you running who on the correct system? we've all done that at some point :)

Are there multiple SAM consoles open? This can cause issues...
The Devil is in the detail.
0 Kudos
Reply
Philip Dunn_1
Frequent Advisor

‎04-17-2008 06:20 AM

‎04-17-2008 06:20 AM

Re: Cannot modify user policies through SAM

HaHa I know what you mean,
Unfortunately only got the one SSH session open.

The user I want to change does have processes running (its oracle so databases etc) but definately not logged in.
I wouldn't have thought this would stop me modifying its policies though.

Do you know of any other way to disable password ageing?

Thanks

Phil
0 Kudos
Reply
Tim Nelson
Honored Contributor

‎04-17-2008 07:17 AM

‎04-17-2008 07:17 AM

Re: Cannot modify user policies through SAM

/usr/lbin/modprpw

set llog=0 and exptm=0

e.ge modprpw -m llog=0,exptm=0 oracle

or

edit /tcb/auth/files/o/oracle

Changes will only effect new oracle logins. You should still stop the oracle processes to be sure.


use getprpw oracle to confirm.
0 Kudos
Reply
Philip Dunn_1
Frequent Advisor

‎04-18-2008 12:22 AM

‎04-18-2008 12:22 AM

Re: Cannot modify user policies through SAM

Hi,
Thanks for the command.

I don't seem to have a /tcb directory, will that command still work?

Thanks

Phil
0 Kudos
Reply
whiteknight
Honored Contributor

‎04-18-2008 12:46 AM

‎04-18-2008 12:46 AM

Re: Cannot modify user policies through SAM

Phil,

I think this is a user session disconnect and it did not clear utmp file You said you have a planned downtime, this will help to clear this off.

Also there is a known issue for ssh


CR# JAGag05547
problem
OS : HP-UX 11.X
Product : ssh A.04.30.000
Problem :

sshd, with UsePrivilegeSeparation enabled, will not clear the utmp
entry if the connection is dropped by the keepalive timer, due for
example to a cable disconnect on client side.

The wtmp does not get updated either.

Fix Text

fix
This is fixed in the version A.04.30.14 and later which is available at
http://software.hp.com.

Hope this help

WK

don't forget to assign points
Problem never ends, you must know how to fix it
0 Kudos
Reply
Philip Dunn_1
Frequent Advisor

‎04-18-2008 01:27 AM

‎04-18-2008 01:27 AM

Re: Cannot modify user policies through SAM

I think we're using a higher version than that...

swlist |grep -i secure
T1471AA A.04.40.011 HP-UX Secure Shell

Thanks for the tip anyway.

Phil
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.