HPE Community
Operating System - HP-UX
1820540 Members
3397 Online
109626 Solutions
New Discussion юеВ

changing root password fails on a trusted system .. why ???

 
SOLVED
Go to solution
someone_4
Honored Contributor

тАО10-04-2002 11:43 AM

тАО10-04-2002 11:43 AM

changing root password fails on a trusted system .. why ???

Hello everyone
I am having a well documented problem where on my trusted system the passwd command fails and also though sam. The error is " An invalid command syntax was used to invoke the command "/usr/lbin/modprpw" Failed to update protected password database for user "".

I have read other posts on this issue and have found serveral fixes for this. Everything from take the system down and bring it up in single usermode to just unconvert the trusted system and change the passwd.

What is the best way to fix this without messing with the users on the system and without rebooting the server?

And why does this happened? Is there a patch for this issue?

Thanks
~ Richard
0 Kudos
Reply
6 REPLIES 6
Christopher Caldwell
Honored Contributor

тАО10-04-2002 11:50 AM

тАО10-04-2002 11:50 AM

Solution

Re: changing root password fails on a trusted system .. why ???

Try running authck to see what the problem is. Every once in a while, we've seen problems where root's tcb entry got corrupted. The fix is usually is to edit root's tcb entry to blank out/modify the errant part of the root's tcb file.

Reply
Roger Baptiste
Honored Contributor

тАО10-04-2002 02:16 PM

тАО10-04-2002 02:16 PM

Re: changing root password fails on a trusted system .. why ???

Richard,

Does it work for non-root accounts? If so, edit the file manually :
/tcb/files/auth/r/root and clear the entry corresponding to u_pwd= and try running the passwd command again.

HTH
raj
Take it easy.
Reply
Michael Elleby III_1
Trusted Contributor

тАО10-04-2002 02:37 PM

тАО10-04-2002 02:37 PM

Re: changing root password fails on a trusted system .. why ???

Richard, ran into the same problem..

I did it in single user mode, but here's what I did:

1. untrust the system (tsconvert -r)
2. reset the root password
3. then re-trust the system (tsconvert)

The reason why I did it that way, was because another admin had locked out root and I could not get logged in at the console.

Maybe this will help..

Mike Elleby
Knowledge Is Power
Reply
Michael Elleby III_1
Trusted Contributor

тАО10-04-2002 02:39 PM

тАО10-04-2002 02:39 PM

Re: changing root password fails on a trusted system .. why ???

Sorry Richard-

I just re-read your post and noted that I missed some pretty important info about not wanting to reboot the server.

Please accept my apologies..

Mike-
Knowledge Is Power
0 Kudos
Reply
Scott Van Kalken
Esteemed Contributor

тАО10-04-2002 05:20 PM

тАО10-04-2002 05:20 PM

Re: changing root password fails on a trusted system .. why ???

Hey Richard

I think that an authck -a should fix this problem.

I've had a similar problem, but I solved it with an authck -a.

Reply
Darren Prior
Honored Contributor

тАО10-07-2002 02:37 AM

тАО10-07-2002 02:37 AM

Re: changing root password fails on a trusted system .. why ???

Hi Richard,

You haven't told us which version of HP-UX you are using, which would be really useful.

If you are using 10.20 there are a number of patches required for trusted systems (many of which are in HP-UX 11 as standard.)

Anyway, back to your problem! As others have mentioned authck is well worth running - I'd suggest using authck -pv (the -a option also checks the ttys which I don't generally find useful, whereas -pv checks the tcb stuff and lets you know what it's doing.) If that doesn't highlight anything I'd suggest running the following command:

/usr/lbin/getprpw root
Then check to see if there are any 1's in the lockout value. If there are then unlock the root account: /usr/lbin/modprpw -k root
Then try to change the password again. There are some situations which can cause this, including attempting to reset the root password from SAM, or maybe there were too many attempts at the root password.

regards,

Darren.
Calm down. It's only ones and zeros...
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.