HPE Community
Operating System - HP-UX
1844168 Members
2488 Online
110229 Solutions
New Discussion

Re: Enable the user

 
SOLVED
Go to solution
Abhilash Krishnan
Frequent Advisor

‎07-03-2008 03:06 AM

‎07-03-2008 03:06 AM

Enable the user

I am facing a problem for enabling a user even after using the /usr/lbin/modprpw -k username command it still shows acclockout=0001000. this is a crtical user.pls reply.....

thanks
0 Kudos
Reply
7 REPLIES 7
Anshumali
Esteemed Contributor

‎07-03-2008 04:00 AM

‎07-03-2008 04:00 AM

Solution

Re: Enable the user

Biju,

Here is my experience which i had once, not sure how much it is related with your issue.

The user was getting disabled at soon as i enable and the 1 was at 4(incorrect password), to watch it carefully, i had to increase the login attempts to 99 for testing and saw that there was a script which was doing that login attempts at fast pace. We found that password was changed but no one bothered to change the password in the script and account was getting disabled. You may get the messages for wrong login attempts in syslog.
Other things to check:
1. lastb -R|grep -i user
2. syslog for failed logins

Anshu
Dreams are not which you see while sleeping, Dreams are which doesnt allow you to sleep while you are chasing for them!!
Reply
Anshumali
Esteemed Contributor

‎07-03-2008 04:02 AM

‎07-03-2008 04:02 AM

Re: Enable the user

Or may be this account is being compromised by some malicious attempts. In this case, lastb -R |grep -i user might help.
Think from Security Perspective :)
Dreams are not which you see while sleeping, Dreams are which doesnt allow you to sleep while you are chasing for them!!
Reply
Steven E. Protter
Exalted Contributor

‎07-03-2008 04:21 AM

‎07-03-2008 04:21 AM

Re: Enable the user

Shalom,

definitely a potential security problem.

Could also be an errant scripted login from an external or even internal script.

There will be entries to help you track this down. See /var/adm/syslog/syslog.log to start out.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Reply
Abhilash Krishnan
Frequent Advisor

‎07-03-2008 05:37 AM

‎07-03-2008 05:37 AM

Re: Enable the user

Problem not yet solved i am attaching the output of /usr/lbin/getprpw user pls check...
0 Kudos
Reply
Jeeshan
Honored Contributor

‎07-03-2008 06:39 AM

‎07-03-2008 06:39 AM

Re: Enable the user

did you try to enable the user with SAM?

check with SAM and also check the syslog.log file.

is it in trusted mode?
a warrior never quits
0 Kudos
Reply
Abhilash Krishnan
Frequent Advisor

‎07-03-2008 07:20 AM

‎07-03-2008 07:20 AM

Re: Enable the user

yes..i tried with sam also...its a trusted system.
0 Kudos
Reply
Anshumali
Esteemed Contributor

‎07-03-2008 09:25 AM

‎07-03-2008 09:25 AM

Re: Enable the user

Did you check your syslog.log
The imp thing i see in your getprpw is below, see the timestamps.

slogint=Thu Jul 3 18:37:45 2008
spwchg=Thu Jul 3 18:37:57 2008
ulogint=Thu Jul 3 18:38:27 2008 ----->(Does syslog capture this failed attempt just after successful login/passwd change)


Dreams are not which you see while sleeping, Dreams are which doesnt allow you to sleep while you are chasing for them!!
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.