HPE Community
Operating System - HP-UX
1819722 Members
3348 Online
109606 Solutions
New Discussion юеВ

Re: /etc/passwd file migration

 
SOLVED
Go to solution
Ted Mims
Occasional Advisor

тАО06-04-2004 07:46 AM

тАО06-04-2004 07:46 AM

/etc/passwd file migration

I am merging /etc/passwd from a D270 10.20 box to a N4000 11i box. I "cat tmppasswd.txt >> passwd. When I try to log in using the accounts that were imported, it says login incorrect. Is there a different procedure I should use for it to bring the encrypted passwords in appropriately?
0 Kudos
Reply
9 REPLIES 9
Michael Schulte zur Sur
Honored Contributor

тАО06-04-2004 07:49 AM

тАО06-04-2004 07:49 AM

Re: /etc/passwd file migration

Hi,

use vipw and save the file. The passwords should be reencrypted and then try to login.

hth,

Michael
0 Kudos
Reply
Sridhar Bhaskarla
Honored Contributor

тАО06-04-2004 07:58 AM

тАО06-04-2004 07:58 AM

Solution

Re: /etc/passwd file migration

Hi,

Actually it should have worked unless the old system was trusted where the encrypted passwords would be stored under /tcb/files/auth directory. You will need to copy those files too.

One more thing to check is to make sure there are no duplicate entries for logins. To verify try

#pwck
#grpck

and note the errors.

-Sri
You may be disappointed if you fail, but you are doomed if you don't try
Reply
Ted Mims
Occasional Advisor

тАО06-04-2004 07:59 AM

тАО06-04-2004 07:59 AM

Re: /etc/passwd file migration

does 10.20 and 11i use different encryption methods? The passwd file on 10.20 has "*" in the passwd field while 11x has a string of characters. Would this be my problem?
0 Kudos
Reply
curt larson_1
Honored Contributor

тАО06-04-2004 08:00 AM

тАО06-04-2004 08:00 AM

Re: /etc/passwd file migration

also if you have duplicate user id, the system will always use the password for the first entry it finds
0 Kudos
Reply
Sridhar Bhaskarla
Honored Contributor

тАО06-04-2004 08:01 AM

тАО06-04-2004 08:01 AM

Re: /etc/passwd file migration

Hi Ted,

Yes. It looks like 10.20 was a trusted system. You would need to untrust it to get back the encrypted passwords into /etc/passwd file. Take a copy of /tcb directory on it and then run

#/usr/lbin/tsconvert -r

Now capture the password entries for all the users that you want to migrate and then append them to your new system.

-Sri
You may be disappointed if you fail, but you are doomed if you don't try
Reply
Bharat Katkar
Honored Contributor

тАО06-04-2004 08:02 AM

тАО06-04-2004 08:02 AM

Re: /etc/passwd file migration

Ted,
Your old system is trusted. Go ahead as suggested by Shridhar.
Regards,
You need to know a lot to actually know how little you know
0 Kudos
Reply
Jeff_Traigle
Honored Contributor

тАО06-04-2004 08:05 AM

тАО06-04-2004 08:05 AM

Re: /etc/passwd file migration

Is that something specific to 11i? I just finished a project that included merging password files from 10.01, 10.20, or 11.00 systems to 11.00 and had no such problems. All I did to merge them was pull the system accounts from the new 11.00 file and pull the user account entries from the other file using awk.
--
Jeff Traigle
0 Kudos
Reply
Jeff_Traigle
Honored Contributor

тАО06-04-2004 08:12 AM

тАО06-04-2004 08:12 AM

Re: /etc/passwd file migration

Ah... I don't type quickly enough. :)

Just so you understand, Ted (and anyone else who might not realize it)... When a system is converted to a trusted system, the encrypted password field in /etc/passwd is "locked" with the *... trusted authentication doesn't use the entry, but, when moved to a non-trusted system, this will never allow a login. It's a common method of disabling accounts and is the method utilized by HP for some of the system accounts that are locked by default.
--
Jeff Traigle
Reply
Ted Mims
Occasional Advisor

тАО06-04-2004 08:14 AM

тАО06-04-2004 08:14 AM

Re: /etc/passwd file migration

thanks to everyone who replied. Because I had already done a lot of work on the merge file (3 days of work) and did not want to convert and do it again. Instead, I took the earlier suggestion to copy the tcb directory over to the new system. That did the trick. Thanks again.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.