HPE Community
Operating System - HP-UX
1833851 Members
2533 Online
110063 Solutions
New Discussion

Root account is disabled

 
Michael Elleby III
Advisor

‎04-27-2001 04:08 AM

‎04-27-2001 04:08 AM

Root account is disabled

What is the proper procedure after booting system into single user mode to correct the root account being disabled issue?

I also would entertain any other suggestions besides taking system into single user mode.

Thanx.
If I can't be part of the Greatest, I just have to be the Greatest myself!
0 Kudos
Reply
5 REPLIES 5
Bill McNAMARA_1
Honored Contributor

‎04-27-2001 04:34 AM

‎04-27-2001 04:34 AM

Re: Root account is disabled

try setting a password
passwd root?

You talking about trusted user systems?

Later,
Bill
It works for me (tm)
0 Kudos
Reply
Stefan Farrelly
Honored Contributor

‎04-27-2001 04:51 AM

‎04-27-2001 04:51 AM

Re: Root account is disabled

The proper procedure to reset roots password or re-enable it is to boot in single user mode. To do this;

1. Reboot
2. from console interrupt the boot when youre asked (you have 10 secs to interrupt autoboot)
3. Boot from primary boot device (boot pri)
4. When asked to interact with IPL answer Y (yes)
5. hpux -is (this will boot to single user mode).
6. once up reset roots password/re-enable it.

Normally on trusted systems root adopts the default number of password attempt and a mandatory expiry date, so perhaps its advisable to modify these security policies for root only to ensure it doesnt happen again, or setup a second account which has root abilities (uid=0) so you can always log in using the other superuser account if needed in an emergency.
Im from Palmerston North, New Zealand, but somehow ended up in London...
0 Kudos
Reply
Jim Moffitt_1
Valued Contributor

‎04-27-2001 04:53 AM

‎04-27-2001 04:53 AM

Re: Root account is disabled

This has worked for me in the past to get into single user, mount a, then run /usr/lbin/tsconvert -r to revert back to an untrusted system. Edit /etc/passwd to remove root's encrypted password, then run passwd to set a new one. Then run /usr/lbin/tsconvert. Reboot.

However, the root account is never locked out on the server's console. If you have access to the console you can log in and re-enable that account. You also may want to give another user restricted sam access so that person could enable root's account. You also might want to consider downloading sudo. It's a good utility. It gives non-root users the right to commands meant for root.

Hope this Helps.

Jim
0 Kudos
Reply
Michael Elleby III
Advisor

‎04-29-2001 10:00 PM

‎04-29-2001 10:00 PM

Re: Root account is disabled

Actually, I am unable to login at the server console. I get the message Account Disabled - See Administrator..

I am going to attempt to boot into single user mode..

If I can't be part of the Greatest, I just have to be the Greatest myself!
0 Kudos
Reply
K.Vijayaragavan.
Respected Contributor

‎04-29-2001 10:45 PM

‎04-29-2001 10:45 PM

Re: Root account is disabled

If your system is already a trusted system don't revert it back for doing this procedure.

login in single usermode by interrupting ISL prompt and select the option of interacting with IPL and
giving "hpux -is" .

edit /tcb/files/auth/r/root file

find the line containing,
:u_pwd=xxxxxxxxxxxxxx:
remove the entries between "=" and ":\" . ie here it is "xxxxxxxxxxxxxx"

Then execute the command " passwd root" and give a new passwd.

reboot the system

after booting if you have CDE login screen , selct command line login option and login as root and change the passwd once again using "passwd root" command.

Now exit and try to login using CDE .

Hope this works successfully.

regards

Vjay
"Let us fine tune our knowledge together"
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.