HPE Community
Operating System - HP-UX
1837359 Members
3468 Online
110116 Solutions
New Discussion

trusted system (could not log in)

 
Adrian_99
New Member

‎10-06-2005 12:55 PM

‎10-06-2005 12:55 PM

trusted system (could not log in)


Hello guys,

I have a problem with a B2600(9000) station running HPUX 11.0. After setting trusted system from SAM, I can't log into the station by telnet. The erros is:
HP-UX hpopen B.11.00 U 9000/785 (ta)

login: root
Password:
Login incorrect

Wait for login retry: ..
login:

I had no security file, I have created one, I have it's ok...

bash-2.05b# ls -la
total 20
dr-xr-xr-x 2 bin bin 96 Oct 7 02:57 .
dr-xr-xr-x 26 bin bin 6144 Oct 7 03:36 ..
-r--r--r-- 1 bin bin 11 Mar 2 2003 fs
-rw-rw-rw- 1 bin bin 1259 Oct 7 03:53 security
-r--r--r-- 1 bin bin 67 Feb 5 2002 useradd


bash-2.05b# more security
# Security file: /etc/default/security
# man security

# Features depend on HP-UX rev and patches. Not all features are
# available on older systems.
#
# Comments (#) allowed only on separate line,
# no trailing # following a parameter or it
# will invalidate the setting

# Access controls (11.0 and higher)
#################

NOLOGIN=1
NUMBER_OF_LOGINS_ALLOWED=10
ABORT_LOGIN_ON_MISSING_HOMEDIR=1

# Single user mode authorization (11i and non-trusted only)
###########################################################

# Requires root password to get into single user mode
# BOOT_AUTH=1

# Users (besides root) that can boot into single user mode
# BOOT_USERS=bill,jane,joe

# Password controls - Trusted
###################

MIN_PASSWORD_LENGTH=6
PASSWORD_HISTORY_DEPTH=1
PASSWORD_MIN_UPPER_CASE_CHARS=0
PASSWORD_MIN_LOWER_CASE_CHARS=1
PASSWORD_MIN_DIGIT_CHARS=1
PASSWORD_MIN_SPECIAL_CHARS=0

# Non-Trusted or shadow password setup only:
# defaults: MAXDAYS=-1 MINDAYS=0 WARNDAYS=0

# PASSWORD_MAXDAYS=120
# PASSWORD_MINDAYS=7
# PASSWORD_WARNDAYS=7

# Session controls
##################

SU_ROOT_GROUP=suroot
SU_DEFAULT_PATH=/usr/bin:/usr/contrib/bin:
UMASK=022
# SU_KEEP_ENV_VARS=LD_LIBRARY_PATH,SHLIB_PATH,LD_PRELOAD



Any ideeas???
Thanks,
Adrian
0 Kudos
Reply
2 REPLIES 2
Mel Burslan
Honored Contributor

‎10-06-2005 01:16 PM

‎10-06-2005 01:16 PM

Re: trusted system (could not log in)

Has this system ever used NIS ? Check your /etc/nsswitch.conf and if you see something like

passwd compat

then change it to

passwd files

also make sure the password lengths prior to trusted system conversion was no longer than 8 characters. On the untrusted systems whatever you type after the 8th character on your password gets ignored. But after the conversion, the password gets truncated to the 8 chars limit but system still interprets characters after 8th when you type a longer password, which causes failures.

so, for example, lets say you had a user whose

userid = testuser
password = mypassword

after conversion, you should use

password = mypasswo

to login successfully.


Another good idea to try, in the case sam could not mass change the locked status of userid's:

/usr/lbin/modprpw -V

These are the most commonly encountered problems after trusted system conversion. Check these and post your experiences to get further help if necessary.
________________________________
UNIX because I majored in cryptology...
0 Kudos
Reply
Adrian_99
New Member

‎10-06-2005 01:39 PM

‎10-06-2005 01:39 PM

Re: trusted system (could not log in)

Mel,

It was indeed the NIS.

Thanks,
Adrian
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.