HPE GreenLake Administration
- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Trusted system password expring
Operating System - HP-UX
1834185
Members
2373
Online
110064
Solutions
Forums
Categories
Company
Local Language
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Go to solution
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-25-2006 02:15 AM
10-25-2006 02:15 AM
I have a 11iv1 trusted system with a user that the programmers are having problems with. They say that the password expires everyday even though i have password aging disabled. What is the minimal auditing do i need to turn on in order to see what happens? I don't see anything in the auditing events that would give me this info in the logs.
Thanks,
John
universe@/usr/lbin: ./getprpw abatmgr
uid=1851, bootpw=NO, audid=424, audflg=1, mintm=0, maxpwln=-1, exptm=0, lftm=0, spwchg=Tue Oct 24 06:37:47 2006, upwchg=Mon Sep 11 08:40:18 2006, acctexp=-1, llog=-1, expwarn=0, usrpick=DFT, syspnpw=DFT, rstrpw=DFT, nullpw=DFT, admnum=-1, syschpw=DFT, sysltpw=DFT, timeod=-1, slogint=Wed Oct 25 09:09:55 2006, ulogint=Tue Oct 24 21:25:13 2006, sloginy=pts/tai, culogin=-1, uloginy=pts/t1, umaxlntr=-1, alock=NO, lockout=0000000
Thanks,
John
universe@/usr/lbin: ./getprpw abatmgr
uid=1851, bootpw=NO, audid=424, audflg=1, mintm=0, maxpwln=-1, exptm=0, lftm=0, spwchg=Tue Oct 24 06:37:47 2006, upwchg=Mon Sep 11 08:40:18 2006, acctexp=-1, llog=-1, expwarn=0, usrpick=DFT, syspnpw=DFT, rstrpw=DFT, nullpw=DFT, admnum=-1, syschpw=DFT, sysltpw=DFT, timeod=-1, slogint=Wed Oct 25 09:09:55 2006, ulogint=Tue Oct 24 21:25:13 2006, sloginy=pts/tai, culogin=-1, uloginy=pts/t1, umaxlntr=-1, alock=NO, lockout=0000000
Solved! Go to Solution.
5 REPLIES 5
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-25-2006 02:28 AM
10-25-2006 02:28 AM
Solution
Is it really expiring, requiring them to select a new password, or is the account being locked so they can't login at all? Offhand, I would suspect the latter, in which case, you can check the lockout value of the getprpw output to see why the account is locked. From the getprpw man page:
lockout returns the reason for a lockout in a "bit" valued string, where 0 = condition not present, 1 is present. The position, left to right represents:
1 past password lifetime
2 past last login time (inactive account)
3 past absolute account lifetime
4 exceeded unsuccessful login attempts
5 password required and a null password
6 admin lock
7 password is a *
lockout returns the reason for a lockout in a "bit" valued string, where 0 = condition not present, 1 is present. The position, left to right represents:
1 past password lifetime
2 past last login time (inactive account)
3 past absolute account lifetime
4 exceeded unsuccessful login attempts
5 password required and a null password
6 admin lock
7 password is a *
--
Jeff Traigle
Jeff Traigle
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-25-2006 02:45 AM
10-25-2006 02:45 AM
Re: Trusted system password expring
I have the lockout period to be 5 unsucessful attempts. Lastb dosen't show any bad attempts, so i dont believe its that. I think the programmers are screwing with me, i just need to get the minimal amount of auditing turned on to prove otherwise. They say it's expiring, but they haven't sent me a screen shot where it says it expired and to choose a new password. Everytime i check the getprpw, the lockout is always zero's. I guess i can set up a script to check the account every hour and log the output to see what lockout bit is set.
Is there a way to tell what was the last reason for the password change, even though the account isn't currently disabled/expired or locked?
Thanks,
John
Is there a way to tell what was the last reason for the password change, even though the account isn't currently disabled/expired or locked?
Thanks,
John
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-25-2006 03:29 AM
10-25-2006 03:29 AM
Re: Trusted system password expring
The lockout code is a series of 1's and 0's with the position of a 1 indicating the reason for the lockout. I have attached a script which decodes all this and a bunch of other user status details. Mainly, it can verify that the user account is not locked.
As far as the users that are complaining, they need to copy the screen when there is a failure. Another test is: are all users affected, or just a few programmers? Add a dummy user and check the login every day. Just in case, look at .profile for users with a problem. Is there a strange command or sourced file that doesn't appear in root's .profile (possible hacker loose)? Are the programmers using /usr/bin/sh or some other shell?
Bill Hassell, sysadmin
As far as the users that are complaining, they need to copy the screen when there is a failure. Another test is: are all users affected, or just a few programmers? Add a dummy user and check the login every day. Just in case, look at .profile for users with a problem. Is there a strange command or sourced file that doesn't appear in root's .profile (possible hacker loose)? Are the programmers using /usr/bin/sh or some other shell?
Bill Hassell, sysadmin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-25-2006 03:42 AM
10-25-2006 03:42 AM
Re: Trusted system password expring
Thanks for the script! So what im reading is that there is no way to find out when and why an account was previsoully locked if it's already been unlocked. I'll write a script that will check the lockout bits every half hour and to let me know if and when it does.
Thanks for the help,
John
Thanks for the help,
John
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-25-2006 04:38 AM
10-25-2006 04:38 AM
Re: Trusted system password expring
Thanks for the help.
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
Company
Events and news
Customer resources
© Copyright 2025 Hewlett Packard Enterprise Development LP