HPE Community
Operating System - HP-UX
1824366 Members
3729 Online
109669 Solutions
New Discussion юеВ

Re: Trusted systems and tsconvert...

 
SOLVED
Go to solution
scott vick
Advisor

тАО10-22-2001 11:28 AM

тАО10-22-2001 11:28 AM

Trusted systems and tsconvert...

I hope someone can help???

I have several 11.00 servers that I inherited all of them running trusted systems. Nobody knows the root password. I unconverted one server using tsconvert ???r, changed the password and then reconverted it using tsconvert. However, it hosed up the passwords for all other users and expired the password I just changed for root when I converted back. I know there are some other options for tsconvert that will allow you to preserve passwords (both when turning ts on and off.) but I can???t find a man page and I can???t find any documentation for the tsconvert command.

Would someone please give me some more info on the tsconvert command.

Thanx,

Scott

(P.S. Please don???t tell me to use SAM to convert. It???s not an option.)
Too ugly to live, too weird to die, too stupid to know the difference.
0 Kudos
Reply
5 REPLIES 5
Sridhar Bhaskarla
Honored Contributor

тАО10-22-2001 12:57 PM

тАО10-22-2001 12:57 PM

Solution

Re: Trusted systems and tsconvert...

Scott,

You need to use SAM to do this for you.... noooo.. just kidding... I am one another SAM hater.

I don't think there is any option with tsconvert to preserve the passwords. But once you tsconvert to convert the system, you can reset the "password reset" option by running
modprpw command.

If I recall correctly, it is -V option that does this trick for you. What I would do is to get a list of all the user-ids (awk '{FS=":";print $1}' /etc/passwd will give a list and you can modify it if you want) and then run modprpw -V on them.

for USER in `cat list`
do
/usr/lbin/modprpw -V $USER
done

Above should help you. I don't well remember this option though as I did it quite sometime back. I don't have a system to test this out.

-Sri
You may be disappointed if you fail, but you are doomed if you don't try
Reply
Roger Baptiste
Honored Contributor

тАО10-22-2001 01:52 PM

тАО10-22-2001 01:52 PM

Re: Trusted systems and tsconvert...

Scott,

If the root password or
user passwords is not known,
what is the need to preserve
it?? If you want to change
the password in the trusted
system to new and are being
prompted for the old password
during the change- you
can edit the tcb files
and remove the entry
corresponding to
u_pwd=

this will reset the password
to empty and then you can
set a password.

The whole thing can be
setup with a script using
sed or awk.

If password change is
your goal, there is no
need to even go with the
convert option.

-raj
Take it easy.
0 Kudos
Reply
Scott Van Kalken
Esteemed Contributor

тАО10-22-2001 03:25 PM

тАО10-22-2001 03:25 PM

Re: Trusted systems and tsconvert...

if editing the auth files directly, which is definitely not recommended you will need to run an authck -a to fix the files up.

Then again, if you don't know the root password, you couldn't do this anyhow.
0 Kudos
Reply
Sridhar Bhaskarla
Honored Contributor

тАО10-22-2001 04:32 PM

тАО10-22-2001 04:32 PM

Re: Trusted systems and tsconvert...

Scott,

try modprpw -V option after converting the sysetm to trusted. It should work. There is no such option directly with tsconvert command.

-Sri
You may be disappointed if you fail, but you are doomed if you don't try
0 Kudos
Reply
scott vick
Advisor

тАО10-23-2001 05:06 AM

тАО10-23-2001 05:06 AM

Re: Trusted systems and tsconvert...

Thank you Sri. The modprpw worked perfectly.
Too ugly to live, too weird to die, too stupid to know the difference.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.