HPE Community
Operating System - HP-UX
1835018 Members
2753 Online
110073 Solutions
New Discussion

Re: trusteding a system without forcing a password

 
John Carr_2
Honored Contributor

‎12-19-2003 02:03 AM

‎12-19-2003 02:03 AM

trusteding a system without forcing a password

I have today trusted a system succesfully using SAM and no users including root was requested to change there password after.

I have trusted another server using SAM both patched the same both same o/s. This time when i tried to test root it tried to force password change.

I ran modprpw -V from an open session and tried again but still it wanted to force change of password.

I have had to untrust this for now and this is all very hard as these are production servers without backup systems ...

any ideas :-( John.
0 Kudos
Reply
7 REPLIES 7
Helen French
Honored Contributor

‎12-19-2003 02:08 AM

‎12-19-2003 02:08 AM

Re: trusteding a system without forcing a password

One thing to remember is the passwd length. Is that more than 8 characters in the second system? The default maximum password length on a trusted system is 8. If that's the case, give only your first 8 characters.
Life is a promise, fulfill it!
0 Kudos
Reply
John Carr_2
Honored Contributor

‎12-19-2003 02:13 AM

‎12-19-2003 02:13 AM

Re: trusteding a system without forcing a password

Shiju

I already changed all root passwords to 8 characters because of the risk oof this

:-) John.
0 Kudos
Reply
RAC_1
Honored Contributor

‎12-19-2003 02:14 AM

‎12-19-2003 02:14 AM

Re: trusteding a system without forcing a password

If my memory serves me right modprpw -V updates the last successful login time to that of current time.
After executing modprpw -V, can you check that(spwchg flag)is updated or not? (with getprpw -m spwchg useR_name"
There is no substitute to HARDWORK
0 Kudos
Reply
John Carr_2
Honored Contributor

‎12-19-2003 02:17 AM

‎12-19-2003 02:17 AM

Re: trusteding a system without forcing a password

RAC

getprpw only works on trusted systems this one I had to untrust straight away as it would have stopped production so unfortunatly I cant do this.

John.
0 Kudos
Reply
Helen French
Honored Contributor

‎12-19-2003 02:22 AM

‎12-19-2003 02:22 AM

Re: trusteding a system without forcing a password

Did you by any chance, 'null' the password of root from SAM option? If yes, it will ask for the new password on the login time. Also, check the password restriction of root login.

Just some thoughts...
Life is a promise, fulfill it!
0 Kudos
Reply
RAC_1
Honored Contributor

‎12-19-2003 02:23 AM

‎12-19-2003 02:23 AM

Re: trusteding a system without forcing a password

How abt a workaround?

Just after you convert to trusted mode, using modprpw to update last successfull login time?

This will avoid password expiry.

But you need to check why modprpw -V is not taking care of that.

My 2 cents.
There is no substitute to HARDWORK
0 Kudos
Reply
John Carr_2
Honored Contributor

‎12-19-2003 02:26 AM

‎12-19-2003 02:26 AM

Re: trusteding a system without forcing a password

Shiju

no i definetly did not do that.

RAC

I did run modprpw -V and it made no difference.

John.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.