HPE Community
Operating System - HP-UX
1822497 Members
2550 Online
109642 Solutions
New Discussion юеВ

unlock user account

 
SOLVED
Go to solution
Din_1
Frequent Advisor

тАО02-13-2008 12:25 AM

тАО02-13-2008 12:25 AM

unlock user account

Dear All,

How to unlock a user account in a non trusted system through command line ( Not through SAM ). Please help me...

Thanks in advance
Din
0 Kudos
21 REPLIES 21
yulianto piyut
Valued Contributor

тАО02-13-2008 12:47 AM

тАО02-13-2008 12:47 AM

Re: unlock user account

hi din,

you can use command "passwd -l user_id" to lock user account. for example:
#passwd -l yulianto
#logins -ox |grep yuli
yulianto:1004:sysadmin:14:Yulianto ITDC-sysadmin:/home/yulianto:/usr/bin/ksh:LK:000000:-1:-1:-1
#grep yuli /etc/passwd
yulianto:*:1004:14:Yulianto ITDC-sysadmin:/home/yulianto:/usr/bin/ksh

the field of encrypted password will changed to *

-yut-
0 Kudos
Dennis Handly
Acclaimed Contributor

тАО02-13-2008 12:48 AM

тАО02-13-2008 12:48 AM

Re: unlock user account

Well there is vipw(1). Or passwd(1):
passwd -r files [-d|-l] [-f] [-n min] [-w warn] [-x max] name
0 Kudos
Din_1
Frequent Advisor

тАО02-13-2008 01:39 AM

тАО02-13-2008 01:39 AM

Re: unlock user account

Dear all,

Thank you for spending your valuable time to this. I know how to lock the account in non trusted system. But now my question is how to unlcok the account?

Regards,
Din
0 Kudos
Dennis Handly
Acclaimed Contributor

тАО02-13-2008 02:42 AM

тАО02-13-2008 02:42 AM

Re: unlock user account

>But now my question is how to unlock the account?

As I said, you either use vipw(1) or passwd(1).
In particular "passwd -d" will unlock it.
0 Kudos
Robert-Jan Goossens_1
Honored Contributor

тАО02-13-2008 03:42 AM

тАО02-13-2008 03:42 AM

Re: unlock user account

Din,

# usermod -x administrative_lock_applied=0 username
# passwd username

Regards,
Robert-Jan
0 Kudos
yulianto piyut
Valued Contributor

тАО02-13-2008 09:30 PM

тАО02-13-2008 09:30 PM

Re: unlock user account

to unlock:
1. passwd -d username or
2. reset the passwoed user

-yut-
0 Kudos
yulianto piyut
Valued Contributor

тАО02-13-2008 09:30 PM

тАО02-13-2008 09:30 PM

Re: unlock user account

to unlock:
1. passwd -d username or
2. reset the passwoed user:
# passwd username

-yut-
0 Kudos
Din_1
Frequent Advisor

тАО02-13-2008 09:39 PM

тАО02-13-2008 09:39 PM

Re: unlock user account

can't we unlock a user account without resetting the old password or changing the account to null password? My doubt is, the user should be able to login with their own old password.
0 Kudos
Dennis Handly
Acclaimed Contributor

тАО02-13-2008 09:48 PM

тАО02-13-2008 09:48 PM

Re: unlock user account

>can't we unlock a user account without resetting the old password or changing the account to null password?

Unfortunately not with passwd(1). With vipw(1) you just add a "*" to the start to lock, and remove it to unlock.

>the user should be able to login with their own old password.

Unfortunately it doesn't look like it.
0 Kudos
whiteknight
Honored Contributor

тАО02-13-2008 10:01 PM

тАО02-13-2008 10:01 PM

Re: unlock user account

Din,

You can't unlocked user account, with retaining the old password.

#passwd -d

Allow user to login without a password by deleting it.In untrusted mode this unlocks/activates the user account if found locked/deactivated.

WK
Problem never ends, you must know how to fix it
0 Kudos
Din_1
Frequent Advisor

тАО02-13-2008 10:46 PM

тАО02-13-2008 10:46 PM

Re: unlock user account

when i put a * in password field of username in /etc/passwd, it shows login incorrect, when i leave it as empty it's getting logged in without any authentication. So after removing the * in password field, is the user adviced to chane their password with the use of " passwd " command? ( user can no longer user their old password )
0 Kudos
Dennis Handly
Acclaimed Contributor

тАО02-13-2008 11:48 PM

тАО02-13-2008 11:48 PM

Re: unlock user account

>when i put a * in password field of username in /etc/passwd, it shows login incorrect

Insert a "*" before the old password.

>So after removing the * in password field,

You just remove the "*" before the old.
0 Kudos
Din_1
Frequent Advisor

тАО02-14-2008 12:06 AM

тАО02-14-2008 12:06 AM

Re: unlock user account

Assume a windows machine, the account is getting locked when user enters the wrong password upto 3 times. So the Administrator is unlocking the account, and the user now can use his own old password. Is there any way to get this kind of option in HP UX?
0 Kudos
Dennis Handly
Acclaimed Contributor

тАО02-14-2008 12:16 AM

тАО02-14-2008 12:16 AM

Solution

Re: unlock user account

>and the user now can use his own old password. Is there any way to get this kind of option in HP-UX?

It depends on how it is locked. If the whole password (non-trusted) is replaced by a "*", you can't.
0 Kudos
Din_1
Frequent Advisor

тАО02-14-2008 12:23 AM

тАО02-14-2008 12:23 AM

Re: unlock user account

This is what i was expecting for. Mine is a non trusted system. So i dont have any other option than resetting the password or making it as null. So in non trusted systems the only way we can use is, either reset the password or make the password null. Am i right Mr. Handy?
0 Kudos
Dennis Handly
Acclaimed Contributor

тАО02-14-2008 12:39 AM

тАО02-14-2008 12:39 AM

Re: unlock user account

>So in non trusted systems the only way we can use is, either reset the password or make the password null.

It depends on how it is "locked". passwd -l does a destructive lock.

Also from passwd(1): After the lifetime passes, the account is locked ... Once unlocked, the user is forced to change the password before using the account.

So it appears they really want you to change the password after it is locked.
0 Kudos
Din_1
Frequent Advisor

тАО02-14-2008 01:12 AM

тАО02-14-2008 01:12 AM

Re: unlock user account

What kind effect will it have on wrong attempts of password?
0 Kudos
Dennis Handly
Acclaimed Contributor

тАО02-14-2008 01:49 AM

тАО02-14-2008 01:49 AM

Re: unlock user account

>What kind effect will it have on wrong attempts of password?

What "it" are you asking about?
0 Kudos
Din_1
Frequent Advisor

тАО02-14-2008 02:06 AM

тАО02-14-2008 02:06 AM

Re: unlock user account

If password getting locked with the wrong attemps, will entry in /etc/passwd be like this

din::34:14::/home/din:/usr/bin/sh
or
din:*:34:14::/home/din:/usr/bin/sh
or
din:*74_s376!&%:34:14::/home/din:/usr/bin/sh


Thanks
Din
0 Kudos
Dennis Handly
Acclaimed Contributor

тАО02-14-2008 02:21 AM

тАО02-14-2008 02:21 AM

Re: unlock user account

>If password getting locked with the wrong attempts, will entry in /etc/passwd be like this

Sorry, I don't know, you'll have to try it.
(I wasn't aware it would lock unless trusted.)
0 Kudos
Din_1
Frequent Advisor

тАО02-19-2008 02:18 AM

тАО02-19-2008 02:18 AM

Re: unlock user account

Yes, i got solution in my own.

Regards,
Din
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.