HPE Community
Operating System - Tru64 Unix
1830218 Members
2106 Online
109999 Solutions
New Discussion

Re: Terninal disabled

 
SOLVED
Go to solution
Alexey Borchev
Regular Advisor

‎05-28-2003 08:09 AM

‎05-28-2003 08:09 AM

Terninal disabled

The problem is - when I am connecting to my system via Telnet, sometimes I am receiving
"Terminal is disabled - see Administrator"
and login is rejected.
If I try to login ones more from the same PC with the same login - it's OK.

If a user complains - I am opening up couple of sessions and then he typically loggin in OK.

It's Tru65 4.0F, AlphaServer 2100, NIS, C2 security.
It Started at Moday, no config changes was made, until Moday it worked fine for years.

I've got enough pty's in /dev
Reboot didn't help. (Typical for Trunix)

It looks like some PTY's is locked.

If there any place where to see what terminals are locked?
Any ideas?
The fire follows shedule...
0 Kudos
2 REPLIES 2
Dave Bechtold
Respected Contributor

‎05-28-2003 08:43 AM

‎05-28-2003 08:43 AM

Re: Terninal disabled

Hello,

Based on the message returned when it fails "Terminal is disabled" and knowing your are using Enhanced (C2) Security, it would appear that occasionally the user's telnet terminal device used on the Tru64 side (tty*) is not enabled in the terminals database for C2. These can be seen using "edauth -dt -g", maybe there are not enough matching entries for the number of terminals on the system. Check to see if you have an /var/adm/sialog file to see which terminal device is disabled when the user has the problem. If you do not have an sialog file, it can be created by touching the file name , # touch /var/adm/sialog , and then re-creating the problem. Then check for that terminal in the terminals database using edauth. The C2 terminals database is a binary file named /etc/auth/system/ttys.db it's modified using edauth command, or you can make changes to the ascii database file /etc/auth/system/ttys using an editor (vi) and run convauth.

FYI... The v4.0F Security Guide is available online.
http://h30097.www3.hp.com/docs/base_doc/DOCUMENTATION/V40F_HTML/AQ0R2ETE/TITLE.HTM

Hope this helps.

Regards,
Dave Bechtold
0 Kudos
Robert Binkley
Advisor

‎05-28-2003 01:39 PM

‎05-28-2003 01:39 PM

Solution

Re: Terninal disabled

Here are the procedure notes we use.

On the Digital machine when someone is unsuccessful at logging in a couple
of times, Digital Unix will disable the terminal.
The user will get a message that says something like

Terminal is disabled contact account administrator.

To fix the problem

cd /etc/auth/system
vi ttys

Search for t_failures

/t_failures

Delete this field from ":" to the next ":"

The user should now be able to login.
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.