Can't
rewrite protected password entry for user.
Overview
|
Can't rewrite protected password entry for user.
|
Procedures
|
User
reported that ncsora account is not functioning and admin are not able to
refresh as well able to reset the password. It showing lifetime of password
is passed. In syslog “password protected
error can be seen. Normal reset and refresh commands are taking time and not
able to unlock or reset the password.
#cd /tcb/files/auth/n/
#ll ncsora*
-rw-rw-r-- 1 root root 208 Apr 14 10:14 ncsora
-rw-rw-r-- 1 root root 208 Nov 15 23:31 ncsora-t
-rw-rw-r-- 1 root root 221 Apr 21 2013 ncsora.042113
-rw-rw-r-- 1 root root 208 Nov 15 23:29 ncsora.old
# cat ncsora
ncsora:u_name=ncsora:u_id#105:\
:u_pwd=KwVZiMyprnl5szOtwHHB9rxA:\
:u_auditid#21:\
:u_auditflag#1:\
:u_succhg#1380273710:u_unsucchg#1376849372:u_suclog#1384576148:u_unsuclog#1381830416:\
:u_lock@:chkent:
# grep -i ncsora /var/adm/syslog/syslog.log
Apr 13 04:15:26 ebzdbp01 su: Can't rewrite protected password entry for
user ncsora
Apr 13 04:15:26 ebzdbp01 su: + tty?? root-ncsora
Apr 13 04:16:00 ebzdbp01 su: Can't rewrite protected password entry for
user ncsora
Apr 13 04:16:00 ebzdbp01 su: + tty?? root-ncsora
Apr 13 04:17:35 ebzdbp01 su: Can't rewrite protected password entry for
user ncsora
Apr 13 04:17:35 ebzdbp01 su: + tty?? root-ncsora
Apr 13 04:18:02 ebzdbp01 su: Can't rewrite protected password entry for
user ncsora
Apr 13 04:18:02 ebzdbp01 su: + tty?? root-ncsora
Apr 13 04:18:27 ebzdbp01 su: Can't rewrite protected password entry for
user ncsora
# /usr/lbin/getprpw ncsora
uid=105, bootpw=NO, audid=21,
audflg=1, mintm=-1, maxpwln=-1, exptm=-1, lftm=-1, spwchg=Fri Sep 27 05:21:50
2013, upwchg=Sun Aug 18 14:09:32 2013, acctexp=-1, llog=-1, expwarn=-1,
usrpick=DFT, syspnpw=DFT, rstrpw=DFT, nullpw=DFT, admnum=-1, syschpw=DFT,
sysltpw=DFT, timeod=-1, slogint=Fri Nov 15 23:29:08 2013, ulogint=Tue Oct 15
05:46:56 2013, sloginy=-1, culogin=-1, uloginy=-1, umaxlntr=-1, alock=NO,
lockout=1100000
# i=ncsora
# /usr/lbin/modprpw -k -l $i; /usr/lbin/modprpw -v -l $i
Account is not able to get refresh:
# /usr/lbin/getprpw ncsora
uid=105, bootpw=NO, audid=21, audflg=1, mintm=-1, maxpwln=-1, exptm=-1,
lftm=-1, spwchg=Fri Sep 27 05:21:50 2013, upwchg=Sun Aug 18 14:09:32 2013,
acctexp=-1, llog=-1, expwarn=-1, usrpick=DFT, syspnpw=DFT, rstrpw=DFT,
nullpw=DFT, admnum=-1, syschpw=DFT, sysltpw=DFT, timeod=-1, slogint=Fri Nov
15 23:29:08 2013, ulogint=Tue Oct 15 05:46:56 2013, sloginy=-1, culogin=-1,
uloginy=-1, umaxlntr=-1, alock=NO, lockout=1100000
Solution :
It is strange that no big solution work here , like trying to refresh
from SAM, restarting pwrgd etc. Backup file of password file is causing the
issue. By removing it we able to reset the password.
#rm ncsora-t
|
Keywords.
|
Getprpw, modprpw.
|
No comments:
Post a Comment