UnixPedia : HPUX / LINUX / SOLARIS: HPUX : Can't rewrite protected password entry for user

Wednesday, April 16, 2014

HPUX : Can't rewrite protected password entry for user



Can't rewrite protected password entry for user.
Overview
Can't rewrite protected password entry for user.
Procedures
User reported that ncsora account is not functioning and admin are not able to refresh as well able to reset the password. It showing lifetime of password is passed.  In syslog “password protected error can be seen. Normal reset and refresh commands are taking time and not able to unlock or reset the password.

#cd /tcb/files/auth/n/
#ll ncsora*
-rw-rw-r--   1 root       root           208 Apr 14 10:14 ncsora
-rw-rw-r--   1 root       root           208 Nov 15 23:31 ncsora-t
-rw-rw-r--   1 root       root           221 Apr 21  2013 ncsora.042113
-rw-rw-r--   1 root       root           208 Nov 15 23:29 ncsora.old
# cat ncsora
ncsora:u_name=ncsora:u_id#105:\
                :u_pwd=KwVZiMyprnl5szOtwHHB9rxA:\
                :u_auditid#21:\
                :u_auditflag#1:\
                :u_succhg#1380273710:u_unsucchg#1376849372:u_suclog#1384576148:u_unsuclog#1381830416:\
                :u_lock@:chkent:
               
# grep -i ncsora /var/adm/syslog/syslog.log  
Apr 13 04:15:26 ebzdbp01 su: Can't rewrite protected password entry for user ncsora
Apr 13 04:15:26 ebzdbp01 su: + tty?? root-ncsora
Apr 13 04:16:00 ebzdbp01 su: Can't rewrite protected password entry for user ncsora
Apr 13 04:16:00 ebzdbp01 su: + tty?? root-ncsora
Apr 13 04:17:35 ebzdbp01 su: Can't rewrite protected password entry for user ncsora
Apr 13 04:17:35 ebzdbp01 su: + tty?? root-ncsora
Apr 13 04:18:02 ebzdbp01 su: Can't rewrite protected password entry for user ncsora
Apr 13 04:18:02 ebzdbp01 su: + tty?? root-ncsora
Apr 13 04:18:27 ebzdbp01 su: Can't rewrite protected password entry for user ncsora


# /usr/lbin/getprpw ncsora
 uid=105, bootpw=NO, audid=21, audflg=1, mintm=-1, maxpwln=-1, exptm=-1, lftm=-1, spwchg=Fri Sep 27 05:21:50 2013, upwchg=Sun Aug 18 14:09:32 2013, acctexp=-1, llog=-1, expwarn=-1, usrpick=DFT, syspnpw=DFT, rstrpw=DFT, nullpw=DFT, admnum=-1, syschpw=DFT, sysltpw=DFT, timeod=-1, slogint=Fri Nov 15 23:29:08 2013, ulogint=Tue Oct 15 05:46:56 2013, sloginy=-1, culogin=-1, uloginy=-1, umaxlntr=-1, alock=NO, lockout=1100000
#  i=ncsora
# /usr/lbin/modprpw -k -l $i; /usr/lbin/modprpw -v -l $i

Account is not able to get refresh:

# /usr/lbin/getprpw ncsora
uid=105, bootpw=NO, audid=21, audflg=1, mintm=-1, maxpwln=-1, exptm=-1, lftm=-1, spwchg=Fri Sep 27 05:21:50 2013, upwchg=Sun Aug 18 14:09:32 2013, acctexp=-1, llog=-1, expwarn=-1, usrpick=DFT, syspnpw=DFT, rstrpw=DFT, nullpw=DFT, admnum=-1, syschpw=DFT, sysltpw=DFT, timeod=-1, slogint=Fri Nov 15 23:29:08 2013, ulogint=Tue Oct 15 05:46:56 2013, sloginy=-1, culogin=-1, uloginy=-1, umaxlntr=-1, alock=NO, lockout=1100000

Solution :
It is strange that no big solution work here , like trying to refresh from SAM, restarting pwrgd etc. Backup file of password file is causing the issue. By removing it we able to reset the password.
#rm ncsora-t
Keywords.
Getprpw, modprpw.

No comments:

Post a Comment