Login or Register to Ask a Question and Join Our Community


AIX

root password is still invalid after resetting

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems AIX root password is still invalid after resetting
# 8  
Old 06-05-2009
Quote:
Originally Posted by aixlover
Here is the info. Everything looks fine, doesn't it?

[...]
# lsuser root
root id=0 pgrp=system groups=system,bin,sys,security,cron,printq,audit,mqm home=/ shell=/bin/ksh gecos=AIX System Account auditclasses=general login=true su=true rlogin=true daemon=true admin=true sugroups=ALL admgroups= tpath=nosak ttys=ALL expires=0 auth1=SYSTEM auth2=NONE umask=22 registry=files SYSTEM=compat logintimes= loginretries=5 pwdwarntime=14 account_locked=false minage=0 maxage=8 maxexpired=4 minalpha=4 minother=1 mindiff=3 maxrepeats=3 minlen=7 histexpire=26 histsize=5 pwdchecks= dictionlist= fsize=-1 cpu=-1 data=262144 stack=65536 core=2097151 rss=65536 nofiles=2000 time_last_login=1205946435 time_last_unsuccessful_login=1244090425 tty_last_login=/dev/tty0 tty_last_unsuccessful_login=/dev/tty0 host_last_login=s1492a host_last_unsuccessful_login=s1492a unsuccessful_login_count=13 roles=
Not quite. What you see in the lsuser output is what I described under the unlikely but possible problems.
Code:
# chsec -f /etc/security/lastlog -s root -a unsuccessful_login_count=0

For reasons of security I'd disable rlogin for root so that the loginretries can be disabled.
# 9  
Old 06-05-2009
YOU WILL HAVE TO SEE WHAT IS IN
/etc/security/user

AS THIS RESTRICTS THE SYSTEM EVEN MORE
also have a look at
the /etc/security/login.cfg
make sure that Ldap is not configerd on this system
Best is to reinstall AIX as this will then belong to you
# 10  
Old 06-05-2009
Thank you all! I will follow up what you said here this weekend Smilie

By the way, I've created a regular account and tried to "su root" from it, but failed.

This system was a property of a big US company like Home Deport, Sears. I really don't know why they didn't wipe out the hard disks before selling it. Before reinstalling AIX, I want to learn its settings. Make sense?

You are so nice. You all have a great weekend Smilie
# 11  
Old 06-05-2009
Quote:
Originally Posted by aixlover
[...]This system was a property of a big US company like Home Deport, Sears. I really don't know why they didn't wipe out the hard disks before selling it. Before reinstalling AIX, I want to learn its settings. Make sense?[...]
There is not much information to base a judgement on. However, we saw that it was possible that the root account could be locked from remote by anybody entering five times a wrong password. So I am inclined to think that either this is a very basic installation just meant as a giveaway to a complete stranger or if that was the installation for production you can learn from the guy who installed the server what NOT to do.Smilie In either case the chances are that you cannot learn a lot of the advanced stuff from that. If you have installation media that can boot the box you might as well install the server from scratch therefore. This would also be a very basic installation but at least you know that you use the AIX defaults. It is easier to find your way when the starting point is defined.
# 12  
Old 06-08-2009
Not working, still not working.

I don't think user root is supposed to use LDAP. How can I tell?

It should be a simple issue, but we still don't have a solution Smilie

Please help. Thank you Smilie
# 13  
Old 06-08-2009
vi /etc/security/user
Code:
SYSTEM = "compat or LDAP"

or just compat, which stands for local files

just ldap would mean that user can't login if ldap-server is down


this setting can be done global in the default stanza, or per user

root default is compat, and registry=files

root on ldap is strongly not recommended
Login or Register to Ask a Question

Previous Thread | Next Thread

8 More Discussions You Might Find Interesting

1. UNIX for Beginners Questions & Answers

Can a root role change the root password in Solaris 10?

i do not have root on a solairs 10 server , however i do have the root role, i was wondering if I can change the root password as a a role with the passwd command? I have not tried yet. and do i have to use the # chgkey -p afterwards? i need to patch is why i am asking. thanks (1 Reply)
Discussion started by: goya
1 Replies

2. Red Hat

Failed password for invalid user

Dear All , I have created a user named X and gave sudo permissions for it , So that it can access some commands as root. This particular user can login to the server using SSH login through putty any where with in the network. But there is some issue , when the same user is trying from... (4 Replies)
Discussion started by: jegaraman
4 Replies

3. Solaris

Lost Root Password on VXVM Encapsulated Root Disk

Hi All Hope it's okay to post on this sub-forum, couldn't find a better place I've got a 480R running solaris 8 with veritas volume manager managing all filesystems, including an encapsulated root disk (I believe the root disk is encapsulated as one of the root mirror disks has an entry under... (1 Reply)
Discussion started by: sunnyd76
1 Replies

4. Solaris

Solaris 8 - Asks for current root password when trying to change root password.

Hello All, I have several solaris boxes running Solaris 8. When changing root passwords on them, all will simply ask for the new root password to change and of course to re-type the new password. One of the systems however asks for the existing root password before it will display the new password... (8 Replies)
Discussion started by: tferrazz
8 Replies

5. HP-UX

problem in resetting lost root password

I am able to get into single user mode as part of the process of resetting a lost root password, but once I am in that mode, my keyboard no longer works. Any ideas on what's wrong? Without the keyboard, I am stuck. (1 Reply)
Discussion started by: richard46
1 Replies

6. UNIX for Dummies Questions & Answers

I need it to prompt me for a root password, so I don't have to log as root

Hi folks, I'm trying to install a program, and I want to place some of the executables into /usr/bin so that they can be executed from any folder on the computer. I've been giveng the root password, but told never to log in directly as root. Instead, I can wait for a password prompt. However, I... (2 Replies)
Discussion started by: lunchtime
2 Replies

7. Solaris

Resetting forgotten admin password

How do you reset a forgotten administrator password in unix on a Sun Sunblade 100? :mad: (1 Reply)
Discussion started by: mehow
1 Replies

8. Linux

how to access root priveliges if root password is lost

wish to know how to access root password it root password is forgotten in linux (1 Reply)
Discussion started by: wojtyla
1 Replies
Login or Register to Ask a Question