PS.如果連root 都被鎖住, 須從console線連過去.進入single user mode (CALL HP 工程師 SUPPORT)
HP UX 11.23 解鎖的方法(密碼嘗試錯誤被鎖住)
/usr/lbin/modprpw -k root
HP UX 11.31 解鎖的方法
userdbset -d -u root auth_failures
P.S.
如果系統已經是trusted system , 則無法用userdbset 指令
需先disable trusted system:
To unconvert the trusted system with the following command:
# /usr/lbin/tsconvert –r
To convert the system into trusted system the command is :
# /usr/lbin/tsconvert
---
以下為可能遇到的問題
Case 1 (policy 限制 幾天內無法再修改密碼 )
$ passwd
Changing password for oracle
Old password:
$ passwd
Changing password for oracle
Old password:
Last successful password change for oracle: Mon Jul 23 14:16:30 2012
Last unsuccessful password change for oracle: Thu Jul 26 11:20:55 2012
Password cannot be changed. Reason: minimum time between password changes.
$
Sol ==>
# /usr/lbin/getprpw -l oracle
uid=105, bootpw=NO, audid=15, audflg=1, mintm=-1, maxpwln=-1, exptm=-1, lftm=-1,
spwchg=Mon Jul 23 14:16:30 2012, upwchg=Thu Jul 26 11:20:55 2012, acctexp=-1, l
log=-1, expwarn=-1, usrpick=DFT, syspnpw=DFT, rstrpw=DFT, nullpw=DFT, admnum=-1,
syschpw=DFT, sysltpw=DFT, timeod=-1, slogint=Thu Jul 26 11:20:49 2012, ulogint=
Thu Jul 26 11:20:25 2012, sloginy=pts/tc, culogin=-1, uloginy=pts/tc, umaxlntr=-
1, alock=NO, lockout=0000000
/usr/lbin/modprpw -m mintm=0 oracle
以passwd 改完oracle密碼後再改回:
/usr/lbin/modprpw -m mintm=-1 oracle
Verify: # /usr/lbin/getprpw -l oracle
uid=105, bootpw=NO, audid=15, audflg=1, mintm=0, maxpwln=-1, exptm=-1, lftm=-1,
spwchg=Thu Jul 26 11:30:08 2012, upwchg=Thu Jul 26 11:28:46 2012, acctexp=-1, ll
og=-1, expwarn=-1, usrpick=DFT, syspnpw=DFT, rstrpw=DFT, nullpw=DFT, admnum=-1,
syschpw=DFT, sysltpw=DFT, timeod=-1, slogint=Thu Jul 26 11:20:49 2012, ulogint=T
hu Jul 26 11:20:25 2012, sloginy=pts/tc, culogin=-1, uloginy=pts/tc, umaxlntr=-1
, alock=NO, lockout=0000000
Case 2 : 修改最大失敗retry password 次數
# umaxlntr maximum unsuccessful login tries
/usr/lbin/getprpw -m umaxlntr -l root
/usr/lbin/modprpw -m umaxlntr=-1 root
/usr/lbin/getprpw -m umaxlntr -l root
Ref:
http://h20000.www2.hp.com/bc/docs/support/SupportManual/c02254042/c02254042.pdf
P.S.
如果系統已經是trusted system , 則無法用userdbset 指令
需先disable trusted system:
To unconvert the trusted system with the following command:
# /usr/lbin/tsconvert –r
To convert the system into trusted system the command is :
# /usr/lbin/tsconvert
---
以下為可能遇到的問題
Case 1 (policy 限制 幾天內無法再修改密碼 )
$ passwd
Changing password for oracle
Old password:
$ passwd
Changing password for oracle
Old password:
Last successful password change for oracle: Mon Jul 23 14:16:30 2012
Last unsuccessful password change for oracle: Thu Jul 26 11:20:55 2012
Password cannot be changed. Reason: minimum time between password changes.
$
Sol ==>
# /usr/lbin/getprpw -l oracle
uid=105, bootpw=NO, audid=15, audflg=1, mintm=-1, maxpwln=-1, exptm=-1, lftm=-1,
spwchg=Mon Jul 23 14:16:30 2012, upwchg=Thu Jul 26 11:20:55 2012, acctexp=-1, l
log=-1, expwarn=-1, usrpick=DFT, syspnpw=DFT, rstrpw=DFT, nullpw=DFT, admnum=-1,
syschpw=DFT, sysltpw=DFT, timeod=-1, slogint=Thu Jul 26 11:20:49 2012, ulogint=
Thu Jul 26 11:20:25 2012, sloginy=pts/tc, culogin=-1, uloginy=pts/tc, umaxlntr=-
1, alock=NO, lockout=0000000
/usr/lbin/modprpw -m mintm=0 oracle
以passwd 改完oracle密碼後再改回:
/usr/lbin/modprpw -m mintm=-1 oracle
Verify: # /usr/lbin/getprpw -l oracle
uid=105, bootpw=NO, audid=15, audflg=1, mintm=0, maxpwln=-1, exptm=-1, lftm=-1,
spwchg=Thu Jul 26 11:30:08 2012, upwchg=Thu Jul 26 11:28:46 2012, acctexp=-1, ll
og=-1, expwarn=-1, usrpick=DFT, syspnpw=DFT, rstrpw=DFT, nullpw=DFT, admnum=-1,
syschpw=DFT, sysltpw=DFT, timeod=-1, slogint=Thu Jul 26 11:20:49 2012, ulogint=T
hu Jul 26 11:20:25 2012, sloginy=pts/tc, culogin=-1, uloginy=pts/tc, umaxlntr=-1
, alock=NO, lockout=0000000
Case 2 : 修改最大失敗retry password 次數
# umaxlntr maximum unsuccessful login tries
/usr/lbin/getprpw -m umaxlntr -l root
/usr/lbin/modprpw -m umaxlntr=-1 root
/usr/lbin/getprpw -m umaxlntr -l root
Ref:
http://h20000.www2.hp.com/bc/docs/support/SupportManual/c02254042/c02254042.pdf
沒有留言:
張貼留言