Hi everybody I receive just 3 answers, thanks to Martin Mokrejs, Roy
Gregory and Eric Jon Rostetter, the first two gave me the answer using
the command usermod, anyway I will put all them here for future
reference, first my question:
Hi everybody, I have an AlphaServer with DU 4.0b and C2 installed, and I
need to convert their passwords to BASE security, so I can take the
/etc/passwd and use it in some other machine (for radius purposes) so I
won't need to give the users new passwords.
I am using another alphaserver and I restaured a backup on it so it
looks almos identical to the first one. With things in this way, I run
the /usr/tcb/bin/convuser -b command and the system starts to convert
users, everything works fine, except for some users that appear with the
word Nologin as their password, I checked them with the XIsso utility
and it claims that those users are locked, so I checked it with the
/usr/tcb/bin/edauth command and the only thing I could find faulty of
this is that the users have a lot of unsuccessful logins, always more
than the default, so I raised the default tries, but the accounts are
still blocked.
The problem affects almost 500 users and I don't want to use the XIsso
GUI to unlock their accounts to have a successful passwords conversion,
because this application takes too long, almost 30 seconds for each
user, so I want to know if someone knows a better way to do this
conversion or how to unlock all those accounts with a shell script from
a character terminal.
The answers were:
1) Martin Mokrejs :
> run edauth and insert he followind entry:
>
> :u_lock_at_:
>
> If there's :u_lock:, change it to the above, or siply add it to one of the two
> lines.
>
> You can also decrease the nember of failures field, but it's not necessary I hope.
>
> --------------
> Although, you could do also:
> root_at_prfdec# more /usr/local/sbin/userlock
> #!/bin/sh
> usermod -x administrative_lock_applied=1 $1
> root_at_prfdec# more /usr/local/sbin/userunlock
> #!/bin/sh
> usermod -x administrative_lock_applied=0 $1
> root_at_prfdec#
>
> Bye
> Martin
>
2) Roy Gregory, All you need to do is to generate a script containing
the following
line for each locked user:
usermod -x administrative_lock_applied=0 username
3) Eric Jon ROSTETTER:
We use a package called zuausr from the University of Alaska which
contains many neat command-line c2-capable packages. One is called
user_unlock and can be used to unlock accounts. That's how I would
do this. Don't know how long it would take you to download zuausr,
install it, configure it, etc. though, so don't know if it would really
save any time. But I highly recommend the package anyway.
Again thanks a lot for your help.
Leonardo Mosquera
System Manager
Internet Telecom
Colombia
Received on Mon Sep 28 1998 - 20:34:46 NZST