Essence of the original problem:
> I created a new account using useradd and usermod. The entry for this
> account in /etc/password is consistent with all the other (working)
> accounts. I set the password with passwd. I tried to log in; no joy. I
> did a usermod -x administrative_lock_applied=0; that didn't have any
> effect.
>
> What more do I need to do to enable this account (from the command
> line)? And also, is there a way to tell from the command line whether
> or not an account is disabled?
/tcb/bin/edauth is the magic tool. It can list and edit the authcap
database that comes along with Enhanced Security.
I got several pointers stating that a value of :u_lock: meant the
account
was disabled and :u_lock_at_: meant is was enabled.
Well, I suspect my problem was that neither of these was in the record
for my new user! So I compared a known working user against my new
user and added :u_lock_at_: in the appropriate position. I also had to
decrement the u_numunsuclog field down to something reasonable
(from 8 to 1). Then I was able to login.
This behavior could correspond to one tidbit I received from Toni
Harbaugh-Blackford <harbaugh_at_ncifcrf.gov>:
> What version of DU4.0 are you running? This is actually a bug that
> has been fixed as of 4.0D PK2.
> You can stop this from happening - *without* installing the patch kit.
> Immediately after changing the password for the user, run edauth and
> remove the 'u_pwchanger' field.
I didn't do what Toni said, but noticed that once I was able to login,
the u_pwchanger field was removed from the user's record. So, this
could be a known bug.
A great, big THANKS (in no particular order) to:
Andrew Busch <a.busch_at_qut.edu.au>
Rober Mulley <robert_at_gnsconsulting.com.au>
Marie-Claude Vialatte <mc.vialatte_at_cust.univ-bpclermont.fr>
Toni Harbaugh-Blackford <harbaugh_at_ncifcrf.gov>
Piotr Bienias <bienias_at_ae.katowice.pl>
Gordon Lawson <gordon.lawson_at_uk.akzonobel.com>
Regards,
Jon
--
Jon Wright
Unified Information, Inc.
voice: 425-814-4019
fax: 425-814-4001
mailto:jon.wright_at_ui.com
Received on Fri Jul 02 1999 - 16:29:10 NZST