Many Thanks to the following people
Frank Wortner" <frank_at_bondnet.com
John Ferlan <ferlan_at_zk3.dec.com
Who enlightened me that setting the C2 security on in rc.config level (using
rcmgr) and rebooting is not sufficient enough to migrate all my user
account information from BASE to ENHANCED. After running the
/usr/sbin/secsetup to do the conversion, everything goes well.
Attached are the responses and my original question.
From: "Frank Wortner"
Setting the level in rc.config and rebooting is not sufficient to actually
migrate user account information. You should have run /usr/sbin/secsetup to
do the conversion. This program runs convuser and several other programs
for you. If you didn't, then you should probably just run secsetup or, if
you want to run convuser by hand, try
convuser -a
FYI, you were correct to change the SECURITY parameter to ENHANCED in
capital letters. The system security start up script
(/sbin/init.d/security) only looks for the word "ENHNANCED", so it wouldn't
see a lowercase "enhanced."
If I were you, I would just run secsetup and reboot. Doing a backup
beforehand wouldn't be a bad idea.
>From John Ferlan
The '*' in the /etc/passwd file is expected - passwords are now stored in
the /tcb/files/auth.db database. In order to "see" this, use
"/tcb/bin/edauth -g |more". edauth can also take a "parameter" - that being
the specific user. You will "see" the encrypted password in the "u_pwd="
field.
When you ran the 'secsetup' procedure it ran 'convuser' for you, so you do
have to do that...
Original Question:
Hi Managers,
I recently setup my new test server to simulate the upcoming upgrade that
I'll be doing. Simulations includes swapping of server, upgrade from 4.0B to
4.0D, web and Oracle upgrade etc etc.
I've done the following for my new test server:
1. Install 4.0B
2. Create users, groups on command line
3. Turn on C2 security
After turning the C2 security, I checked using the rcmgr but it gives me a
small case "enhanced". I did also checked the /etc/rc.config config but its
the same small case.
I also checked the /etc/passwd but it shows that the password is not
encyrpted?? (*). Now Im confused, I know it shold not be this way but I dont
know what's wrong with the procedure that I've done.
rcmgr set SECURITY ENHANCED
reboot the server
I already upgraded to 4.OD but I dont want to proceed with the next task
till I get your advice.
Im also thinking to use the convuser (though I have'nt tried it before). So,
any advise is highly appreciated.
Thanks,
Jasmine Sanderz
Unix and Oracle Administrator
______________________________________________________
Get Your Private, Free Email at
http://www.hotmail.com
Received on Tue Jul 13 1999 - 15:50:29 NZST