SUMMARY: "Un-retiring" Retired C2 Accounts from Rebecca Olsen on 2001-02-28 (tru64-unix-managers)

From: Rebecca Olsen <rolsen_at_solucient.com>
Date: Tue, 27 Feb 2001 16:01:12 -0800

Thanks very much to Michael Bucholtz, Ann Majeske, Pat O'Brien, and Hoai
Tran!

We were successful in our mission using Michael's VERY helpful procedure
below. Our only issue was that "edauth accountname" kept giving us the
following:

        "/tmp/edaaaryBa" 4 lines, 313 characters
        :

instead of giving us something to clearly edit, such as what you would see
with an "edauth -g accountname".

The man page for edauth not so clearly explains that one could then edit
this temp file, but we couldn't immediately figure out how. So, due to a
time crunch...my co-worker set up a perl script to get around it:

[start script]
#!/usr/local/bin/perl

$edauth = '/usr/tcb/bin/edauth';
$USERNAME = $ARGV[0] ;

open(FROMEDAUTH, "$edauth -g $USERNAME |") || die "Failed to run edauth -g:
$!"
;
        open(TOEDAUTH, "| $edauth -s") || die "Failed to run edauth -s: $!"
;

        while(<FROMEDAUTH>)
        {
        print "$_ ";
        s/:u_retired//; #

        print TOEDAUTH $_;
        }

close(TOEDAUTH);
close(FROMEDAUTH);

open(FROMEDAUTH, "$edauth -g $USERNAME |") || die "Failed to run edauth -g:
$!"
;
        while(<FROMEDAUTH>)
        {
        print $_;
        }
close(FROMEDAUTH);
[end script]
-------------
Thanks all,

Rebecca Olsen
Systems Administrator
Solucient LLC
rolsen_at_solucient.com

-----Original Message-----
From: Michael Bucholtz [mailto:mbucholtz_at_ceiss.org]
Sent: Tuesday, February 27, 2001 1:01 PM
To: 'Rebecca Olsen'
Subject: RE: "Un-retiring" Retired C2 Accounts

Hiya,

You can use edauth to do this:

login or su as root
cd /usr/tcb/bin
./edauth accountname
Look for the line that has :u_retired
remove the part :u_retired
save the record
edit the passwd file to remove 'Retired' from the accountname entry
re-create the user's home directory (cp the /usr/skel directory so there is
a .profile, .login etc); or restore the user's old home directory
make sure permissions are OK on the users' home directory
assign a new password
test by logging in.

Hope this helps
Michael

> -----Original Message-----
> From: Rebecca Olsen [mailto:rolsen_at_solucient.com]
> Sent: Tuesday, February 27, 2001 11:46 AM
> To: Tru64-Unix-Managers (E-mail)
> Subject: "Un-retiring" Retired C2 Accounts
>
>
> Once a C2 security account has been retired, is there a way
> to unretire it?
>
Received on Wed Feb 28 2001 - 00:02:23 NZDT

This archive was generated by hypermail 2.4.0 : Wed Nov 08 2023 - 11:53:41 NZDT