戻る
-
タイトル
Issue resetting passwords on HPUX after upgrade to 2.5.915 -
説明
After installing 2.5.915, password resets fail on HP trusted systems using the "HP-UX" platform.
The "Reset Password" logs show[MM/DD/YY HH:MM:SS] Passwd successfully changed...[MM/DD/YY HH:MM:SS] Password:Error changing password -
原因
2.5.915 included BFER 5193 "For the HP-UX platform, locked accounts will be unlocked during a password change". When the functional account does not have permissions to /usr/lbin/modprpw the password reset works, but TPAM believes it has failed.. -
対策
WORKAROUND 1
Add rights to the functional account to run modprpw.
For example, add the below to the sudoers file
funcacct ALL=(root) NOPASSWD: /usr/lbin/modprpw
WORKAROUND 2
Install Hotfix_8168Hotfix_8168.zipv2.5.904-2.5.915Update HP Trusted Platform to not fail password change when unlock fails.Key:Xpce8w1ockOption/genkeySTATUS
Issue fixed in version 2.5.916. The latest version of TPAM can be downloaded here -
変更要求
BFER 8168 -
追加情報
Unlock Locked Accounts For the HP-UX (trsuted) platform, locked accounts will be unlocked by TPAM when making a password change. To unlock an HP-UX account (during a password reset) TPAM has the functional account issue the command /usr/lbin/modprpw. If using delegation prefix the functional account must have permissions to execute the command, otherwise the password reset will fail.