반품
-
제목
Issue resetting passwords on HPUX after upgrade to 2.5.915 -
설명
After installing 2.5.915, password resets fail on HP trusted systems using the "HP-UX" platform.
The "Reset Password" logs show[MM/DD/YY HH:MM:SS] Passwd successfully changed...[MM/DD/YY HH:MM:SS] Password:Error changing password -
원인
2.5.915 included BFER 5193 "For the HP-UX platform, locked accounts will be unlocked during a password change". When the functional account does not have permissions to /usr/lbin/modprpw the password reset works, but TPAM believes it has failed.. -
해결 방안
WORKAROUND 1
Add rights to the functional account to run modprpw.
For example, add the below to the sudoers file
funcacct ALL=(root) NOPASSWD: /usr/lbin/modprpw
WORKAROUND 2
Install Hotfix_8168Hotfix_8168.zipv2.5.904-2.5.915Update HP Trusted Platform to not fail password change when unlock fails.Key:Xpce8w1ockOption/genkeySTATUS
Issue fixed in version 2.5.916. The latest version of TPAM can be downloaded here -
변경 요청
BFER 8168 -
추가 정보
Unlock Locked Accounts For the HP-UX (trsuted) platform, locked accounts will be unlocked by TPAM when making a password change. To unlock an HP-UX account (during a password reset) TPAM has the functional account issue the command /usr/lbin/modprpw. If using delegation prefix the functional account must have permissions to execute the command, otherwise the password reset will fail.