Missing Secure-RPC password

Posted on 2006-03-30
Last Modified: 2013-12-27

I had a user who forgot a password.  After changing it, when you log in with
that username, you get a message saying "Password does not decrypt secret key "

When you try to change the key with chkey -p, it asks for the old Secure-RPC password,
which of course no one knows.

Now, I think I can just use "nisclient -c -o username" and enter in the new password,
but I wanted to get a second opinion before I went off and did this.
Question by:Patrick_Baldwin
    LVL 38

    Expert Comment

    After login, the user must run keylogin to get their credentials.

    man keylogin
    to learn more details.

    If you still have problem, please let use know if you are using NIS or NIS+.

    Author Comment

    keylogin also requires the old password- the problem is that the user forgot
    said old password, which is why I'm changing it.

    As far as I can tell, we're using NIS+
    LVL 38

    Accepted Solution

    If you don't know the user's password, you need to login as root to the NIS+ master server and change the user's password, here's the procedure:
    (please remember to replace "user_name" with the read login name of the user
    $USRID with the UID of the user)

    1) reset the passwd
       nispasswd user_name
    2) update NIS+  credentials
        nisaddcred -r user_name.`domainname` `domainname`

        nisaddcred -p unix.${USRID}@`domainname` -P user_name.`domainname`. des

         nisaddcred -p ${USRID} -P user_name.`domainname`. local

         man  nisaddcred
         to learn more details

    3) type in:
        man nisping
        to learn more deatils.

    4) wait for a few minutes (it depends on your network), the user should have no
        problem to login to the nis+ clients.
       Also have a look at the NIS+ FAQ:
       keep a copy handy, it can help you for most of your NIS+ problem.


    LVL 7

    Expert Comment

    No comment has been added to this question in more than 21 days, so it is now classified as abandoned.
    I will leave the following recommendation for this question in the Cleanup topic area:

    Accept: yuzh

    Any objections should be posted here in the next 4 days. After that time, the question will be closed.

    EE Cleanup Volunteer
    LVL 38

    Expert Comment

    For NIS+ the correct answer is http:#16388055

    Featured Post

    Threat Intelligence Starter Resources

    Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

    Join & Write a Comment

    When you do backups in the Solaris Operating System, the file system must be inactive. Otherwise, the output may be inconsistent. A file system is inactive when it's unmounted or it's write-locked by the operating system. Although the fssnap utility…
    Installing FreeBSD… FreeBSD is a darling of an operating system. The stability and usability make it a clear choice for servers and desktops (for the cunning). Savvy?  The Ports collection makes available every popular FOSS application and packag…
    Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
    Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:

    755 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    20 Experts available now in Live!

    Get 1:1 Help Now