Changing Password for Newly Created User

mikesung99
mikesung99 used Ask the Experts™
on
Hi,

We've recently inherited a Sparc SOlaris 8 system and we need to create new users on the system. We have root access and we've tried to create the user using the following syntax:-

useradd -d /export/home/testuser -c "TestUser" testme

The User appears to have been created without any issues but then (as the root user) I try to change the password by using:-

passwd testme

but then instead of the expected "New Password:" prompt, I get the "Password:" prompt which suggests that either the user hasn't been created properly or I can't for some reason change the password for the user.

I tried to login as root and then "su - testme" and this is ok but when I try to do passwd inclar again, it's still the same issue.

Anyone have any ideas on what I can check or do to create a user in this case - I tried to use the -p option in useradd but this causes a problem in creating the user. Alternativly, Is there a default password that's assigned when useradd creates the user?

Thanks

Michael
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®

Author

Commented:
Thanks for the links - I've checked them through and specified the User and Group ID and this seemingly lets me create the account. However, when I then try and do passwd for the newly created user I still get the "Password:" prompt instead of the "New Password" prompt.

Does this mean that the account I created isn't recognised by the system (as when I try to do passwd on a non-existent account, I get the same "Password:" prompt being rerturned). As such, how can I check to verify that the account has indeed been created proplerly? I thought that if I could "su - xx" then that means it's been created ok but am I missing somthing?



Thanks

Michael

Commented:
Your account is recognized by the system.
Go on .
Create password (don't bother about new password prompt) and then test it.

Please let me know the result.
OWASP: Threats Fundamentals

Learn the top ten threats that are present in modern web-application development and how to protect your business from them.

Author

Commented:
Sorry I don't quie understand - can you clarify about how I would create the password?

What I've tried so far is passwd testme and I get the following results:-

System(root)# passwd tesme
Password:
passwd: Sorry, wrong passwd
Permission denied

However, I notice that if I try to change the password on a non-existent user (e.g. blahblahblah) I still get the same result (eventhough I would expect that the system will tell me that the user doesn't exist...)

System(root)# passwd blahlahblah
Password:
passwd: Sorry, wrong passwd
Permission denied

Thanks

Michael

Commented:
Try to login to the newly created account using blank password.

After login type passwd on shell.

I think it will help.Also, please let me know the result.
Brian UtterbackPrinciple Software Engineer

Commented:
What naming service are you using? What does the passwd line of the /etc/nsswitch.conf file say? What does the do all the line that begin "passwd" or "other" say in the /etc/pam.conf file? (Actually, just check that the pam.conf file hasn't been changed. If it hasn't then we don't need to see the actual values)  Can you post the relevant lines from the /etc/passwd and /etc/shadow files?

Author

Commented:
I've tried to login to the newly created user with a blank password but that didn't work. I've also tried to change the password by switching users (su - testme) and the running the passwd but this just attempts to change the password for root.

Here's the info from the specific files:-

/etc/nsswitch.conf
       passwd:    files

/etc/pam.conf
        passwd  auth  required /usr/lib/security/$ISA/pam_unix.so.1

/etc/passwd
        testme:x:1010:1::/export/home/testuser:/bin/sh

/etc/shadow
        testme:*LK*:::::::

Since we inherited the system, I'm unsure if the /etc/pam.conf was changed from when Solaris was first installed.

Thanks

Michael



Brian UtterbackPrinciple Software Engineer

Commented:
Okay, this shows that the account does not actually have a passwd assigned, it is locked and thus the only way to login to it
is via the su as root method.

So, to fix this, run these commands:

passwd -d testuser
passwd testuser

Author

Commented:
I've tried the commands but I get the following output:-

System(root)# passwd -d testme
Password:
passwd: Sorry, wrong passwd
Permission denied
System(root)# passwd testme
Password:
passwd: Sorry, wrong passwd
Permission denied

It just seems that passwd always needs a password entered before you can do anything.....

Michael
Principle Software Engineer
Commented:
Okay, I think you have a problem with your pam.conf file. The original pam.conf file that shipped with Solaris 8 FCS did not have a line for passwd in it. Later, it was patched to add a line that looked like this:

passwd  auth required           pam_passwd_auth.so.1


So, you have a passwd line that isn't the same as this one, so you have neither.

Author

Commented:
Thanks for all the info - I'm still not sure what's causing this issue as I've checked on another solaris system where the pam.conf file is exactly the same in terms of the passwd parameter but that system is anle to run passwd without any problems.

I've managed to work around this issue by editing the /etc/shadow file directly and assigning the same encrypted password as for root (the password that I know). I can then log in as the user (testme) and then I can run the passwd to change the password as I now know what the password is.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial