• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1312
  • Last Modified:

invalid password and stanza

when running this command /usr/bin/pwdck -n ALL I receive this output
3001-402  The user "username" has an invalid password field in /etc/passwd.
3001-414  The stanza for "username" was not found in /etc/security/passwd.
....

I have two questions:
1) What does invalid password mean?
2) What is a stanza and what is the risk of not having a stanza?

Thanks!
0
ralmada
Asked:
ralmada
  • 2
1 Solution
 
woolmilkporcCommented:
Hi,
first of all, this error is not critical!
Invalid password means that the user's password field in /etc/passwd indicates the presence of a password in /etc/security/users, but none is found there, or that the password doesn't adhere to your password rules.
This correlates to your second error. A stanza can be missing if the user was added to /etc/passwd by using an editor and not 'useradd' or 'smitty' and /etc/security/passwd was not changed, too, or if a migration tool was used (perhaps with wrong/missing parameters).
How important is the password of 'username'? If it's tolerable for you to reset it (or have the user reset it), simply use
pwdck -y [username]
This will report the error but fix it as well, by adding a stanza to /etc/security/passwd and resetting the password.
Subsequently it's only necessary for you or the concerned user to set a new password.
If you can do it as root on your own, simply enter
passwd [username]
enter the new password twice and enter
pwdadm -c [username]
which will avoid the requirement to change the password at next login.
If the user needs to get involved, set the password using 'passwd' as said above, but don't run 'pwdadm'. Give the new password to the user and ask them  to login to the system. The  user will then be prompted for a new password. He will have to enter the password he got from you and the new password twice.
That's all!
wmp
0
 
woolmilkporcCommented:
... what is a stanza?
A stanza is kind of a label in a textfile, indicating the begin of a parameter block.
It often takes the form

name1:
       parameter1
       parameter2
       parametern
name2:
       parameter1
       parameter2
       parametern
....
 where 'name...' is called the stanza.
Look at /etc/security/passwd or at /etc/filesystems and you will see!
0
 
ralmadaAuthor Commented:
Very detailed explanation. Thanks!
0

Featured Post

[Webinar] Kill tickets & tabs using PowerShell

Are you tired of cycling through the same browser tabs everyday to close the same repetitive tickets? In this webinar JumpCloud will show how you can leverage RESTful APIs to build your own PowerShell modules to kill tickets & tabs using the PowerShell command Invoke-RestMethod.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now