Solved

Centos5 user locked out

Posted on 2012-03-12
9
331 Views
Last Modified: 2012-03-12
Hey there,

Centos5 noob.  

I have a user who isn't able to log on to the domain.  I reset his password and he still isn't able to login.  I'm assuming that he's been locked out due to a lockout policy.  

How do I reset his user so he's not locked out.  I would need to do it via command line since the GUI users and groups application won't open (it prompts me for root credentials and then just doesn't open).

ANy help will be greatly appreciated.
0
Comment
Question by:ttist25
  • 5
  • 4
9 Comments
 
LVL 31

Accepted Solution

by:
farzanj earned 500 total points
Comment Utility
Use the following command

chage -l

This will show you if it is locked.

Also, you can get the entries of this user in /etc/passwd and /etc/shadow files.  If there is a ! in front of the password hash of this user, you will have to get rid of it.
0
 
LVL 1

Author Comment

by:ttist25
Comment Utility
Thanks Farzanj,

The output for chage -l is as follows:

Last password change: Mar 12, 2012
Password expires: never
Password inactive: never
Account expires: never
Minimum number of days between password change: 0
Maximum number of days between password change: 999999
Number of days warning before password expires: 7

Does this indicate that he's not locked out?
0
 
LVL 31

Expert Comment

by:farzanj
Comment Utility
Run the command
grep "userID" /etc/passwd
grep "userID" /etc/shadow

Just change the userID info but show the rest of it.
0
 
LVL 1

Author Comment

by:ttist25
Comment Utility
/etc/passwd:
myuser:x:503:100:user name:/home/myuser:/bin/bash

/etc/shadow:
myuser:$1$F25D5MBJ$kxpeSQXqsg2bVxtxf84sul:15411:0:99999:7:::

thanks again
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 31

Expert Comment

by:farzanj
Comment Utility
It looks fine.

Now here is how I would troubleshoot it.

1.  As root, try to su - to this user.

#whoami
root
#su - myuser
whoami
myuser

Successful?

2.  Open another console and try to log on directly to this user without using root.
Successful?

If not, change the password hash in /etc/shadow file.
I generated hash for password "password"

# grub-md5-crypt
Password:
Retype password:
$1$75nSY0$khv7ghFoAEHjIOtztHbqv0

myuser:$1$75nSY0$khv7ghFoAEHjIOtztHbqv0:15411:0:99999:7:::

And try to log on.  Success?

3.  Is the user trying to log on remotely?  Using ssh?  He may be restricted in ssh.

4.  Are you by any chance using LDAP for user authentication?
0
 
LVL 1

Author Comment

by:ttist25
Comment Utility
I am able to su to myuser and also to ssh as myuser without trouble.

The user is trying to log on to the samba domain from a windows7 pro computer.  He has done this successfully (as have other users) without issue for over a year.  The win box went down over the weekend for an automatic update and he's not been able to login since.  

I had him verify that he's loging in as domain\myuser but still no joy.  

Any other ideas?
0
 
LVL 31

Expert Comment

by:farzanj
Comment Utility
Oh, then it is a totally different issue.  It is related to Samba now.  On windows side he lost something.  You will have to check the windows part.
0
 
LVL 1

Author Closing Comment

by:ttist25
Comment Utility
Thanks again.
0
 
LVL 31

Expert Comment

by:farzanj
Comment Utility
Good luck.
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Suggested Solutions

Daily system administration tasks often require administrators to connect remote systems. But allowing these remote systems to accept passwords makes these systems vulnerable to the risk of brute-force password guessing attacks. Furthermore there ar…
This is the error message I got (CODE) Error caused by incompatible libmp3lame 3.98-2 with ffmpeg I've googled this error message and found out sometimes it attaches this note "can be treated with downgrade libmp3lame to version 3.97 or 3.98" …
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now