Tag: etrust

Stopping and Starting eTrust Access Control

To stop eTrust Access Control, use secons -s

root@solaris:/ # /usr/seos/bin/secons -s
eTrust secons v5.30 (5.30) – Console Utility
Copyright 2003 Computer Associates International, Inc.
eTrust is now DOWN !!!

To start it, use seload

root@solaris:/ # /usr/seos/bin/seload
eTrust seload v5.30 (5.30) – Loader Utility
Copyright 2003 Computer Associates International, Inc.
eTrust kernel extension is already loaded.
Starting eTrust daemon. (/usr/seos/bin/seosd)
18 Jul 2010 11:59:48> WAKE_UP : Server going up
18 Jul 2010 11:59:48> INFO : Filter Mask: ‘WATCHDOG*’ is registered
18 Jul 2010 11:59:48> INFO : Filter Mask: ‘INFO : Setting PV*’ is registered
18 Jul 2010 11:59:48> INFO : Filter Mask: ‘INFO : DB*’ is registered
18 Jul 2010 11:59:48> INFO : Filter Mask: ‘*seosd.trace*’ is registered
18 Jul 2010 11:59:48> INFO : Filter Mask: ‘*FILE*secons*(*/log/*)*’ is registered
Starting seosd. PID = 8115.
Starting seagent. PID = 8117
Starting seoswd. PID = 8137
seagent: Loading database image…
Executing [daemons] command: /usr/seos/bin/serevu
seagent: Initialization phase completed
Starting serevu. PID = 8141
serevu: Multiple instances of serevu are not allowed.

CA eTrust – Users cannot set their own password via selang

I logged in the server with my user and I became root using su

emerson@solaris:~ $ su –
Password:

I was trying to reset my password but it was giving the error message “Users cannot set their own password via selang”

root@solaris:/ # /usr/seos/bin/selang -c “cu emerson pwasown(changeme) unix”
CA Access Control selang v12.0.1.1262 – CA Access Control command line interpreter
Copyright (c) 2008 CA. All rights reserved.

(localhost)
ERROR: Operation not allowed
ERROR: Users cannot set their own password via selang
(localhost)
Unix :
======
ERROR: Operation not allowed
ERROR: Users cannot set their own password via selang

If you login with the user and try to replace the user’s password it will give this error. You need to login with another user to run the command above.

CA Access Control sepass error message: Password was changed recently, cannot be changed again at this time

When you try to change the password of a user that recently changed its password and the server has the CA Access Control, the change will be denied.

root@solaris:/ # passwd username
CA Access Control sepass v12.0.1.1262 – Password replacement
Copyright (c) 2008 CA. All rights reserved.
Password was changed recently, cannot be changed again at this time.

To force the password change, type the command and change <username> and <password>to the values appropriate to your case

root@solaris:/ # /usr/seos/bin/selang -c “cu <username> pwasown (<password>)”
CA Access Control selang v12.0.1.1262 – CA Access Control command line interpreter
Copyright (c) 2008 CA. All rights reserved.

(localhost)
Successfully updated USER <username>
(localhost)
Native:
===
Successfully updated USER <username>

Login denied by eTrust Security solutions : User Inactivity Time

When you receive the error message “Login denied by eTrust Security solutions : User Inactivity Time”, you need to reenable the user with the senable command

emerson@192.168.1.50’s password:
Login denied by eTrust Security solutions : User Inactivity Time
Connection to 192.168.1.50 closed.

root@solariswithetrust:/ # /usr/seos/bin/senable emerson
senable: user emerson was not revoked by local serevu.
senable: Checking if user emerson is disabled on localhost in UNIX.
senable: User emerson already enabled.
senable: Checking if user emerson is disabled on localhost in eTrust database.
senable: User emerson is already resumed in eTrust.
(localhost)
Successfully connected
INFO: Target host’s version is 5.10b (5.14)
Unix OS info: solariswithetrust SunOS 5.8 11 Feb 2010 14:58:42 BRST
(localhost)
Successfully updated USER emerson

(localhost)
Successfully connected
INFO: Target host’s version is 5.10b (5.14)
Unix OS info: solariswithetrust SunOS 5.8 11 Feb 2010 14:58:43 BRST
(localhost)
Unix :
======
Successfully updated USER emerson

User emerson enabled on localhost.
emersoneTrust sepass v5.10b (5.10) – password replacement
Portions of this product Copyright (c) 1999-2001 Computer Associates International, Inc.
Portions of this product Copyright (c) 1995-2001 Memco Software Ltd., a CA company. All rights reserved.

Changing password for emerson
Enter yours or emerson’s password:
Enter new password:
Verify new password:
Local password updated successfully.

Share this:

Share this:

Share this:

Share this: