Tag: unlock

Linux denying user access after reseting password

Depending of how you configured your Linux server, the Pluggable Authentication Module (PAM) won’t let you login.

To check the login attempts to see if it needs to be reset type faillog -u <username>

root@linux:~ # faillog -u username
Username Failures Maximum Latest
<username> 15 0

Reset the counter with the -r flag

root@linux:~ # /usr/bin/faillog -r username
Username Failures Maximum Latest
<username> 0 0

If you’re root but is not managing to become a user with su, you also need to reset the login counter

root@linuxserver ~ # su – username
su: incorrect password

root@linux:~ # /sbin/pam_tally —-user username —-reset
User <username> (685) had 36

root@linux:~ # su – username
username@linux:~ $

For RHEL 6, it uses pam_tally2

root@rhel64:~ # /sbin/pam_tally2 —-user username —-reset
Login Failures Latest failure From
username 9 02/13/14 09:22:10 /dev/pts/1

root@rhel64:~ # /sbin/pam_tally2 —-user username —-reset
Login Failures Latest failure From
username 0

Can’t login HP-UX

This time is a tip to enable a user account if your system uses password aging or the user was locked out due to the unsuccessful login attempts.

login: user
Password:
Account is disabled – see Account Administrator

To enable a locked or disabled HP-UX account, run the command:

root@hp-ux:~ # /usr/lbin/modprpw -l -k <username>

root@hp-ux:~ # /usr/lbin/getprpw user
uid=340, bootpw=NO, audid=461, audflg=1, mintm=7, maxpwln=-1, exptm=0, lftm=-1, spwchg=Sat Aug 29 09:21:26 2015, upwchg=-1, acctexp=-1, llog=-1, expwarn=7, usrpick=DFT, syspnpw=DFT, rstrpw=DFT, nullpw=DFT, admnum=-1, syschpw=DFT, sysltpw=DFT, timeod=-1, slogint=Sat Aug 29 09:56:15 2015, ulogint=Sat Aug 29 09:42:41 2015, sloginy=-1, culogin=-1, uloginy=-1, umaxlntr=-1, alock=NO, lockout=0000000

Can’t login into AIX

3004-303 There have been too many unsuccessful login attempts; please see the system administrator

If your user can’t login and is receiving this error message, you need to reset his unsuccessful login attemps in the user’s account.

Check his unsuccessful login counter with lsuser

root@aix:/ # /usr/sbin/lsuser -a unsuccessful_login_count <username>
username unsuccessful_login_count=4

Then reset the counter with chsec

root@aix:/ # /usr/bin/chsec -f /etc/security/lastlog -a unsuccessful_login_count=0 -s <username>

Share this:

Share this:

Share this: