Setting the first password of a new user remotely 2

[cybtech]

Hi everybody,
I'm near desperate,
I'm looking for a small program that run on Solaris8 that could allow me to change a user's password remotely without having to know the old password. The goal of this is to make a script that creates all the default users i need on new servers remotely as the script runs on an AIX 4.3.3 machine. Does anyone have anything like that in his toolbox?

 

[Clairvoyant1332]

Unless I'm mistaken, if you're logged in as root then the passwd command will allow you to change any user's password without knowing the old one.

 

[cybtech]

Yes i know, but the problem is that it's interactive. I need something like "setpwd -u user -p password". That's what i have for my AIX servers and it works well, i'd like to find its equivalent for Solaris.

 

[bigdaddy01]

You could try
#_>rsh 'server' passwd 'usrname'

If the user all ready exsists if not try

#_>rsh 'server' useradd -d dir -s shell rarara 'usrname'

You could even write a script that does several rsh's.

Tricky one...


P.

 

[cybtech]

Yes i know, i already have the good command that i put into my script to create the users but still nothing to put the default password the same maner...

 

[olded]

cybtech:

Back in Nov, 2001, I discussed Bobby Higgins's setpass.c utility for creating default passwords:

http://www.unixreview.com/documents/s=1344/urm0111f/

1) It was never used on Solaris 8.

2) It was never used remotely

but you might be able to get it to work.

Regards,


Ed

 

[cybtech]

Terrific, that is exactly what i was looking for.
I have a problem though :
I tried it first on the local server (of course) and each time i want to login with the new password for my test user it answers "su:sorry"... Does that ring any bell to you?
Thanks a lot anyway for your help.

 

[olded]

cybtech:

The obvious answer is you receive su:sorry when executing the su command, and entering an incorrect password.

Regards,

Ed

 

[jaytco]

If you are looking for a quick way to reset a password you could use the following. Possible security issue if the user is not going to change it right away
passwd -d -f someuser -d (delete passwd) -f (force user to change it on next login)

You could also use expect.

 

[Annihilannic]

If you know the encoded password entry for /etc/shadow, you could just use sed or something to update it?

If you need to encode it as well, just generate two random characters, for example XY, and pass the first eight characters of the password plus those two characters through /usr/lib/makekey, e.g.

[tt]echo thepasswXY | /usr/lib/makekey[/tt]

And then use sed to add the resultant string to the user's /etc/shadow entry.

Annihilannic.

 

[Clairvoyant1332]

Hey, that's pretty cool! I didn't realize the OS had a built in command to do that... I had written my own version a while ago.

I didn't see any entry for this command in the man pages. Where can I find out about other undocumented goodies like this?

 

[Annihilannic]

That's probably because they don't want us to know about it.

You've come to the right place. ;-)

Annihilannic.