Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Error removing and modifying users 1

Status
Not open for further replies.
dl0rd

dl0rd

Programmer
Jul 5, 2004
19
SE
Hi,

I'm going through a AIX(think its version 4.. not sure) box here and I want to remove some users and add some password policies on some of the users.

This is my problem. For some of the users I can modify and remove them without any problem using Smit or Terminal.

But for a couple of users I can't delete and I can't modify.

rmuser gives 3004-696 Error removing...

and chuser gives 3004-692.



pwdck -n gives me no result. usrck -n complains about no nofiles attribute and that I have to add this using chuser. But when I try to do this it fails as describe above.

Please, any help is appriciated.


Thanks!
 
Sort by date Sort by votes
HI,

1.Ensure you are a root user.

2.Try :
usrck –y ALL =Checks for user problems
pwdck –y ALL =Checks for password problems
grpck –y ALL =Checks for groups problems

3.mkpasswd -f =rebuilds the /etc/passwd indexes in case of suspected corruption


Long live king Moshiach !
 
Upvote 0 Downvote
Thanks, I definently have to try the mkpasswd -f.

I was told that the -y ALL option could actually cause more damage for me?
 
Upvote 0 Downvote
Ran all commands as root, still experience the same problems. I really appriciate the help, but do you have any other ideas?

It's really strange that it appears on some users but not on all of them.
 
Upvote 0 Downvote
This is really strange. While running the usrck -y ALL the first time it complained on one user saying that id did not have a nofoles attribute and that I have to set it with chuser.

When running the command a second time, it now says this on all my users.

Does this give you any hints?
 
Upvote 0 Downvote
No, then I still get 3004-696 error removing user.
 
Upvote 0 Downvote
Yes, I've read there before. I'm afraid google can't help me anymore :)

The thing is that I got like 20 users and the group with the mosts users has like 19 members. So that limit shouldn't be the problem here.
 
Upvote 0 Downvote
Try

Code: 
chsec -f /etc/security/limits -s [i]baduser[/i] -a nofiles=2000

Rod Knowlton
IBM Certified Advanced Technical Expert pSeries and AIX 5L
CompTIA Linux+
CompTIA Security+

 
Upvote 0 Downvote
it doesn't like my command it tells me that the usage is

-s stanza (what is this?)

instead of username.
 
Upvote 0 Downvote
sorry.. my bad .. forgot -a....tired..
 
Upvote 0 Downvote
Now command works, and usrck doesn't complain anymore.

But I still can't delete the user.
 
Upvote 0 Downvote
Can you post the output of

lsuser baduser

or

lssec -f /etc/security/user -s baduser -a ALL

?

Rod Knowlton
IBM Certified Advanced Technical Expert pSeries and AIX 5L
CompTIA Linux+
CompTIA Security+

 
Upvote 0 Downvote
lsuser

username id=227 pgrp=staff groups=staff,printq,catia home=/home/users/username shell=/us
r/bin/ksh login=true su=true rlogin=true daemon=true admin=false sugroups=ALL ad
mgroups= tpath=nosak ttys=ALL expires=0 auth1=SYSTEM auth2=NONE umask=22 registr
y=NIS SYSTEM=compat logintimes= loginretries=0 pwdwarntime=0 account_locked=fals
e minage=0 maxage=0 maxexpired=-1 minalpha=0 minother=0 mindiff=0 maxrepeats=8 m
inlen=0 histexpire=0 histsize=0 pwdchecks= dictionlist= fsize=2097151 cpu=-1 dat
a=262144 stack=65536 core=2048 rss=65536 nofiles=2000 roles=
 
Upvote 0 Downvote
lssec

username login=true su=true rlogin=true daemon=true admin=false sugroups=ALL admgrou
ps= tpath=nosak ttys=ALL expires=0 auth1=SYSTEM auth2=NONE umask=22 logintimes=
loginretries=0 pwdwarntime=0 account_locked=false SYSTEM="compat" registry=NIS m
inage=0 maxage=0 maxexpired=-1 minalpha=0 minother=0 mindiff=0 maxrepeats=8 minl
en=0 histexpire=0 histsize=0 pwdchecks= dictionlist= dce_export= maxulogs= uacti
vity= utocount=
 
Upvote 0 Downvote
You said you weren't sure what level your AIX was. Please run "oslevel -r" to check. If it complains that the "-r" flag is unknown, run it without it.

Also, do all of your users have registry=NIS?


Rod Knowlton
IBM Certified Advanced Technical Expert pSeries and AIX 5L
CompTIA Linux+
CompTIA Security+

 
Upvote 0 Downvote
oslevel -r shows 4330-09

no, another user had registry=files


Thanks for helping me out, I really appriciate it.
 
Upvote 0 Downvote
To be clear, was the user with registry=files one of the ones that you couldn't remove?


Rod Knowlton
IBM Certified Advanced Technical Expert pSeries and AIX 5L
CompTIA Linux+
CompTIA Security+

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

E
  • Locked
  • Question
What are reservations and how do you set them?
Replies
0
Views
568
emze
E
E
  • Locked
  • Question
AIX Power5 on 5.3- On varyonvg error "cannot be varied on because no good copies of the descriptor area"
Replies
1
Views
657
JenLM
J
jkc2023
  • Locked
  • Question
AIX TL and SP upgrade
Replies
0
Views
754
jkc2023
jkc2023
Dan Gaeta
  • Locked
  • Question
Power 740 and HMC
Replies
1
Views
678
pa2nc
pa2nc
vipermaus
  • Locked
  • Question
IBM 615-6C3 Fans missing fault (1011 7620 and 1011 7611)
Replies
0
Views
368
vipermaus
vipermaus

Part and Inventory Search

Sponsor

Back
Top