1 of 1 people found this helpful
Below steps should help you to create password reset package for Unix/Linux platforms:-
1. Live browse AIX server
2. Navigatte Unix Users
3. Select any one user and Package it into BLPackage
4. Edit the BLPackage; change the username for which you would like to change the password
5. select action as "Update password" and set the the password; Finally save the BLPackage
Hope this helps your requirement.
thanks for the reply Swapnil it pointed me to the right direction (after writing an NSH script). However, I would like to give this BL job to help desk and do not want them access to the depot package but only on the job. how can you have an insertable field for the user and password on the job?
You can use Local properties in your BLPackage to expose inputs that can be overridden/filled in at Job execution time. That would for example allow you to specify which user you want to update.
The limitation IMO is that you cannot use properties in the password field of the user object, which means you would still need to either hard-code the password in the package or allow your operator to edit the package, which brings you back at the initial situation.
You could possibly use a script instead or if you want to stick to the BLPackage, to write an external command in the package.
A last option would be to use the live browse of the server and right click on the user you want to update.
Olivier, That is exactly what I encountered. I did wrote a one line script with a simple
"echo username:password | chpassword" and have custom fields $$username$$ and $$password$$ however it is failing. i ran the script on a box: test_ch_passwd.nsh <username> <password> and works. i am still scratching my head.
You can use BLPapcakge. Add username and password as Local properties to package. Also you can choose encrypted string for password.
add external command::-
echo ??username??:??password?? | chpasswd
Create a deploy job using this package. Provide username and password in deploy job.
It should also work using NSH Script job . I am not sure whether we get encryped string option in NSH script parameter.
Can you share NSH Script log messages ?
as opposed to using the built-in functionality w/ the 'UnixUsers' object ?
I don't think you can use the built-in user object in conjunction with an encrypted property (any property in fact) for the password. That means you need to hard-code the password into the package as opposed to make it available to update at deploy time.
it works on a standalone AIX server. How about a server or servers using kerberos authentication. Has anybody have a solution via BL package or job?
Can you change a password that’s stored in Kerberos w/ the normal passwd change utilities ?
Unfortunately no. As far as I know manually, you have to go kadmin.local and do: cpw -cp <new password> <username> then do a modprinc -needchange <username/principal>.
wondering if someone has an experience writing up a script to automate above at same time elevate to kadmin.local then run the script within BL.