SUMMARY: Help Account Problem.

From: Taeko Thompson (thompson@wizards.com)
Date: Tue Jan 23 1996 - 13:35:18 CST


Thank you very much for the replay to my silly mistake problem.
I should have been more carefull when I made the account.
Reto is the one reminded me the problem. The account name had more the 8
characters(It had 9 characters). It looked like it consisted of 8
characters to me when I made tha account (I could not do math). Anyway
I received many many useful answers for this kind of problem from other
people, too. And again, thank you

Original:

We are using SS10 with SunOS4.1.3_U1. We have about 300 accounts on the
system. One of the account I created on the system recently is behaving very
odd. I can use "su - account_name" to switch to the account using the
account passwd, but I can not use "telnet" or "rlogin" to
login to the system using the account. How come "su" works, but
"telnet/rlogin" do not work for the account? Other accounts on the
machine work fine with "telnet/rlogin".
Any help will be appriciated.

Answer received:

From: Randy Grimshaw <rgrimsha@mailbox.syr.edu>
-----------------------------------------------

Taeko:
  I can think of only two far flung ideas ... but here they are for your
amusement. Solaris will not allow a root equivalent user to telnet or
rlogin directly-- check that the uid is passwd is not 0. Solaris will
allow the root user (or someone su'd as root) to su to any account even
if the passwd file has a disabled password entry -- check the passwd.
Good Luck.
<><Randall

From: Andrew Lamb <andrew@mis.mua.go.th>
----------------------------------------

Check the gid field of the entry in /etc/passwd for that user. If their
group id is not correct, then they might not be able to use some commands
which are available to other users.

Also check that there are no typographical errors in the /etc/passwd line
that comes BEFORE that user entry. If there are errors in that line, then
the fields in the following lines might be interpreted incorrectly.

From: "Christopher L. Barnard" <cbarnard@cs.uchicago.edu>
---------------------------------------------------------

su does not read the .login file. If the user has a .login file that
is somehow disabling connections, you won't know if you're using su.
Take a look at that file and see what its doing wrong...

From: Reto Lichtensteiger <rali@meitca.com>
-------------------------------------------

How long is the account name? I have found (and Sun confirms) that at
least in the case of in.rlogind the bounds checking for the username
array is flawed, so you aren't able to connect because the first couple
o' characters of the password get stomped on. More than 8 charactes is a
bad thing ...

From: "Andrew F. Mitchell" <afm@snitch.biotech.ufl.edu>
-------------------------------------------------------
Maybe there is a problem with the shell. Is the problem account running
the same shell as everyone else? Are permissions for the specified
shell accessible for the user? Is the shell in /etc/shells?

These are kind of simple things to check so they may not be useful...

Good luck finding your problem

Andy

From: Jason Pong <jase@lochard.com.au>
--------------------------------------

Checked the shell? I dont think su actually fires up the shell in the passwd
file... I may be wrong though. Something worth trying?



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:10:51 CDT