All Forums |
Register |
Login |
Search |
Subscriptions |
My Profile |
Inbox |
Tool Warehouse |
FAQs |
Resources |
Help |
Member List |
Address Book |
Logout |
|
|
shell set in usercomment, user cannot login anymore
|
Logged in as: Guest |
Users viewing this topic: none |
|
Login |
|
|
shell set in usercomment, user cannot login anymore - Aug. 22, '06, 7:19:50 PM
|
|
|
ehall
Posts: 31
Joined: May 29, '05,
Status: offline
|
Tried to set the login shell for a user, chsh crapped out of course, so I just did it manually with "net user $username /usercomment:"/usr/local/bin/bash" /domain" and now the user can't login. In telnet (simple) the error is "Login incorrect". Nothing shows up in the security eventlog.
All users are in the Domain Users group, which is a member of the Telnet Users group, which has the locallogin priv. The user was able to login up until I set the usercomment attribute, now he can't.
Tried reversing the change with /usercomment: but no go (it's empty, but still can't login).
Did setting the attribute with admin account set security on the attribute maybe?
|
|
|
RE: shell set in usercomment, user cannot login anymore - Aug. 22, '06, 10:45:02 PM
|
|
|
Rodney
Posts: 3714
Joined: Jul. 9, '02,
From: /Tools lab
Status: offline
|
> ... chsh crapped out of course ...
How exactly? What was the error message?
Which user was trying to do the change?
This can help to get a fix (if needed) for a future version.
What does it show exactly for the value in the usercomment ?
Is this shell listed in the file /etc/shells ?
|
|
|
RE: shell set in usercomment, user cannot login anymore - Aug. 23, '06, 12:09:33 PM
|
|
|
ehall
Posts: 31
Joined: May 29, '05,
Status: offline
|
Actually this is only happening with a couple of accounts and I don't know why. They look the same to me as any other account.
>> ... chsh crapped out of course ...
>
> How exactly? What was the error message?
> Which user was trying to do the change?
> This can help to get a fix (if needed) for a future version.
If the user tries to change it themselves they get STDERR output. Here is user "jon" trying to change his shell:
| $ chsh /usr/local/bin/bash
| chsh: /usr/contrib/win32/bin/net USER jon /USERCOMMENT:"/usr/local/bin/bash" /DOMAIN > /dev/null 2>&1
This is the direct output from using the command directly
| $ net user jon /usercomment:"/usr/local/bin/bash" /domain
| System error 5 has occurred.
|
| Access is denied.
Doing it with administrator works okay:
| $ net user jon /usercomment:"/usr/local/bin/bash" /domain
|The command completed successfully.
The "jon" account now gets the right shell
A couple of other accounts are refused access tho. Maybe they are locked out, I'll look at that.
|
|
|
RE: shell set in usercomment, user cannot login anymore - Aug. 23, '06, 12:42:30 PM
|
|
|
ehall
Posts: 31
Joined: May 29, '05,
Status: offline
|
Looks like the problem accounts got their passwords corrupted somehow somewhere. I reset the passwords on the broken accts and they are fine now.
|
|
|
RE: shell set in usercomment, user cannot login anymore - Aug. 23, '06, 1:49:49 PM
|
|
|
Rodney
Posts: 3714
Joined: Jul. 9, '02,
From: /Tools lab
Status: offline
|
To make changes to the user database the user account needs to have the authority to do it.
Most "common" users account don't. Administrator and accounts in the Administrators group
do have that authority.
Just FYI:
The one thing that I did change for the Vista release (Interix 6.0) is the addition of
a '-u' flag to specify the user so the admins (or those with authority) can run chsh
on behalf of a common user.
|
|
|
New Messages |
No New Messages |
Hot Topic w/ New Messages |
Hot Topic w/o New Messages |
|
Locked w/ New Messages |
Locked w/o New Messages |
|
Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
|
|