Changing root's password

Similar Messages

• Changing Root MySQL Password - Possible?

  Due to the departure of a former employee, we have need to change the root password for MySQL operating in OS X Apache on a Mac G4 tower. When we change the root password now for MySQL it seems to stop communicating with websites on the server which rely on it, even though each user database has its own unique user and password information. Are we hosed, or is it possible to change the root MySQL password in an environment where several websites on the server are already using databases within the MySQL set up?
  This is a great a valuable forum, I welcome any and all comments. TIA!

  It should be possible to change the root password. If you have problems accessing the database afterwards then it sounds like your applications aren't using the usernames and passwords that were created for them.
  If the apps are, indeed, using the root password this is something you should change. You'll need to check the apps' configurations and various logs to find out what they're using.
  In addition, if you haven't already done so, check out NaviCat. It's a GUI front-end for administering MySQL. While I don't use it at all for table management, it's front-end for managing users and permissions is way ahead of the command line.

• Does the computer lock me after a certain amount of failed password attmepts, even when i finally have the correct password? recently changed root account password, but then forgot today and when tried again didn't work.  if so, how long does lock last?

  Ok. So I just changed my ADMINISTRATIVE ROOT PASSWORD the other day and when I tried to log in today I forgot it.  I tried different variations of
  the password I had set, because I wasn't sure if i had maybe set it in Caps Lock or used a different number in the sequence.  I got the message several times
  about "too many attempts, try again later".  Does the computer lock me from signing in even with the correct password after a certain amount of failed
  attempts?  If so, how long does this lock last for?  When can I try again?  Or is there something I need to do to remove that lock now?  I'm pretty sure I
  had the right password finally but it still wouldn't accept it. 
  Also, I don't have any other administrative users set up on my macbook pro.  I'm the only one who uses it, so I've always just used that original User from my
  original setup.

  giselafromclongriffin wrote:
  Ok. So I just changed my ADMINISTRATIVE ROOT PASSWORD the other day and when I tried to log in today I forgot it.  I tried different variations of
  the password I had set, because I wasn't sure if i had maybe set it in Caps Lock or used a different number in the sequence.  I got the message several times
  about "too many attempts, try again later".  Does the computer lock me from signing in even with the correct password after a certain amount of failed
  attempts?  If so, how long does this lock last for?  When can I try again?  Or is there something I need to do to remove that lock now?  I'm pretty sure I
  had the right password finally but it still wouldn't accept it. 
  Also, I don't have any other administrative users set up on my macbook pro.  I'm the only one who uses it, so I've always just used that original User from my
  original setup.
  Do this:
  1. Reboot
  2. Hold apple key + s key down after you hear the chime. (command + s on newer Macs)
  3. When you get text prompt enter in these terminal commands to create a brand new admin account (hitting return after each line):
  (Type these commands very carefully)
  mount -uw /
  rm /var/db/.AppleSetupDone
  shutdown -h now
  4. After rebooting you should have a brand new admin account. When you login as the new admin you can change the passord on the old one.

• Change root MSE password and password requirment

  Hi All, new to the MSE world during the install of my new MSE virtual 7.0 it asks to change the root password...however the password requirement would not let me change the password and thus fell back to the default. How can I change the root password and change the password requirement.
  My intial password was 15 characters long, I had 2 upper case letters, 5 lower case letters, 5 numbers, and 3 other characters
  Not sure how much more I need to have the root password secure but, it was....
  Any suggestions or do I just need to make the root password double what I as making it.
  Thanks,
  Dan

  Doesn't it allow you to skip (step 17 in below) & go on to configure login & password related parameters (step 18) change those restrictions ?
  http://www.cisco.com/en/US/products/ps9742/products_tech_note09186a0080bb497f.shtml
  Then run the setup script again & change the root password
  HTH
  Rasika
  **** Pls rate all useful responses *****

• Can not change root password for WCS

  Need to change the root password for the web gui.
  WCS is running on linux, i have tried to do the passwd user-root but it cames back saying it can not find the username.

  Alex
  You could use the recovering password procedure for wcs as a workaround (chapter 14 of the following link http://www.cisco.com/en/US/docs/wireless/wcs/7.0/configuration/guide/WCS70cg.html )
  Recovering the WCS Password
  You can change the WCS application root user or FTP user password. This option provides a safeguard if you lose the root password. An executable was added to the installer /bin directory (passwd.bat for Windows and passwd.sh for Linux). Follow these steps to recover the passwords and regain access to WCS. For password recovery on a wireless location device, refer to chapters 8 or 9 of the Cisco 2700 Series Location Appliance Configuration Guide.
  Note If you are a Linux user, you must be the root user to run the command.
  Step 1 Change to the WCS bin folder.
  Step 2 Perform one of the following:
  Enter passwd root-user newpassword to change the WCS root password. The newpassword is the root login password you choose.
  or
  Enter passwd location-ftp-user newuser newpassword to change the FTP user and password. The newuser and newpassword are the FTP user and password you choose.
  Step 3 The following options are available with these commands:
  •-q — to quiet the output
  •-pause — to pause before exiting
  •-gui — to switch to the graphical user interface
  •-force — to skip prompting for configuration
  Step 4 Start WCS.

• Keep changing root password, keeps telling me password is wrong in terminal.

  I used the migration tool to copy my documents over from my PC, but it created a separate user account. I want to move those files to my current account, but I don't have permission to access the folder unless I'm logged into that account (in which case I don't have access to the folder I want to move them to). I tried to change the folder permissions, but it said my root user password was incorrect. I changed it, got no error in doing so, and tried again. Still got the error. I found a thread with a similar problem (but not the same one) and followed the instructions in it. Still got the same error. How can I fix this?

  In the title of this thread you list "keeps telling me password is wrong in terminal"???
  When you open terminal have you tried the command, without the quotes "dsenableroot"?  You must be logged in as a local admin to do this.
  If you try this, terminal will ask you for your admin account password then you can enter a new password for root and verify the new password.  Exit terminal Log out and log  back in with username root and the password you put in for the root account when you were in terminal.
  There is a definite problem, or actually a couple of problems, with the directory utility when trying to enable root from directory Utility / edit.   Going the dsenableroot in terminal clears these problems out.

• Where to change root, administrator, etc. passwords?

  I have a desktop Intel Mac and an Xserve server. Besides the normal login passwords that are set in System Preferences/Accounts, where do I set the other passwords such as root (su) password, system administrator, etc.?
  Mike

  System Administrator and root are one and the same user, and is not enabled by default so there is no password to change. If you "Enable Root User" (an option in one of the NetInfo Manager menus) you will be asked to supply a password for root.
  But be sure you understand the consequences of enabling root. Once enabled, the password can be changed with the usual UNIX commands, as well as going through NetInfo Manager.
  Apart from root and your normal login accounts, I don't know what other passwords you are referring to..

• Startup disaster, Root/user password change, Please help!!

  Hi, my ibook g4 was purchased on ebay through a seller with 100% feedback (a school district). It came with Tiger already installed, and I bought the Leopard Retail upgrade disc, installed all that, and did software updates to get it up and running at 10.5.8. It ran perfectly for the first two days.
  Then on startup, the blue screen issue which lasted forever. I put in the Update install disc to run disc utility: A-ok. Tried again, and again. Nothing.
  Finally, I went to the installer menu, and reset the user/root/admin passwords.
  Now, even when I put the install disc in, it doesn't even go to the gray apple. Instead, it just gives that "?" /faces pictures intermittently.
  I was wondering if anyone has had any such problem, and found a solution.
  I should add that I already attempted "Safe" mode and even "Transfer" mode, with firewire/friend's macbook. All to no avail.
  Is there any way to FIND that hard drive in there again?
  Thanks, everyone!
  Robert

  HI,
  Now, even when I put the install disc in, it doesn't even go to the gray apple. Instead, it just gives that "?" /faces pictures intermittently.
  Indicates that your iBook can't find a System Folder to boot from.
  Then on startup, the blue screen issue which lasted forever. I put in the Update install disc to run disc utility: A-ok. Tried again, and again. Nothing.
  Did you actually boot from the install disc or just insert into the optical drive? In order to run Disk Utility from the install disc...
  Insert your install disk and Restart, holding down the "C" key until grey Apple appears.
  Go to Installer menu and launch Disk Utility.
  Select your HDD (manufacturer ID) in the left panel.
  Select First Aid in the Main panel.
  *(Check S.M.A.R.T Status of HDD at the bottom of right panel. It should say: Verified)*
  Click Repair Disk on the bottom right.
  If DU reports disk does not need repairs quit DU and restart.
  If DU reports errors Repair again and again until DU reports disk is repaired.
  When you are finished with DU, from the Menu Bar, select Utilities/Startup Manager.
  Select your start up disk and click Restart
  While you have the Disk Utility window open, look at the bottom of the window. Where you see Capacity and Available. *Make sure there is always 10% to 15% free disk space*
  Go here for help when a A flashing question mark appears when you start your Mac
  Carolyn

• How to change the Default Password on AP1131AG

  Hi all :
  I tried to change the default password Cisco to other by command line but the password cannot work out.
  The command line I used are as below :
  AP#conf t
  Enter configuration commands, one per line.  End with CNTL/Z.
  AP(config)#enable pass
  AP(config)#enable password 4dMINO123 ?
  LINE    <cr>
  AP(config)#enable password 4dMINO123
  AP(config)#exit
  AP#wr
  *Mar  1 04:39:23.902: %SYS-5-CONFIG_I: Configured from console by console
  Building configuration...
  [OK]
  AP#exit
  This still cannot cahnge. Below I do again below commands :
  AP(config)#enable secret
  % Incomplete command.
  AP(config)#enable secret ?
    0      Specifies an UNENCRYPTED password will follow
    5      Specifies an ENCRYPTED secret will follow
    LINE   The UNENCRYPTED (cleartext) 'enable' secret
    level  Set exec level password
  AP(config)#enable secret 5
  % Incomplete command.
  AP(config)#enable secret 5 ?
    LINE  The ENCRYPTED 'enable' secret string
  AP(config)#enable secret 5 LINE
  ERROR: The secret you entered is not a valid encrypted secret.
  To enter an UNENCRYPTED secret, do not specify type 5 encryption.
  When you properly enter an UNENCRYPTED secret, it will be encrypted.
  AP(config)#enable secret LINE
  AP(config)#exit
  AP#
  *Mar  1 04:40:53.021: %SYS-5-CONFIG_I: Configured from console by console
  AP#
  AP#exit
  After that when I access with >en again as below with correct password of 4dMINO123 and it always fails as below :
  Can anybody help to provide correct way of changing the default password of Cisco to another password? Many thanks!
  AP con0 is now available
  Press RETURN to get started.
  AP>en
  Password:
  Password:
  Password:
  % Bad secrets
  AP>en 0
  AP>en 5
  % No password set
  AP>en 15
  Password:
  Password:
  % Password:  timeout expired!
  Password:
  % Bad secrets
  AP>
  AP>
  AP>en
  Password:
  Password:
  Password:
  % Bad secrets
  thanks and best regards,
  tangsuan

  Hi, I have even the worst problem,
  that seems probably to to be never asked on Internet. After quick learning how to reset this creapy device, I can't get by no means the enable password in default config for this box, having read everywhere from Cisco guide through community pages to Google pages.. NOWHERE.
  Question is : what else except Cisco, cisco, root, password... can solve this stupid issue?!? I expect some guru from responsible AP BU to answer this with definite answer, or someone from Cisco having mercy with me to contact such guy(s).
  Here is my desperate situation :
  Nothing from this page helped :
  http://www.cisco.com/en/US/partner/products/hw/wireless/ps430/products_password_recovery09186a00800949d0.shtml#reset_ap_newer
  Situation after hard reset:
  Xmodem file system is available.
  flashfs[0]: 26 files, 8 directories
  flashfs[0]: 0 orphaned files, 0 orphaned directories
  flashfs[0]: Total bytes: 15998976
  flashfs[0]: Bytes used: 6879232
  flashfs[0]: Bytes available: 9119744
  flashfs[0]: flashfs fsck took 43 seconds.
  Base ethernet MAC Address: 00:22:55:9f:fc:a0
  Initializing ethernet port 0...
  Reset ethernet port 0...
  Reset done!
  ethernet link up, 100 mbps, full-duplex
  Ethernet port 0 initialized: link is up
  button pressed for 1 seconds
  process_config_recovery: set IP address and config to default 10.0.0.1
  Loading "flash:/c1130-rcvk9w8-mx/c1130-rcvk9w8-mx"...#########################################################################################################################################################################
  File "flash:/c1130-rcvk9w8-mx/c1130-rcvk9w8-mx" uncompressed and installed, entry point: 0x3000
  executing...
                Restricted Rights Legend
  Use, duplication, or disclosure by the Government is
  subject to restrictions as set forth in subparagraph
  (c) of the Commercial Computer Software - Restricted
  Rights clause at FAR sec. 52.227-19 and subparagraph
  (c) (1) (ii) of the Rights in Technical Data and Computer
  Software clause at DFARS sec. 252.227-7013.
             cisco Systems, Inc.
             170 West Tasman Drive
             San Jose, California 95134-1706
  Cisco IOS Software, C1130 Software (C1130-RCVK9W8-M), Version 12.3(11)JX1, RELEASE SOFTWARE (fc1)
  Technical Support: http://www.cisco.com/techsupport
  Copyright (c) 1986-2006 by Cisco Systems, Inc.
  Compiled Mon 17-Jul-06 11:38 by alnguyen
  Image text-base: 0x00003000, data-base: 0x0035E440
  Initializing flashfs...
  flashfs[1]: 26 files, 8 directories
  flashfs[1]: 0 orphaned files, 0 orphaned directories
  flashfs[1]: Total bytes: 15998976
  flashfs[1]: Bytes used: 6879232
  flashfs[1]: Bytes available: 9119744
  flashfs[1]: flashfs fsck took 6 seconds.
  flashfs[1]: Initialization complete....done Initializing flashfs.
  cisco AIR-LAP1131AG-E-K9   (PowerPCElvis) processor (revision A0) with 24566K/8192K bytes of memory.
  Processor board ID FCZ1238Q0HK
  PowerPCElvis CPU at 262Mhz, revision number 0x0950
  Last reset from power-on
  LWAPP image version 3.0.51.0
  1 FastEthernet interface
  32K bytes of flash-simulated non-volatile configuration memory.
  Base ethernet MAC Address: 00:22:55:9F:FC:A0
  Part Number                          : 73-8962-14
  PCA Assembly Number                  : 800-24818-13
  PCA Revision Number                  : A0
  PCB Serial Number                    : FOC12354426
  Top Assembly Part Number             : 800-29144-03
  Top Assembly Serial Number           : FCZ1238Q0HK
  Top Revision Number                  : A0
  Product/Model Number                 : AIR-LAP1131AG-E-K9 
  Press RETURN to get started!
  *Mar  1 00:00:08.354: %CDP_PD-4-POWER_OK: Full power - AC_ADAPDOWN: Line protocol on Interface FastEthernet0, changed state to up
  Press>en
  Password:
  Password:
  Password:
  *Mar  1 00:00:27.393: %LWAPP-5-CHANGED: LWAPP changed state to DISCOVERY
  % Bad secrets
  Press>en
  Password:
  Password:
  Password:
  % Bad secrets
  Press>
  *Mar  1 00:00:36.530: %DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0 assigned DHCP address 192.168.1.2, mask 255.255.255.0, hostname Press
  Press>en
  Password:
  Password:
  Press>sho ver
  Cisco IOS Software, C1130 Software (C1130-RCVK9W8-M), Version 12.3(11)JX1, RELEASE SOFTWARE (fc1)
  Technical Support: http://www.cisco.com/techsupport
  Copyright (c) 1986-2006 by Cisco Systems, Inc.
  Compiled Mon 17-Jul-06 11:38 by alnguyen
  ROM: Bootstrap program is C1130 boot loader
  BOOTLDR: C1130 Boot Loader (C1130-BOOT-M) Version 12.3(8)JEA, RELEASE SOFTWARE (fc2)
  Press uptime is 17 minutes
  System returned to ROM by power-on
  System image file is "flash:/c1130-rcvk9w8-mx/c1130-rcvk9w8-mx"
  cisco AIR-LAP1131AG-E-K9   (PowerPCElvis) processor (revision A0) with 24566K/8192K bytes of memory.
  Processor board ID FCZ1238Q0HK
  PowerPCElvis CPU at 262Mhz, revision number 0x0950
  Last reset from power-on
  LWAPP image version 3.0.51.0
  1 FastEthernet interface
  32K bytes of flash-simulated non-volatile configuration memory.
  Base ethernet MAC Address: 00:22:55:9F:FC:A0
  Part Number                          : 73-8962-14
  PCA Assembly Number                  : 800-24818-13
  PCA Revision Number                  : A0
  PCB Serial Number                    : FOC12354426
  Top Assembly Part Number             : 800-29144-03
  Top Assembly Serial Number           : FCZ1238Q0HK
  Top Revision Number                  : A0
  Product/Model Number                 : AIR-LAP1131AG-E-K9 
  Configuration register is 0xF
  Press>

• Sudo or su and root's password

  A root's login prompt are simply without password prompt, I never typed root's password when I logged in as root. How to find the root's password, change it and use it with 'su' command? Visudo (Vi) has a very strange syntax for editing, I cannot edit sudoers file despite of reading man vi. Is there neccessary edit sudoers file with visudo to give the user some root's privilegues? Thanks a lot, I am quite an old dog to learn all quickly and wish to use Arch regulary...

  # sudoers file.
  # This file MUST be edited with the 'visudo' command as root.
  # See the sudoers man page for the details on how to write a sudoers file.
  username ALL=NOPASSWD: /usr/bin/cdrecord,/usr/bin/gcombust,/usr/bin/cdrdao,/usr/bin/eject,/bin/mount,/bin/umount,/usr/X11R6/bin/XFree86,/opt/kde/bin/k3b,/usr/sbin/fping,/usr/bin/kismet
  # Samples
  # %users ALL=/sbin/mount /cdrom,/sbin/umount /cdrom
  # %users localhost=/sbin/shutdown -h now
  gives the user "username" rights to run cdrecord, gcombust,cdrdao ... etc
  This is saves a lot of work when you regrade those apps which need root privledges to run.
  #!/bin/sh
  DEV="/dev/burner"
  if [ ! $2 == "" ]; then SPEED=$2 ; else SPEED=52 ; fi
  time sudo cdrecord -tao dev=$DEV speed=$SPEED driveropts=burnfree -overburn -eject $1
  is my script for burning as an ordinary user. I just call it burn. as in
  burn /tmp/arrgh.iso

• Command #user can change there own password (inside script..without passwd)

  HI,
  I have prepared one script, from which user can change there own password across all the nodes he wants.But problem is script is not working because the following command is not working
  echo -e "$oldPassword\n$newPassword" | passwd
  i have tried to run it manually but it is showing the folowing error....
  [testuser@xxxxxx01 ~]$ echo -e test\ntest123|passwd
  Changing password for user testuser.
  Changing password for testuser
  (current) UNIX password: passwd: Authentication token manipulation error
  [testuser@xxxxxxx01 ~]$
  any idea how to resolve this , or is there any other command where user can change their own password (inside a script).
  Regards,
  Ani

  When you change the password and are not root user, the passwd utility will ask for the current (old) password. You have specified a wrong old password, plus the utility will ask for confirmation of the new password.
  <pre>
  $ passwd
  Changing password for user dude.
  Changing password for dude.
  (current) UNIX password: asdfasdf
  passwd: Authentication token manipulation error
  $ passwd
  Changing password for user dude.
  Changing password for dude.
  (current) UNIX password: correct_password
  New password: How_will_1_ever_remember
  Retype new password: How_will_1_ever_remember
  passwd: all authentication tokens updated successfully.
  $ old_pwd='How_will_1_ever_remember'
  $ new_pwd='My_secret_passord_1'
  $ echo -e "$old_pwd\n$new_pwd\n$new_pwd" | passwd
  Changing password for user dude.
  Changing password for dude.
  (current) UNIX password: New password: Retype new password: passwd: all authentication tokens updated successfully.
  </pre>
  Edited by: Dude on Sep 25, 2012 4:36 PM

• Change Mamp MYSQL password?

  I use the normal command line and i get this message...help
  error: 'Access denied for user 'root'@'localhost' (using password: YES)'

  I was struggleing with this too, the error is as follows:
  /Applications/MAMP/Library/bin/mysqladmin -u root -p password <NEWPASSWORD>
  In the above I was replacing the password with my password, thats wrong, copy and paste the following into terminal exactly as is, change nothing:
  /Applications/MAMP/Library/bin/mysqladmin -u root -p password
  now at the end, after the word "password" type your new password then press enter.
  Now you will be prompted for the current password, type 'root' without the quotes.
  You should be good to go!
  My, and many others interpretation of the instructions within MAMP makes you think you replace 'password' with your current password, then replace <NEWPASSWORD> with the new one, wrong.
  Hope this helps!!

• Junked old macbook for a new one. changed apple id password from a different mac. i want to login and it asks for name and password. no matter what i type i cant seem to login. any way help?

  junked old macbook for a new one. changed apple id password from a different mac. i want to login and it asks for name and password. no matter what i type i cant seem to login. why cant i just enter my apple id and password. or is there a way to change whatever name and password are on the new one from another mac so i can login. anything helps...thanks

  Just open System Preferences>Users & Groups and unlock the preference pane with your root password.
  Set the New Account to be an Administrator and fill in the rest of the data and then click "Create User".
  I would suggest using this user to be YOU with admin capabilities. I wouldn't use the root user - too much damage could occur if you're not sure what you're doing. If you have files, etc., that you want to move to this account, simply but them in the Shared folder - or if you 'rescued' some old files and the like from your 'trashed' MBP, you can put them in your NEW admin account folders.
  Hope I've explained myself well - call back with any questions!
  Clinton

• Kadmin can't change dsimport'ed passwords in Snow Leopard Server

  Hello, World.
  I am attempting to manage user accounts in Open Directory from a non-Mac system. After a good deal of investigation on Leopard Server, I wound up ssh'ing to our Open Directory server to create new accounts with 'dsimport', and then to manage later changes to the account through LDAP (for non-password data) and through Kerberos with kadmin, on the theory that kadmind was supposed to propagate the encrypted plain text passwords into Password Service for all of P.S.'s hashing needs.
  This worked great in Leopard Server, but under Snow Leopard Server, any attempt to change a user's password via kadmin fails with
  'change_password: KDC policy rejects request while changing password for <principal name>'
  At the same time, the system log (/var/log/system.log) shows
  Nov 2 17:53:46 od1 sandboxd[76028]: mkpassdb(76026) deny file-read-data /usr/sbin/mkpassdb
  Nov 2 17:53:46 od1 sandboxd[76028]: mkpassdb(76027) deny process-exec /usr/bin/ldapsearch
  However, if I create a principal directly with kadmin, kadmin does allow me to change the password for the principal I just created.
  Use modprinc to remove attributes (REQUIRESPREAUTH DISALLOW_SVR) from the dsimport'ed principals doesn't affect anything in any positive manner, though the principals I create manually in kadmin do lack these attributes.
  So, does anyone know what the story is, here? Is there no supported API that I can use from a Solaris/Linux server to fully manage accounts under Open Directory?

  I have a Similar issue, Details below. the summary is that Using the Snow Leopard GUI interface I created 17 users with a generic low security Password. then transferred and converted some mail files to the server. Once the mail was working properly, I changed the passwords to a slightly more secure password, and set it so my users would have to change their password to a more secure password at log in.
  Even after these password changes it is very easy to get other user's ticket information, if you know the original low Security Password with
  kinit <other user name>
  Details and demonstration.
  oursvr:krb5kdc root# kpasswd someuser
  Please enter the old password for [email protected]:
  Please enter the new password for [email protected]:
  Verifying, please re-enter the new password for
  [email protected] again:
  Server error
  Unknown error code: 2802413321
  KDC policy rejects request Unknown error code: 2802413326
  Please enter the old password for [email protected]:
  oursvr:krb5kdc root# kadmin.local
  Authenticating as principal root/[email protected] with password.
  kadmin.local: cpw [email protected]
  Enter password for principal "[email protected]":
  Re-enter password for principal "[email protected]":
  ambiguous user name.
  change_password: KDC policy rejects request while changing password for
  "[email protected]".
  kadmin.local: q
  oursvr:krb5kdc root# kinit someuser/admin
  Please enter the password for someuser/[email protected]:
  oursvr:krb5kdc root# klist
  Kerberos 5 ticket cache: 'API:Initial default ccache'
  Default principal: someuser/[email protected]
  Valid Starting Expires Service Principal
  12/21/09 12:00:53 12/21/09 22:00:53
  krbtgt/[email protected]
  renew until 12/28/09 12:00:53
  oursvr:krb5kdc root# kadmin
  Authenticating as principal someuser/[email protected] with password.
  Password for someuser/[email protected]:
  kadmin: cpw someuser
  Enter password for principal "someuser":
  Re-enter password for principal "someuser":
  change_password: Unknown error code: 2529638924 while changing password
  for "[email protected]".
  oursvr:krb5kdc root# kdestroy
  oursvr:krb5kdc root# kinit otheruser
  Please enter the password for [email protected]:
  oursvr:krb5kdc root# klist
  Kerberos 5 ticket cache: 'API:Initial default ccache'
  Default principal: [email protected]
  Valid Starting Expires Service Principal
  12/21/09 12:07:55 12/21/09 22:07:50
  krbtgt/[email protected]
  renew until 12/28/09 12:07:55
  CONFIGURATION
  =============
  Contents of /var/db/krb5kdc/kadm5.acl:
  ## This file autogenerated by KDCSetup ##
  */[email protected] * *
  [email protected] * *
  ADDITIONAL INFORMATION
  ======================
  (1) Using 'passwd' to change the password does not change the Kerberos
  password.
  (2) Using "dscl /LDAPv3/127.0.0.1 -passwd Users/someuser" does not change
  the Kerberos password.
  (3)
  (4) From /var/log/system.log:
  Dec 21 11:57:01 oursvr edu.mit.Kerberos.kadmind[79131]: ambiguous user name.
  Dec 21 11:57:01 oursvr sandboxd[82190]: mkpassdb(82189) deny file-read-data
  /usr/sbin/mkpassdb
  (5) From /var/log/krb5kdc/kadmin.log:
  Dec 21 12:02:36 oursvr.sub.dom.tld kadmind[79131](Notice): Request:
  kadm5chpassprincipal, [email protected], KDC policy rejects
  request, client=someuser/[email protected],
  service=kadmin/[email protected], addr=VVV.WWW.YYY.ZZ
  Dec 21 12:02:36 oursvr.sub.dom.tld kadmind[79131](Notice): Request:
  kadm5chpassprincipal, [email protected], KDC policy rejects
  request, client=someuser/[email protected],
  service=kadmin/[email protected], addr=VVV.WWW.YYY.ZZ
  (6) From /var/log/krb5kdc/ldc.log:
  Dec 21 11:56:51 oursvr.sub.dom.tld krb5kdc[62](info): AS_REQ (7 etypes {18
  17 16 23 1 3 2}) VVV.WWW.YYY.ZZ: NEEDED_PREAUTH:
  [email protected] for kadmin/[email protected],
  Additional pre-authentication required
  Dec 21 11:56:51 oursvr.sub.dom.tld krb5kdc[62](info): AS_REQ (7 etypes {18
  17 16 23 1 3 2}) VVV.WWW.YYY.ZZ: NEEDED_PREAUTH:
  [email protected] for kadmin/[email protected],
  Additional pre-authentication required
  Dec 21 11:56:51 oursvr.sub.dom.tld krb5kdc[62](info): AS_REQ (7 etypes {18
  17 16 23 1 3 2}) VVV.WWW.YYY.ZZ: ISSUE: authtime 1261414611, etypes
  {rep=18 tkt=16 ses=18}, [email protected] for
  kadmin/[email protected]
  Dec 21 11:56:51 oursvr.sub.dom.tld krb5kdc[62](info): AS_REQ (7 etypes {18
  17 16 23 1 3 2}) VVV.WWW.YYY.ZZ: ISSUE: authtime 1261414611, etypes
  {rep=18 tkt=16 ses=18}, [email protected] for
  kadmin/[email protected]
  (7) mkpassdb -dump 0x4b2bf32f30c3d4860000001e0000001e
  slot 0030: 0x4b2bf32f30c3d4860000001e0000001e someuser 12/21/2009
  12:28:17 PM
  Last password change: 12/21/2009 11:00:36 AM
  Last login: 12/21/2009 12:28:17 PM
  Failed login count: 0
  Disable reason: none
  Hash-only bit: 0
  Last Transaction ID: 2052
  Transaction requires kerberos: 1
  Record is dead: 0
  Record is not to be replicated: 0
  Access Features:
  isDisabled=0 isAdminUser=0 newPasswordRequired=0 usingHistory=0
  canModifyPasswordforSelf=1 usingExpirationDate=0 usingHardExpirationDate=0
  requiresAlpha=0 requiresNumeric=0 expirationDateGMT=18446744073709551615
  hardExpireDateGMT=18446744073709551615 maxMinutesUntilChangePassword=0
  maxMinutesUntilDisabled=0 maxMinutesOfNonUse=0 maxFailedLoginAttempts=0
  minChars=0 maxChars=0 passwordCannotBeName=0 requiresMixedCase=0
  requiresSymbol=0 notGuessablePattern=0 isSessionKeyAgent=0
  isComputerAccount=0 adminClass=0 adminNoChangePasswords=0
  adminNoSetPolicies=0 adminNoCreate=0 adminNoDelete=0 adminNoClearState=0
  adminNoPromoteAdmins=0
  Group(s) for Administration: unrestricted
  digest 0: method: *cmusaslsecretSMBNT
  digest length: 16
  digest: D6B093421FDF17380F0B695721F0F26A
  digest 1: method: *cmusaslsecretSMBLM
  digest length: 16
  digest: 5C957C596B14237409A48A7AC23C7AB2
  digest 2: method: *cmusaslsecretDIGEST
  digest length: 16
  digest: 8E9181A5F7697D7FB83BF2DA430CBB70
  digest 3: method: *cmusaslsecretCRAM-M
  digest length: 32
  digest:
  A08E4B9266A4B8676DEFA8584758F9013D29A479D81EE4E41D857D5A5CA4FA71
  digest 4: method: KerberosRealmName
  digest: OUR.KRB5.RLM
  digest 5: method: KerberosPrincName
  digest: someuser
  digest 6: method: *cmusaslsecretPPS
  digest length: 24
  digest: A5AC9D1843D42ED4AF39EFB4AB91E536F733FB2580978860
  digest 7: <empty>
  digest 8: <empty>
  digest 9: <empty>
  slot checksum: 7DAA85870308B253D5A9294483A4B0EF
  (8) dscl /LDAPv3/127.0.0.1 -read Users/someuser | grep -A 2 authAuthority
  dsAttrTypeNative:authAuthority:
  ;ApplePasswordServer;0x4b2bf32f30c3d4860000001e0000001e,1024 35
  14773688809506996593092824880872774590718495204127440029375223520574013330136617 78685429961896612181406054801454823310071429734609519569726042321602422714273008 59946509691313082062885828226653436410277560435615063784052163315144051817774743 254036483144235604939879290290235050919364398951613699884041179183857
  [email protected]:VVV.WWW.YYY.ZZ
  ;Kerberosv5;0x4b2bf32f30c3d4860000001e0000001e;[email protected];OUR.KRB5.R LM;1024
  35
  14773688809506996593092824880872774590718495204127440029375223520574013330136617 78685429961896612181406054801454823310071429734609519569726042321602422714273008 59946509691313082062885828226653436410277560435615063784052163315144051817774743 254036483144235604939879290290235050919364398951613699884041179183857
  [email protected]:VVV.WWW.YYY.ZZ

• Hacker changed root user passwod

  I was hacked into recently and the hacker worked through root user, and now the root user password has been changed. I would like to reset it and find out what has been done to my Mac. Can it been done ?

  I found the answer here. http://discussions.apple.com/click.jspa?searchID=-1&messageID=680165
  Sorry for the trouble. Thanks.