Logon passwords check on change

Similar Messages

• RSOP: Interactive logon: Prompt user to change password before expiration

  Hi,
  I am trying to implement a GPO so that users are prompted to change their password 5 days before it expires. I have done this via -
  Computer Configuration > Windows Settings > Security Settings > Local Policies > Security Options > Enabled
  Interactive Logon: Prompt user to change password before expiration
  Despite doing the above the GPO does not seem to be taking effect. I have run RSOP on my machine and a few users machines and can see that there is a red circle with an X next to
  Interactive Logon: Prompt user to change password before expiration.
  Below is my winlogon.log file but I am not really sure what I am supposed to be looking for. Can anyone help?
  Make a local copy of \\**************.co.uk\sysvol\**************.co.uk\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\Machine\Microsoft\Windows NT\SecEdit\GptTmpl.inf.
  GPLinkSite GPO_INFO_FLAG_BACKGROUND )
  Make a local copy of \\**************.co.uk\sysvol\**************.co.uk\Policies\{91EDC47D-AACF-4DFE-B044-5D29500CECBE}\Machine\Microsoft\Windows NT\SecEdit\GptTmpl.inf.
  GPLinkDomain GPO_INFO_FLAG_BACKGROUND )
  Make a local copy of \\**************.co.uk\SysVol\**************.co.uk\Policies\{DDE2DDB7-9802-415B-819E-1ADA496DC3E6}\Machine\Microsoft\Windows NT\SecEdit\GptTmpl.inf.
  GPLinkDomain GPO_INFO_FLAG_BACKGROUND )
  Make a local copy of \\**************.co.uk\sysvol\**************.co.uk\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\Machine\Microsoft\Windows NT\SecEdit\GptTmpl.inf.
  GPLinkDomain GPO_INFO_FLAG_BACKGROUND )
  Make a local copy of \\**************.co.uk\SysVol\**************.co.uk\Policies\{6422C1A4-D958-4F4B-A8AA-EBACC567BD19}\Machine\Microsoft\Windows NT\SecEdit\GptTmpl.inf.
  GPLinkOrganizationUnit GPO_INFO_FLAG_BACKGROUND )
  No template is defined in GPO \\**************.co.uk\SysVol\**************.co.uk\Policies\{43F654AA-56D5-4F2C-B357-1AFEE03D37F2}\Machine.
  Process GP template gpt00000.inf.
  This is not the last GPO.
  08 March 2015 23:06:35
  Copy undo values to the merged policy.
  ----Un-initialize configuration engine...
  Process GP template gpt00001.dom.
  This is not the last GPO.
  08 March 2015 23:06:36
  ----Un-initialize configuration engine...
  Process GP template gpt00002.dom.
  This is not the last GPO.
  08 March 2015 23:06:36
  ----Un-initialize configuration engine...
  Process GP template gpt00003.dom.
  This is not the last GPO.
  08 March 2015 23:06:36
  ----Un-initialize configuration engine...
  Process GP template gpt00004.inf.
  08 March 2015 23:06:36
  ----Configuration engine was initialized successfully.----
  ----Reading Configuration Template info...
  ----Configure User Rights...
  Configure S-1-5-32-544.
  Configure S-1-5-21-778002760-1239436532-1307212239-1002.
  Configure S-1-5-21-778002760-1239436532-1307212239-1016.
  Configure S-1-5-21-778002760-1239436532-1307212239-4078.
  Configure S-1-5-21-778002760-1239436532-1307212239-512.
  Configure S-1-5-21-778002760-1239436532-1307212239-500.
  Configure S-1-5-21-778002760-1239436532-1307212239-513.
  User Rights configuration was completed successfully.
  ----Configure Group Membership...
  Configure **************\Local Admins for Users.
  old memberof tattoo list: *S-1-5-32-555,*S-1-5-32-544,
  object already member of Administrators.
  object already member of Remote Desktop Users.
  new memberof tattoo list: *S-1-5-32-555,*S-1-5-32-544,
  Group Membership configuration was completed successfully.
  ----Configure Security Policy...
  Configure password information.
  Configure account force logoff information.
  System Access configuration was completed successfully.
  Configure machine\software\microsoft\windows nt\currentversion\winlogon\passwordexpirywarning.
  Configure machine\software\microsoft\windows\currentversion\policies\system\enableinstallerdetection.
  Configuration of Registry Values was completed successfully.
  Audit/Log configuration was completed successfully.
  ----Configure available attachment engines...
  Configuration of attachment engines was completed successfully.
  ----Un-initialize configuration engine...
  this is the last GPO.
  Make a local copy of \\**************.co.uk\sysvol\**************.co.uk\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\Machine\Microsoft\Windows NT\SecEdit\GptTmpl.inf.
  GPLinkSite GPO_INFO_FLAG_BACKGROUND )
  Make a local copy of \\**************.co.uk\sysvol\**************.co.uk\Policies\{91EDC47D-AACF-4DFE-B044-5D29500CECBE}\Machine\Microsoft\Windows NT\SecEdit\GptTmpl.inf.
  GPLinkDomain GPO_INFO_FLAG_BACKGROUND )
  Make a local copy of \\**************.co.uk\SysVol\**************.co.uk\Policies\{DDE2DDB7-9802-415B-819E-1ADA496DC3E6}\Machine\Microsoft\Windows NT\SecEdit\GptTmpl.inf.
  GPLinkDomain GPO_INFO_FLAG_BACKGROUND )
  Make a local copy of \\**************.co.uk\sysvol\**************.co.uk\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\Machine\Microsoft\Windows NT\SecEdit\GptTmpl.inf.
  GPLinkDomain GPO_INFO_FLAG_BACKGROUND )
  Make a local copy of \\**************.co.uk\SysVol\**************.co.uk\Policies\{6422C1A4-D958-4F4B-A8AA-EBACC567BD19}\Machine\Microsoft\Windows NT\SecEdit\GptTmpl.inf.
  GPLinkOrganizationUnit GPO_INFO_FLAG_BACKGROUND )
  No template is defined in GPO \\**************.co.uk\SysVol\**************.co.uk\Policies\{43F654AA-56D5-4F2C-B357-1AFEE03D37F2}\Machine.
  Process GP template gpt00000.inf.
  This is not the last GPO.
  09 March 2015 16:26:51
  Copy undo values to the merged policy.
  ----Un-initialize configuration engine...
  Process GP template gpt00001.dom.
  This is not the last GPO.
  09 March 2015 16:26:51
  ----Un-initialize configuration engine...
  Process GP template gpt00002.dom.
  This is not the last GPO.
  09 March 2015 16:26:51
  ----Un-initialize configuration engine...
  Process GP template gpt00003.dom.
  This is not the last GPO.
  09 March 2015 16:26:51
  ----Un-initialize configuration engine...
  Process GP template gpt00004.inf.
  09 March 2015 16:26:51
  ----Configuration engine was initialized successfully.----
  ----Reading Configuration Template info...
  ----Configure User Rights...
  Configure S-1-5-32-544.
  Configure S-1-5-21-778002760-1239436532-1307212239-1002.
  Configure S-1-5-21-778002760-1239436532-1307212239-1016.
  Configure S-1-5-21-778002760-1239436532-1307212239-4078.
  Configure S-1-5-21-778002760-1239436532-1307212239-512.
  Configure S-1-5-21-778002760-1239436532-1307212239-500.
  Configure S-1-5-21-778002760-1239436532-1307212239-513.
  User Rights configuration was completed successfully.
  ----Configure Group Membership...
  Configure **************\Local Admins for Users.
  old memberof tattoo list: *S-1-5-32-555,*S-1-5-32-544,
  object already member of Administrators.
  object already member of Remote Desktop Users.
  new memberof tattoo list: *S-1-5-32-555,*S-1-5-32-544,
  Group Membership configuration was completed successfully.
  ----Configure Security Policy...
  Configure password information.
  Configure account force logoff information.
  System Access configuration was completed successfully.
  Configure machine\software\microsoft\windows nt\currentversion\winlogon\passwordexpirywarning.
  Configure machine\software\microsoft\windows\currentversion\policies\system\enableinstallerdetection.
  Configuration of Registry Values was completed successfully.
  Audit/Log configuration was completed successfully.
  ----Configure available attachment engines...
  Configuration of attachment engines was completed successfully.
  ----Un-initialize configuration engine...
  this is the last GPO.
  Jeet S

  ******UPDATE******
  I think I have managed to get this working. I changed the source of the policy to a different GPO. I then did the following -
  From a command prompt run gpupdate (without the force parameter)
  Ran rsop.msc and checked the policy and this time there was no red circle with an X
  Have done the same on a few users machines and it appears to apply successfully. I say this because when you go into the properties for the policy you see the following -
  The policy XYZ was correctly applied
  Just have to wait and see if it actually does what it says on the can.
  Jeet S

• I have a Mac Pro using Lion, with a SSD for system.  Restored drive from backup.  Now logon password doesn't work.  Account password still works.  Changing password in user group preferences no longer works to change logon password.

  I have a Mac Pro using Lion, with SSD for system drive.  Drive stopped booting, but otherwise appeared healthy.  Restored from system backup.  Now drive seems to work properly, BUT my logon password no longer works.  Password OK for account; can access system preferences, and change user password there BUT logon still refuses to accept password.  No luck changing password for that account after adding new administrator account and logging on from that account.  Suggestions?  Thanks.

  If you redirect Accounts to another location (not on the Boot Drive) you need to direct them back there again after a restore.
  SystemPreferences > Accounts/User&Groups > ...
  ... Unlock the lock, then hold down Control as you click on an Account to get access to the Advanced Options pane.

• Password self-service errors -  Password can be changed only once in a day

  Hi experts,
  We've been using password resets without issues for several months. Recently we upgraded from version 5.3 SP12 to SP14.
  I've read the CUP release note that explains that how password resets now validates against the ABAP system parameter for login/password_change_waittime.
  The errors we are experiencing happen even when the users' password is reset for the first time in a day.
  Error message:
  X Unable to reset password in the following system(s): ECDCLNT100. Password can be changed only once in a day
  Please advise if you have experienced this error, if there is a resolution, and/or if there is a way to disable the parameter check.
  FYI - We are only using password resets in our non-production systems and are not concerned with multiple daily password resets.
  Thanks.

  Hello
  Are you using PSS with a CUA system?
  Then you can try to upgrade the CUA to virsanh sp16.
  or maybe this note: 1552707
  KSM

• I have forgot my logon password and i have no hint can not get into my laptop.

  hello everyone
  I have forgotten my logon password and stupid me did not make a hint and now I can not access my macbook air. I went and tried other ways command r and still since i am new to mac never made a back up again stupid me. I then tried to re install the OS and it tell me that it does not see the start up OS system.
  I need my mac since this is the only form of entertainment on my ship in which i work on and am leaving this week. PLEASE someone help me.....
  Thanks
  Robin.

  There are different ways to reset the password depending on the Mac OS X version you are running. You can check it in  > About this Mac.
  If it's 10.6 or older, see "Resetting your original administrator account password" > http://support.apple.com/kb/HT1274 Also, see > https://discussions.apple.com/docs/DOC-5381
  If it's 10.7 or 10.8, try resetting your password with your Apple ID by following the steps of the link above. If it doesn't work, reset the password using Recovery > http://discussions.apple.com/docs/DOC-4101

• Managed system asking logon popup while clicking change & Workload  E2E

  Hi ,
  Managed system asking logon popup while clicking change & Workload  E2E in solman_workcenter ->RCA>E2E
  it asking logon pop-up if i click change analysis & workload analysis for all managed system.
  My Bi client for solman system is 400.but they asking my BI production system logon credential.
  I check in Solman_setup , i gave my bi client only and also i re-run my solman_setup basic configuration wizard.
  But still i am getting the pop-up.
  How to change this setting .Any help?
  Regards,
  Karthik

  Hi ,
  I found In Solman_workcenter-> RCA -> diagnosticsetup -> Diagnostic system -> Advanced setup ->last setup result showing
  "Successfully stored property setup/SMD_URL=http://<solman hostname >:50100/ into SMD repository
  Successfully stored property setup/BI_URL=http://<Bi hostname >:8080/ into SMD repository
  Stored BI URL in BI configuration : http://<BI hostname>:8080/
  Stored Diagnostics URL in BI configuration : http://<:soman hostname>50100/"
  Here BI URL is map to my BI production system. How to change solman 400
  in this place.
  how to change this setting?
  Plz give path to find SMD repository.
  Regards,
  Karthik
  Edited by: HemaKarthik on Aug 30, 2010 7:50 PM

• When I try to install flash player on my mac, I get to the panel that asks for my name and password, and it will not take my password.  tried changing to a new password and same result

  When I try to install flash player on my Mac, I get to the panel that asks for my name and password, but it will not take my password.  Tried changing the password, but same result.  Suggestions??

  This password prompt is presented by your operating system, and is intended to keep you from accidentally installing software.
  If this is your personal machine and you don't need a password to log into the computer when it first starts up, you can probably leave the password blank and click OK to get past this prompt.  If this is your personal machine and your normal password isn't working, check to make sure that CAPS LOCK is off, and type the password carefully.
  If this is your work machine and it's asking for an Administrator password, well, you'll need to have a conversation with your friendly IT person.

• Error connecting to planning database:Unsuccessful logon. Check log for det

  Hello,
  I am getting the following error which I am trying to connect to planning app data source for reports from workspace.
  planning version is 9.3.1
  can anyone suggest resolution for this?
  Thanks
  Hemanth
  03-14 13:40:41 ERROR HrDsManagerBean     com.hyperion.reporting.util.HyperionReportException: Error connecting to database connection PLN: Unsuccessful logon. Check log for details.com.hyperion.planning.HspException
       at com.hyperion.reporting.connection.UserConnection.openConnection(Ljava.lang.String;Ljava.lang.String;Ljava.lang.String;)Lcom.hyperion.ap.IAPDomain;(Unknown Source)
       at com.hyperion.reporting.connection.UserConnection.openConnection()Lcom.hyperion.ap.IAPDomain;(Unknown Source)
       at com.hyperion.reporting.connection.UserConnection.<init>(Ljava.lang.String;Lcom.hyperion.reporting.security.IHsSession;Ljava.lang.String;Ljava.lang.String;Ljava.lang.String;ILjava.lang.String;Ljava.lang.String;Ljava.lang.String;Ljava.lang.String;Ljava.lang.String;Ljava.lang.String;Ljava.lang.String;Ljava.lang.String;Ljava.lang.String;Ljava.lang.String;Ljava.lang.String;Z)V(Unknown Source)
       at com.hyperion.reporting.connection.ConnectionManager.getConnection(Lcom.hyperion.reporting.security.IHsSession;Lcom.hyperion.reporting.datasource.IHrDatasource;)Lcom.hyperion.reporting.connection.UserConnection;(Unknown Source)
       at com.hyperion.reporting.connection.ConnectionManager.getCube(Lcom.hyperion.reporting.security.IHsSession;Lcom.hyperion.reporting.datasource.IHrDatasource;Ljava.lang.String;)Lcom.hyperion.ap.IAPMdCube;(Unknown Source)
       at com.hyperion.reporting.connection.ConnectionManager.getCube(Lcom.hyperion.reporting.security.IHsSession;Ljava.lang.String;)Lcom.hyperion.ap.IAPMdCube;(Unknown Source)
       at com.hyperion.reporting.datasource.HrDsManagerBean.validateDatasource(Lcom.hyperion.reporting.datasource.IHrDatasource;)V(Unknown Source)
       at com.hyperion.reporting.datasource.HrDsManagerBean.doAddNew()Ljava.lang.String;(Unknown Source)
       at com.hyperion.reporting.datasource.HrDsManagerBean.process()Ljava.lang.String;(Unknown Source)
       at jsp_servlet._modules._com._hyperion._reporting._web._common.__hrdslogonfns._jspService(__hrdslogonfns.java:1470)
       at weblogic.servlet.jsp.JspBase.service(JspBase.java:34)
       at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:225)
       at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:127)
       at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:272)
       at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
       at com.hyperion.reporting.webviewer.HRSecurePagesFilter.doFilter(Ljavax.servlet.ServletRequest;Ljavax.servlet.ServletResponse;Ljavax.servlet.FilterChain;)V(Unknown Source)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
       at com.hyperion.reporting.webviewer.HRLocaleFilter.doFilter(Ljavax.servlet.ServletRequest;Ljavax.servlet.ServletResponse;Ljavax.servlet.FilterChain;)V(Unknown Source)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
       at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3151)
       at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
       at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
       at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:1973)

  Database is up. All the services are running fine.
  There are not changes in Servernames.
  This error is occuring in all the environments. Dev, QA and Prod.

• Received notification that password had been changed

  Received notification that my password had been changed but it was not done by me. How do I ensure this doesn't happen again ?

  I agree with TSN; it could be a phishing scam.  Clear indications: if the email message does not mention your name (but "dear valuable customer").
  Always check the originating IP address from where the message really came from (the 'From:' email header can easily be forged).

• The user's password must be changed before signing in

  I have set up a new laptop with a new of users. 
  One of these attempted to access their account, and was asked to reset their password however this screen has got stuck. The password they enter is correct (we have tried it on a different machine) but we just get the screen 'The users password must be changed
  before signing in'
  Can't get back to the start screen, can't try and login as a different user, and when I force a restart then the screen just comes back, and when I've left the battery to run down also the same screen comes back.
  When I can sometimes get the screen to go away then the screen is just blue (no markings of any kind, plain blue), and if I click or move mouse the login screen comes back.
  Any advice gratefully received

  Hi,
  Regarding current situation, let’s try following steps to check the issue:
  Step 1: Power the system off, remove the USB plugs for both the mouse and keyboard and move them to different USB ports. Power the machine back on and wait 2-3 minutes to make sure Windows has detected and set up the devices again.
  If step 1 doesn’t work, please try step 2:
  Step 2: Basically windows 8.1 stopped all the USB ports from working. Go into BIOS, for USB configuration:
  Changed it to Intel XHCI mode: Disabled
  Legacy USB Support : Enabled.
  Hope these could be helpful.
  Kate Li
  TechNet Community Support

• Why is CC not taking my password?  I changed it and it is still not accepting it.

  Why is CC not taking my password? I changed it, and it is still not accepting it.

  double check your adobe.com password, http://helpx.adobe.com/x-productkb/policy-pricing/account-password-sign-faq.html

• HT5622 I keep getting emails stating that my password had been changed but the name attached to the message is not minr but it's my email address. Is someone using my email address to sign into FaceTime or other Apple Programs?

  I keep getting emails stating that my password had been changed but the name attached to the message is not minr but it's my email address. Is someone using my email address to sign into FaceTime or other Apple Programs?

  Of you're being phished. There are a lot of phishing scams going around right now with bad guys trying to get access to apple ID's.
  Anytime you want to verify the info, do not click on any links in the mail, but open up iTUnes on your computer and check things out that way.
  If you want to verify if anything is wrong http://www.apple.com/support/appleid/contact/
  contact apple on your own and see what they say.

• Office 365 AAD Password Writeback not working; Event Viewer Error: 0x80230619 (A restriction prevents the password from being changed to the current one specified.)

  Hello all,
  I'm currently setting up a Proof Of Concept setup with directory synchronisation and password syncing to Office 365, leveraging AAD Premium for the password reset and password writeback to on premises
  AD functionality. Directory Sync + Password Sync is working flawlessly with the AADSync tool. However, upon requesting a password reset for a user, I'm hitting a password writeback error. The webpage states that the password does not meet the password
  complexity policy, while it does. I can set that particular password for that account at the on premises AD without any problem.
  In the event viewer at the AADSync server, I'm seeing this Error pop up whenever I try to reset the password:
  An unexpected error has occurred during a password set operation.  "BAIL: MMS(4032): ..\server.cpp(11003): 0x80230619 (A restriction prevents the password from being changed
  to the current one specified.) Azure AD Sync 1.0.0475.1202"
  My Setup:
  Windows Server 2012 AD with a single forest
  Seperate domain joined Windows Server 2012 for AADSync tool
  AADSync version 1.0.0475.1202 with options password sync, password writeback enabled
  Service account for AADSync tool with Replicating Directory Changes and Replicating Directory Changes All permissions
  on root AD forest structure with inheritance to all objects. This account also has the permissions to Change Password and Reset Password on all descendant
  User Objects.
  AAD Premium for my office 365 tenant
  AAD Premium licenses for the test users and the office 365 account used to sync to Office 365. This account is also Global Admin.
  Could anyone help me with this? Is there something I’m missing here? My guess is that the AAD is not trusted or the service account for AADSync tool does not have the proper permissions. I’ve tried
  many options, like setting the AADSync Service account to Enterprise Admin or granting the service account Full Control over that particular user.

  Concerning my issue:
  The Default Group Policy setting: Minimum Password Age is set at 1 day. As I was testing this feature with new users, their provisioned passwords were less than 24 hours old and the Minimum Password Age of 1 prevented the change of the password.
  After changing this to 0 days in the Default Group Policy, my password resets started working for newly created users. While this might not have affected existing users in production, it had me looking and searching for permission issues on my AD.
  So for those that might be experiencing ADSync Event ID 6329 and PasswordResetService Event ID 33008 Errors when trying to do a Password Reset using AAD Premium with Password Writeback, it might be helpful to check the applied password policy.
  The issue is solved.

• Password policy "be changed at next login" stopped working

  Due to a system failure of a 10.8.5 Open Directory master, I migrated it to a new 10.10.1. Migration seemed flawless, but now I'm experiencing a weird failure of the password policy "be changed at next login". It's simply ignored.
  10.8.5 description:
  - virtual machine with VMWare ESxi 5.5u1, 8 GB RAM, 60 GB hard drive plus a second one 150 GB
  - Server version 2.2.2, Workgroup Manager version 10.8 (409)
  - Open Directory with a self generated certificate for SSO
  - all the users have mobile account with local home template
  10.10.1 description:
  - virtual machine with VMWare ESxi 5.5u1, 8 GB RAM, 80 GB hard drive plus a second one 120 GB
  - Server version 4.0.3 (14S350), Workgroup Manager 10.9 (421)
  Migration procedure: installed ex-novo 10.10.1, at the end of installation migrated data through migration assistant from old server hard drive attached at the new VM, switched off VM, detached old server hardware, rebooted, downloaded and installed new Server version.
  All the computers bound to the Open Directory master allowed login so I thought the migration went properly, untile I discovered that the policy to change the password at next login doesn't work anymore.
  Anyone having hints/suggestions about this behaviour?
  Thanks
                 Luca

  Thank you for the suggestion. I cleared the policy database with the command you sent, but in workgroup manager I still find "be changed at next login" checked. If I check the password policy of my test user 98765 this is what I find:
  server:~ root# pwpolicy -u 98765 -getpolicy
  Getting policy for 98765
  hardExpirationDate=1970-01-01 00:00:00 +0000 requiresAlpha=0 maxMinutesOfNonUse=0 usingHistory=0 maxFailedLoginAttempts=0 newPasswordRequired=1 expirationDate=1970-01-01 00:00:00 +0000 usingHardExpirationDate=0 maxChars=0 usingExpirationDate=0 maxMinutesUntilChangePassword=0 minChars=0 canModifyPasswordforSelf=1 requiresNumeric=0
  newPasswordRequired is correctly set at 1, but there is no prompt to change password when I try to login. I don't if it's correct, but if I check the password policy after I logged on a computer, I find nothing:
  staff:~ root# pwpolicy -u 98765 -getpolicy
  Getting policy for 98765
  staff:~ root#
  Is this correct? Is the policy transferred to the login computer and in this case the transfer fails for some reason?
  Thanks for the help
                 Luca

• Solaris 10 logon password issue

  Hi,
  I bought a sun fire 2100 with Solaris 10 pre-installed;
  When the system boot up: it shows:
  Root password for system maintenance (control-d to bypass):
  But I didn't setup any password when system is boot at the first time or maybe I hit some key by mistake, coz when system firstly bootup, I had monitor issue that I can't see console output.
  So I just hit enter, and system seems by-pass the pass word?
  Nov 3 18:07:06 su: 'su root' succeeded for root on /dev/console
  Sourcing //.profile-EIS.....
  root@unknown #
  Then, I can't either create a new folder/file or setup a new root pass word.
  mkdir: Failed to make directory "a"; Read-only file system
  # passwd
  New Password:
  Re-enter new Password:
  Permission denied
  I guess all those issues are related to the logon password. What I should do to recover the logon password?
  thanks,
  Feng

  thanks for the suggestions,
  1.
  I run "svcs -x" and "svcs -v" and get the logs as attached in the end.
  2.
  Since I am the new user for solaris 10, I wonder how to fix those initialization errors?
  3.
  If I have to reinstall Solaris 10, can I do it without DVD Rom? (My sun fire 2100 box is coming without DVD reader, but have USB port)
  thanks,
  Michael,
  root@unknown # svcs -x
  svc:/system/boot-archive:default (check boot archive content)
  State: maintenance since Mon Nov 19 09:53:45 2007
  Reason: Start method exited with $SMF_EXIT_ERR_FATAL.
  See: http://sun.com/msg/SMF-8000-KS
  See: /etc/svc/volatile/system-boot-archive:default.log
  Impact: 43 dependent services are not running. (Use -v for list.)
  svc:/network/rpc/gss:default (Generic Security Service)
  State: uninitialized since Mon Nov 19 09:53:43 2007
  Reason: Restarter svc:/network/inetd:default is not running.
  See: http://sun.com/msg/SMF-8000-5H
  See: gssd(1M)
  Impact: 10 dependent services are not running. (Use -v for list.)
  svc:/application/print/server:default (LP print server)
  State: disabled since Mon Nov 19 09:53:43 2007
  Reason: Disabled by an administrator.
  See: http://sun.com/msg/SMF-8000-05
  See: lpsched(1M)
  Impact: 1 dependent service is not running. (Use -v for list.)
  root@unknown #
  root@unknown # svcs -v
  STATE NSTATE STIME CTID FMRI
  online - 9:53:43 4 svc:/system/svc/restarter:default
  online - 9:53:44 - svc:/milestone/name-services:defaut
  online - 9:53:44 - svc:/network/pfil:default
  online - 9:53:44 - svc:/network/loopback:default
  online - 9:53:44 - svc:/network/physical:default
  online - 9:53:45 - svc:/milestone/network:default
  online - 9:53:45 - svc:/system/identity:node
  online - 9:53:45 - svc:/system/filesystem/root:default
  online - 9:53:45 - svc:/network/service:default
  offline - 9:53:43 - svc:/system/utmp:default
  offline - 9:53:43 - svc:/system/sysidtool:system
  offline - 9:53:43 - svc:/system/sysidtool:net
  offline - 9:53:43 - svc:/milestone/single-user:default
  offline - 9:53:43 - svc:/system/cryptosvc:default
  offline - 9:53:43 - svc:/network/rpc/bind:default
  offline - 9:53:43 - svc:/system/console-login:default
  offline - 9:53:43 - svc:/system/device/fc-fabric:defaut
  offline - 9:53:43 - svc:/platform/i86pc/kdmconfig:defat
  offline - 9:53:43 - svc:/network/initial:default
  offline - 9:53:43 - svc:/system/identity:domain
  offline - 9:53:43 - svc:/system/filesystem/local:defaut
  offline - 9:53:43 - svc:/milestone/sysconfig:default
  offline - 9:53:43 - svc:/system/manifest-import:default
  offline - 9:53:43 - svc:/system/device/local:default
  offline - 9:53:43 - svc:/system/filesystem/usr:default
  offline - 9:53:43 - svc:/system/filesystem/minimal:deft
  offline - 9:53:43 - svc:/system/sysevent:default
  offline - 9:53:43 - svc:/milestone/devices:default
  offline - 9:53:43 - svc:/network/nfs/status:default
  offline - 9:53:43 - svc:/network/nfs/nlockmgr:default
  offline - 9:53:43 - svc:/system/power:default
  offline - 9:53:43 - svc:/system/cron:default
  offline - 9:53:43 - svc:/network/nfs/client:default
  offline - 9:53:43 - svc:/network/inetd:default
  offline - 9:53:43 - svc:/system/filesystem/autofs:defat
  offline - 9:53:43 - svc:/system/system-log:default
  offline - 9:53:43 - svc:/network/smtp:sendmail
  offline - 9:53:43 - svc:/system/rmtmpfiles:default
  offline - 9:53:43 - svc:/milestone/multi-user:default
  offline - 9:53:43 - svc:/system/name-service-cache:deft
  offline - 9:53:43 - svc:/network/ssh:default
  offline - 9:53:43 - svc:/milestone/multi-user-server:dt
  offline - 9:53:43 - svc:/application/font/fc-cache:deft
  offline - 9:53:43 - svc:/application/print/cleanup:deft
  offline - 9:53:43 - svc:/application/print/ipp-listenet
  offline - 9:53:44 - svc:/platform/i86pc/eeprom:default
  offline - 9:53:44 - svc:/system/coreadm:default
  offline - 9:53:44 - svc:/system/keymap:default
  offline - 9:53:44 - svc:/system/sac:default
  offline - 9:53:44 - svc:/system/dumpadm:default
  offline - 9:53:44 - svc:/system/fmd:default
  offline - 9:53:44 - svc:/system/zones:default
  offline - 9:53:44 - svc:/system/picl:default
  maintenance - 9:53:45 - svc:/system/boot-archive:default
  uninitialized - 9:53:43 - svc:/network/rpc/gss:default
  uninitialized - 9:53:43 - svc:/application/x11/xfs:default
  uninitialized - 9:53:43 - svc:/application/font/stfsloader:dt
  uninitialized - 9:53:43 - svc:/application/print/rfc1179:deft
  uninitialized - 9:53:43 - svc:/network/rpc/smserver:default
  uninitialized - 9:53:43 - svc:/network/rpc/rstat:default
  uninitialized - 9:53:43 - svc:/network/rpc/rusers:default
  uninitialized - 9:53:43 - svc:/network/nfs/rquota:default
  uninitialized - 9:53:44 - svc:/network/security/ktkt_warn:det
  uninitialized - 9:53:44 - svc:/network/telnet:default
  uninitialized - 9:53:44 - svc:/network/ftp:default
  uninitialized - 9:53:44 - svc:/network/finger:default
  uninitialized - 9:53:44 - svc:/network/login:rlogin
  uninitialized - 9:53:44 - svc:/network/shell:default
  uninitialized - 9:53:44 - svc:/network/rpc-100235_1/rpc_ticot
  uninitialized - 9:53:44 - svc:/network/rpc-100083_1/rpc_tcp:t
  uninitialized - 9:53:44 - svc:/network/rpc-100068_2-5/rpc_ud