Originally posted by: invisiblehand

Dear AIX Gurus,

I would like to setup an alternative account for emergency in order to reset the admin account passwords on an AIX 5.3 box. I have created a general user account and granted the ManageAllUsers role. I can reset the password of non admin users, but not admin users, using the pwdadm command.

toor@testing:/home/toor>pwdadm user
Changing password for "user"
toor's Password:
user's New password:
Re-enter user's new password:
toor@testing:/home/toor>pwdadm admin
Changing password for "admin"
toor's Password:
admin's New password:
Only the system administrator can change this password.
You are not authorized to change "admin's" password.

Any thoughts on how to get that done? Appreciate if you can give me some hint. :^-)

Many thanks,
Invisible Hand
#AIX-Forum

Originally posted by: chrissmith

Suspect you will need to add security as a group for the password administrator id
#AIX-Forum

Originally posted by: invisiblehand

Chris, thanks for the reply. I had tried associating the user into the security group, but I still cannot change the password for admin accounts. Would that be the case that the ManageAllPasswds role in AIX 5.3 would only allow changing non-admin user passwords? Any thoughts?
#AIX-Forum

Originally posted by: chrissmith

admin Defines the administrative status of the user. Possible values are:

true
The user is an administrator. Only the root user can change the attributes of users defined as administrators.
false
The user is not an administrator. This is the default value.
http://publib.boulder.ibm.com/infocenter/aix/v6r1/index.jsp?topic=/com.ibm.aix.files/doc/aixfiles/user.htm
#AIX-Forum

Originally posted by: invisiblehand

I had also tried setting admin=true with that user, but still I would not be able to perform password reset for admin users. I was suspecting that the ManageAllPasswds role does not apply to admin user on AIX 5.3.
#AIX-Forum