Sometimes I am needed to do a little Operating System administration. I work with a couple of a databases that are on the IBM AIX operating system.
Although I work with a very talented AIX administrator, he is not always available. Many times he is pulled on into meetings that can last all afternoon. Not good if you have a user who can not access one of the systems. Thankfully he has given me privileges to administer some of the more simple tasks.
The issue I faced was a user who wanted to remote to one of the database servers, and he could not log on. The e-mail read that he was unable to log on with no other details. My first instinct was to go into SMITTY and reset his password. After changing his user account password, I e-mailed him to try again.
The next e-mail he sent included the following error message:
3004-303 There have been too many unsuccessful login attempts; please see the system administrator
Side Note: At home I have an old IBM RS6000 with an old version of AIX 5 on it. Nice for practicing. The screen shots are from that server, and not one of my production servers from work.
For this example, my “mike” account on the server is set in SMITTY to lock after three failed attempts.
As a privileged user, I need to see how many times the user unsuccessfully attempted to log on. Run this command to see the number of attempts:
/usr/sbin/lsuser -a unsuccessful_login_count <username>
Note: replace <username> for the user account in question.
Because this is my own personal server, I get to log on as root. Your AIX administrator may need to bump up you privileges to run these commands.
As seen above, the failed attempts is four, which one more then permitted by the configuration set in SMITTY.
Run the following command to reset the failed attempt count back to zero:
/usr/bin/chsec -f /etc/security/lastlog -a unsuccessful_login_count=0 -s <username>
After I reset the user account to zero, I then reran the ‘lsuser’ statement to verify that the ‘unsuccessful_login_count’ was zero.
The user was then able to access the server, and I was able to move on to the next thing.