Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Help changing lost system password in vms 5.5

331 views
Skip to first unread message

Imbdavison

unread,
Jun 30, 1996, 3:00:00 AM6/30/96
to

Im having trouble changing the system password that was lost when the
UAF*.DAT file was apparently deleted. I have been booting the vax by
setting the UAFALTERNATE to 1 and going in from there, but have been
running into probs switching back to uafalt 0 and rewriting the password.
Am I doing something wrong?

Brady

Brendan White

unread,
Jul 1, 1996, 3:00:00 AM7/1/96
to

Just try copying the alternate UAF to the real one. It should work.

--
Brendan White
bw0...@uhura.cc.rochester.edu
"Strange how laughter looks like crying with no sound.. raindrops taste like
tears without the pain" -- Queensryche

Stephen Hoffman

unread,
Jul 1, 1996, 3:00:00 AM7/1/96
to

In article <4r772n$7...@newsbf02.news.aol.com>, imbda...@aol.com (Imbdavison) writes:
:Im having trouble changing the system password that was lost when the
:UAF*.DAT file was apparently deleted. I have been booting the vax by
:setting the UAFALTERNATE to 1 and going in from there, but have been
:running into probs switching back to uafalt 0 and rewriting the password.
:Am I doing something wrong?

The UAFALTERNATE parameter works by causing OpenVMS to define a
system-level logical name SYSUAF to reference the alternate file
SYS$SYSTEM:SYSUAFALT, and I suspect it is the effects of this
logical name that you are encountering.

To reference the "real" system authorization database, define a few
logical names similar to the following:

$ define/job sysuaf sys$system:sysuaf.dat
$ define/job rightslist sys$system:rightslist.dat
$ define/job netproxy sys$system:netproxy.dat
$ define/job net$proxy sys$system:net$proxy.dat

You can now invoke AUTHORIZE from any directory -- the SYSUAF logical
redirecting SYSUAF to SYS$SYSTEM:SYSUAFALT will be "masked" by the
above-created SYSUAF job logical name. (You can put these entries
in your login, as well.)

For information on the typical procedures used to log into an OpenVMS
system where you've forgotten the system password, see the OpenVMS
Frequently Asked Questions (FAQ) -- a pointer included is below.

You will also want to review your BACKUP schedules and procedures. :-)

------------------------- pure personal opinion ---------------------------
Stephen Hoffman OpenVMS Engineering hof...@xdelta.enet.dec.com
---------------------------------------------------------------------------
Answers to OpenVMS Frequently Asked Questions (FAQ):
ftp://ftp.digital.com/pub/Digital/dec-faq/vms, http://www.openvms.digital.com


Steve Lionel

unread,
Jul 2, 1996, 3:00:00 AM7/2/96
to

In article <4r772n$7...@newsbf02.news.aol.com>, imbda...@aol.com (Imbdavison)
writes:
|>Im having trouble changing the system password that was lost when the
|>UAF*.DAT file was apparently deleted. I have been booting the vax by
|>setting the UAFALTERNATE to 1 and going in from there, but have been
|>running into probs switching back to uafalt 0 and rewriting the password.
|>Am I doing something wrong?

Rather than use UAFALTERNATE, use the following sequence as outlined in the
OpenVMS Frequently Asked Questions list. (You should obtain a copy of the
FAQ - there's a pointer on my slionel.html web page (see signature).

MGMT5. I've forgotten the SYSTEM password - what can I do?

If you need to "break in" to an OpenVMS system because you've forgotten
the SYSTEM password, you need to have physical access to the system console
and must be able to reboot the system. Here are the steps.

1. Halt the system (press halt button or ^P on console of some models)
2. Boot into the SYSBOOT prompt - the syntax for this varies by
system - it typically involves a flag of 1, for example:
B/1
B/R5:1
b -flags 0,1 (Recent Alpha systems)
If your system has a hardware password (some VAXstations have
this), you will need to know the password and enter it using the
LOGIN command at the console. If you get an "Inv cmd" error trying
to boot with a flag of 1, and can't LOGIN using the hardware password,
you're stuck - call for hardware service to reset the hardware password.
3. At the SYSBOOT> prompt type:
SET/STARTUP OPA0:
SET WRITESYSPARAMS 0
C
4. Wait for the $ prompt. The system will now be accepting startup
commands form the console. Type:
SPAWN
@SYS$SYSTEM:STARTUP

This causes the system to complete the startup, but leaves you
logged in. The SPAWN is necessary as without it you'll be logged out
when the startup finishes.
5. Type:
SET DEFAULT SYS$SYSTEM: ! or wherever SYSUAF.DAT resides
RUN SYS$SYSTEM:AUTHORIZE
MODIFY SYSTEM /PASSWORD=newpassword
EXIT

This changes the SYSTEM password to a new value.
6. Type:
@SYS$SYSTEM:SHUTDOWN

The system will now shut down.

Reboot the system normally - the SYSTEM password should now be set as
you specified in step 5.

Some people will suggest a method using the UAFALTERNATE SYSGEN parameter.
I don't recommend this as it is not reliable.

--

Steve Lionel mailto:lio...@quark.zko.dec.com
Fortran Development http://www.digital.com/info/slionel.html
Digital Equipment Corporation
110 Spit Brook Road, ZKO2-3/N30
Nashua, NH 03062-2698 "Free advice is worth every cent"

For information on Digital Fortran, see http://www.digital.com/info/hpc/fortran/

STEVE SMITH

unread,
Jul 2, 1996, 3:00:00 AM7/2/96
to IMBDA...@aol.com

imbda...@aol.com (Imbdavison) wrote:
>Im having trouble changing the system password that was lost when the
>UAF*.DAT file was apparently deleted. I have been booting the vax by
>setting the UAFALTERNATE to 1 and going in from there, but have been
>running into probs switching back to uafalt 0 and rewriting the password.
>Am I doing something wrong?
>
>Brady
TRY THE FOLLOWING FROM SYSTEM CONSOLE AFTER SHUTDOWN AND YOU HAVE CONSOLE
PROMPT
>B/1
>SET/STARTUP OPA0:
>CONT
AFTER A FEW MINUTES YOU SHOULD GET $ PROMPT
$ @SYS$SYSTEM:STARTUP.COM
AFTER SYSTEM BOOT IS DONE DO A CTRL-C AND AT THE $ GO INTO AUTHORIZE AND
CHANGE PASSWORD, THEN HALT MACHINE AND DO FOLLOWING
>B/1
>SET /STARTUP SYS$SYSTEM:STARTUP.COM
>CONT

SYSTEM SHOULD COME UP NORMAL NOW, THIS STUFF ISN'T REALLY PUBLISHED
BECAUSE ONCE YOU GET TO THE SYSTEM CONSOLE YOU CAN BREAK INTO ANY VAX
SYSTEM.


STEVE...


STEVE SMITH

unread,
Jul 2, 1996, 3:00:00 AM7/2/96
to BRADY

HERE IS SOMETHING YOU CAN USE. 1ST SET UAFALTERNATE BACK TO 0 AND SHUTDOWN
YOU THEN WANT TO GET TO SYSTEM CONSOLE OTHERWISE THIS WONT WORK. B/1
ONCE IN SYSBOOT "SET /STARTUP OPA0:", AFTER A FEW MINUTES SYSTEM SHOULD
GIVE YOU A $ PROMPT, SPAWN A FEW TIMES THE DO "@SYS$SYSTEM:STARTUP.COM".
ONCE SYSTEM COMES UP THEN DO A CTRL-C AND AT $ PROMPT GO INTO AUTHORIZE
AND CHANGE PASSWORD. THEN HALT MACHINE, B/1, SET/STARTUP
SYS$SYSTEM:STARTUP.COM AND THEN CONTINUE. YOU SHOULD COME UP NORMALLY NOW
AND BE ABLE TO LOG INTO THE ACCOUNT. THIS IS SOMETHING THAT REALLY ISN'T
PUBLISHED.

STEVE...


STEVE SMITH

unread,
Jul 2, 1996, 3:00:00 AM7/2/96
to BRADY

STimbd...@aol.com (Imbdavison) wrote:
>Im having trouble changing the system password that was lost when the
>UAF*.DAT file was apparently deleted. I have been booting the vax by
>setting the UAFALTERNATE to 1 and going in from there, but have been
>running into probs switching back to uafalt 0 and rewriting the password.
>Am I doing something wrong?
>
>Brady

EVE...


STEVE SMITH

unread,
Jul 2, 1996, 3:00:00 AM7/2/96
to

HERE IS SOMETHING TO TRY FROM THE SYSTEM CONSOLE. 1ST SHUTDOWN SYSTEM
THEN TYPE B/1 ONCE IN SYSBOOT SET UAFALTERNATE 0, SET/STARTUP OPA0:, THEN
TYPE CONT. AFTER A FEW MINTUES YOU SHOULD GET A $ PROMPT. SPAWN ABOUT 3
TIMES THEN DO "@SYS$SYSTEM:STARTUP.COM". ONCE SYSTEM COMES UP THEN DO A
CTRL-C. AT $ PROMPT GO INTO AUTHORIZE AND CHANGE PASSWORD. THEN HALT
MACHINE AND DO B/1 AGAIN, IN SYSBOOT SET/STARTUP SYS$SYSTEM:STARTUP.COM
THEN TYPE CONT AND SYSTEM SHOULD COME UP AND NEW PASSWORD WILL WORK, THIS
STUFF ISN'T PUBLISHED BECAUSE YOU CAN SEE HOW YOU CAN BREAK INTO ANY
SYSTEM IF YOU GET TO THE CONSOLE.

Mike Rechtman

unread,
Jul 3, 1996, 3:00:00 AM7/3/96
to

>TRY THE FOLLOWING FROM SYSTEM CONSOLE AFTER SHUTDOWN AND YOU HAVE CONSOLE

.
.
.


>
>SYSTEM SHOULD COME UP NORMAL NOW, THIS STUFF ISN'T REALLY PUBLISHED

>BECAUSE ONCE YOU GET TO THE SYSTEM CONSOLE YOU CAN BREAK INTO ANY VAX
>SYSTEM.
>
>
>STEVE...
>

1. Please don't SHOUT
2. See VMS System manager's manual pp. 2-21 to 2-22 (The one I have right
here is from VMS 5.0, but the stuff is probably in the new 'Essentials'
manual too.)
3. Security by ignorance was _never_ a good idea. Rather keep access to your
console as secure as possible, than trust to users no knowing how to
break in.

-------------------------------------------------
Usual disclaimers apply. All my opinions are mine
alone - perhaps not even that.
Mike Rechtman rech...@shani.net
(work rech...@taveng.enet.dec.com)
Voice (home) 972-2-9908337
PSI%425120012117::Mike
-------------------------------------------------

geze...@rlgsc.com

unread,
Jul 3, 1996, 3:00:00 AM7/3/96
to

In article <4rbulq$2...@Nntp1.mcs.net>, STEVE SMITH <SSM...@CTT.OPS.COM> writes:
>>Im having trouble changing the system password that was lost when the
>>UAF*.DAT file was apparently deleted. I have been booting the vax by
>>setting the UAFALTERNATE to 1 and going in from there, but have been
>>running into probs switching back to uafalt 0 and rewriting the password.
>>Am I doing something wrong?
>>
>>Brady
> TRY THE FOLLOWING FROM SYSTEM CONSOLE AFTER SHUTDOWN AND YOU HAVE CONSOLE
> PROMPT
>>B/1
>>SET/STARTUP OPA0:
>>CONT
> AFTER A FEW MINUTES YOU SHOULD GET $ PROMPT
> $ @SYS$SYSTEM:STARTUP.COM
> AFTER SYSTEM BOOT IS DONE DO A CTRL-C AND AT THE $ GO INTO AUTHORIZE AND
> CHANGE PASSWORD, THEN HALT MACHINE AND DO FOLLOWING
>>B/1
>>SET /STARTUP SYS$SYSTEM:STARTUP.COM
>>CONT
>
> SYSTEM SHOULD COME UP NORMAL NOW, THIS STUFF ISN'T REALLY PUBLISHED
> BECAUSE ONCE YOU GET TO THE SYSTEM CONSOLE YOU CAN BREAK INTO ANY VAX
> SYSTEM.
>
>
> STEVE...
>
--
Steve,

Actually, this material is published, just almost nobody bothers to RTFM.
You will find a description of this procedure in the SYSTEM MANAGERS
MANUAL.

In a security environment, it is presumed that if one has physical access
to the system, then one can break in. If one is worried about break-ins by
people with physical access to the system, then one must invest in physical
security for the system itself.

- Bob
+--------------------------------------------------------------------------+
| Robert "Bob" Gezelter E-Mail: geze...@rlgsc.com |
| Robert Gezelter Software Consultant Voice: +1 718 463 1079 |
| 35-20 167th Street, Suite 215 Fax: (on Request) |
| Flushing, New York 11358-1731 |
| United States of America |
+--------------------------------------------------------------------------+

Phil Ottewell (Yezerski Roper Ltd.)

unread,
Jul 3, 1996, 3:00:00 AM7/3/96
to

-----BEGIN PGP SIGNED MESSAGE-----

In article <4rbtog$2...@Nntp1.mcs.net>, STEVE SMITH <SSM...@CTT.OPS.COM> writes:
[snip]


> AND BE ABLE TO LOG INTO THE ACCOUNT. THIS IS SOMETHING THAT REALLY ISN'T
> PUBLISHED.

[snip]
Never trust a man who can't find the Caps lock key (just kidding Steve ;-) !
This information is published (virtually ?) in the "Guide to Setting Up a VMS
System" section 3.2.3 in my hardcopy version.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv

iQCVAwUBMdp6hwFrKHWv1IPxAQGbVgP/S99uxy178csPdiIjqQMzbeKKQYPMCJZn
ARBxyMwwfm7yVfbtRA0Ixy8KWo7fB+fE1TiEi8Whuou6/mGK0BK1pvpYt88R0MOu
+tv5ZOvjaDUqUKaJk9zcdGqvainH6Uv8l5GRA6PaYsN4oLzUpzyKJJGTFVz7N6AR
kjQ048be8eM=
=ycd6
-----END PGP SIGNATURE-----

0 new messages