Topic
  • No replies
SystemAdmin
SystemAdmin
9855 Posts

Pinned topic User account has expired - AIX 7.1/ITDS 6.3/sudo 1.9.6p6

‏2013-02-25T19:43:23Z |
With the subject configuration, I attempt SUDO as follows:
$ sudo su -
tdaley's Password:
tdaley is not in the sudoers file. This incident will be reported.
$

The log shows:
Feb 25 14:43:48 uanisa00 auth|security:debug sudo PAM: pam_authenticate: error A
uthentication failed
Feb 25 14:43:53 uanisa00 auth|security:debug sudo PAM: pam_acct_mgmt: error User
account has expired
Feb 25 14:43:53 uanisa00 auth|security:alert sudo: tdaley : user NOT in sudoer
s ; TTY=unknown ; PWD=/home/tdaley/sudo-1.8.6p6 ; USER=root ; COMMAND=/usr/bin/s
u -

lsuser shows:
  1. lsuser -R LDAP tdaley
tdaley id=5020 pgrp=staff groups=staff home=/home/tdaley shell=/usr/bin/sh login=true su=true rlogin=true daemon=true admin=false sugroups=ALL admgroups= tpath=nosak ttys=ALL expires=0 auth1=SYSTEM auth2=NONE umask=22 registry=LDAP SYSTEM=LDAP logintimes= loginretries=0 pwdwarntime=0 account_locked=false minage=0 maxage=0 maxexpired=-1 minalpha=0 minloweralpha=0 minupperalpha=0 minother=0 mindigit=0 minspecialchar=0 mindiff=0 maxrepeats=8 minlen=0 histexpire=0 histsize=0 pwdchecks= dictionlist= default_roles= fsize=-1 cpu=-1 data=-1 stack=-1 core=2097151 rss=-1 nofiles=-1 time_last_login=1361817110 time_last_unsuccessful_login=1361396595 tty_last_login=/dev/pts/2 tty_last_unsuccessful_login=ssh host_last_login=lhitglf2274r1.net.ccci.org host_last_unsuccessful_login=lhitglf2274r1.net.ccci.org unsuccessful_login_count=0 roles=
#

The password for tdaley was entered correctly. tdaley is in LDAP SUDOers. So much for the simple stuff. Any advice?