Corruption with the Password History File

Question & Answer

Question

A user receives the errors below when changing a password: 3004-622 An error occurred updating the password database. 3004-709 Error changing password for : Value is invalid.

Cause

This may indicate corruption with the password history file and not allow users or system admins to change passwords for accounts.

Answer

Overview:
The pwdhist File Purpose is to maintain password history information.

Description:
The /etc/security/pwdhist.dir and /etc/security/pwdhist.pag files are database files created and maintained by Database Manager (DBM) subroutines. The files maintain a list of previous user passwords.

Resolving the password history corruption problem:
Backup password history files:
cd to /etc/security
cp pwdhist.dir pwdhist.dir.bak
cp pwdhist.pag pwdhist.pag.bak

Zero-out the two original files:
> pwdhist.dir
> pwdhist.pag

Attempt to change the user password:
passwd <UserName>

This will allow a change to the users password, however does not log any information to the history files (they will still be zero bytes until a password change is done again).

References:
The pwdhist file: http://www.ibm.com/support/knowledgecenter/ssw_aix_72/com.ibm.aix.files/aixfiles312.htm

[{"Product":{"code":"SWG10","label":"AIX"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Component":"Support information","Platform":[{"code":"PF002","label":"AIX"}],"Version":"5.3;6.1;7.1","Edition":"","Line of Business":{"code":"LOB08","label":"Cognitive Systems"}}]

Tips

Corruption with the Password History File

Question & Answer

Question

Cause

Answer

Was this topic helpful?

Document Information

UID

Share your feedback

Need support?