Oscar Posted March 23, 2020 Posted March 23, 2020 Hi Guys, Can you please tell me if there is a way to reset the root account on a linux server with an AD account with privilege? We do this with windows server. On linux, i can reset other accounts password but not the root. We are running build 8865 Thank you!
support Posted March 24, 2020 Posted March 24, 2020 Hello Oscar, We do not have support for resetting root account with an Active Directory account sorry. Is this how you normally reset the password for your root accounts? Regards Click Studios
Oscar Posted March 24, 2020 Author Posted March 24, 2020 Yeah. When i log into a server as an AD account, i would run: sudo passwd root
support Posted March 24, 2020 Posted March 24, 2020 Thanks Oscar. We do not have any specific support for doing this, but have you tried specifying an AD account as the Privileged Account Credential? I assume you have and it does not work. Regards Click Studios
Oscar Posted March 26, 2020 Author Posted March 26, 2020 Correct, i did this, and it's not working. It changes other local accounts, but not the root account. :/
support Posted March 31, 2020 Posted March 31, 2020 Hi Oscar, Can you set the AD account in the sudoers file as per section 14 of this document and hopefully this helps? https://www.clickstudios.com.au/downloads/version9/Password_Discovery_Reset_and_Validation_Requirements.pdf Regards, Support
Oscar Posted April 2, 2020 Author Posted April 2, 2020 That didnt seem to work unfortunately, unless im doing something wrong. I vi /etc/sudoers file and add the follow at the very bottom: ## Enable sudo rootpw for Passwordstate Privileged Account Defaults Defaults:<svc_password_reset> rootpw Save it, then try to run the password reset again, and still nothing. The password to root is unchanged.
support Posted April 2, 2020 Posted April 2, 2020 Hi Oscar, could you try removing the < > in the username and see if that helps? ## Enable sudo rootpw for Passwordstate Privileged Account Defaults Defaults:svc_password_reset rootpw If that doesn't help then we're unsure sorry, as we do not have an environment set up to use AD accounts with Linux machines. Regards, Support
JangoJeff Posted June 30, 2020 Posted June 30, 2020 I found this post as I need the same functionality. I was able to get it to work by adding my full domain to the user account. Example below. ## Enable sudo rootpw for Passwordstate Privileged Account Defaults Defaults:svc_password_reset@example.com rootpw I personally added it to a /etc/sudoers.d/some_sudoers_file as I do not like to modify the original sudoers file, /etc/sudoers, if I can help it. It works in either of these locations.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now