Scribd
Upload
186 views

Data Domain - Sysadmin Locked - Sysadmin Is Not Using Default Password - Dell US

Uploaded by

604597
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
186 views

Data Domain - Sysadmin Locked - Sysadmin Is Not Using Default Password - Dell US

Uploaded by

604597
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

Article Number: 000224694

📠 Print

Data Domain: sysadmin locked - sysadmin is not using default password

Summary: sysadmin can become locked after a few days due to a bug in 7.4, even if no one has tried to log in with sysadmin.

Audience Level: Partners

Article Content

Symptoms

If sysadmin is locked and customer requests RCA, check the logs for "default password":

1) Identify the issue from DDOS:

A) log view debug/messages.engineering


B) then type "/" to search for "default password"
Apr 25 05:07:45 DD6900 sms: INFO: sms_user_validate_sysadmin_default_passwd_job: sysadmin is not using default password

2) or identify the issue from bash or from a SUB:

A) cd /ddr/var/log/debug (or SUB path)


B) grep "default password" messages.engineering
!!!! DD6900 YOUR DATA IS IN DANGER !!!! # grep "default password" messages.engineering
Apr 25 05:07:45 DD6900 sms: INFO: sms_user_validate_sysadmin_default_passwd_job: sysadmin is not using default password
Apr 26 05:07:27 DD6900 sms: INFO: sms_user_validate_sysadmin_default_passwd_job: sysadmin is not using default password
Apr 27 05:07:13 DD6900 sms: INFO: sms_user_validate_sysadmin_default_passwd_job: sysadmin is not using default password
Apr 28 05:08:00 DD6900 sms: INFO: sms_user_validate_sysadmin_default_passwd_job: sysadmin is not using default password
Apr 29 05:07:49 DD6900 sms: INFO: sms_user_validate_sysadmin_default_passwd_job: sysadmin is not using default password

Cause

An enhancement was added in DDOS 7.4 that checks every 24 hours to see if sysadmin is using the default password. The initial roll-out of
this enhancement included a bug that incorrectly increments the invalid login counter for sysadmin once daily when sysadmin is not using
the default password. If sysadmin doesn't log in successfully to the DD for a few days, the bug can cause the sysadmin account to become
locked.

Resolution

Work-around:

Log in to the DD using putty (not the GUI) after waiting longer than the login-unlock-timeout between attempts. The login-unlock-
timeout default is 120 seconds. You can view the current value in the autosupport report by searching for login-unlock-timeout or by
issuing the command "adminaccess option show" from CLI.

Fix:

Upgrade to DDOS 7.9+. Fix was also backported to 7.7.5.

Current DDOS software versions can be found here: https://www.dell.com/support/kbdoc/en-us/000081247

Article Properties
Affected Product

Data Domain, DD OS 7.4

Last Published Date

07 May 2024

Version
1

Article Type

Solution

You might also like