Thursday, June 7, 2018

Recovering AIX root password using NIM server

                   
Recovering AIX root password using NIM server
---------------------------------------------------------------------------------
When AIX admin came across situation where  demand is recovery of  AIX root password.
In this situation there are 2 method

1. AIX DVD
2. NIM SPOT  // Here SPOT must be at same AIX OS level.
SPOT is shared product object tree which is used to boot NIM client(AIX LPAR).

So here i will prefer 2 option.use convenient option according to environment.

NIM SPOT : generally used for network boot of NIM client.

steps to boot NIM client(AIX LPAR) in maintenance mode

1.On NIM server define client
2.Assign NIM spot resource to client.
3.Initialize operation on NIM client(AIX LPAR) using command smitty nim_mac_op and select maint_boot = enable a machine to boot in maintenance mode
4.Boot into SMS menu.

IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM 
IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM 
IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM 
IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM 
IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM 
IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM 
IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM 
IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM 
IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM 
IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM 
IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM 
IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM 
IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM 
IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM IBM 

1 = SMS Menu 5 = Default Boot List 
8 = Open Firmware Prompt 6 = Stored Boot List 


Select option 1


5. Select option 4


Main Menu 

1. Select Language 
2. Password Utilities NOT available in LPAR mode 
3. View Error Log 
4. Setup Remote IPL (Initial Program Load) 
5. Change SCSI Settings 
6. Select Console NOT available in LPAR mode 
7. Select Boot Options 


6.On next screen admin should choose correct NIC adapter on which he set IP parameter for NIM server ,NIM client
(AIX LPAR) ,subnetmask and NIM client gateway.

Network Parameters 

1. IP Parameters 
2. Adapter Configuration 
3. Ping Test

enter value which suits network environment in your orgnization

IP Parameters 
1. Client IP Address [x.x.x.x ] 
2. Server IP Address [x.x.x.x
3. Gateway IP Address [x.x.x.x
4. Subnet Mask [x.x.x.x



7. Do ping test to verify  whether NIM server is reachable from NIM client.


Network Parameters 

1. IP Parameters 
2. Adapter Configuration 
3. Ping Test


8.Return to MAIN screen


Main Menu 

1. Select Language 
2. Setup Remote IPL (Initial Program Load) 
3. Change SCSI Settings 
4. Select Console 
5. Select Boot Options

9.Next screen


1. Select Install/Boot Device 


10. select Network


Select Device Type 
1. Diskette 
2. Tape 
3. CD/DVD 
4. IDE 
5. Hard Drive 
6. Network 
7. List all Devices 



11. On next screen admin need to choose correct adapter for network boot.

12. Select Normal boot mode.

1. Information 
2. Normal Mode Boot
3. Service Mode Boot 

13.On next screen choose YES option

Are you sure you want to exit System Management Services? 
1. Yes 
2. No 

14.On next screen choose "Access a Root Volume Group".


Type the number of your choice and press Enter. 


0 Continue 

88 Help ? 
 99 Previous Menu 


15. After choosing  0 option and it will list volume group details .



Option1 Access this volume group and start a shell before mounting file systems
Option 2 Allows you to perform file system maintenance on /, /usr, /tmp, and /var before mounting them
.
16.choose correct volume group.

17.

choose option 1 and press Enter. 

1) Access this Volume Group and start a shell   
2) Access this Volume Group and start a shell before mounting filesystems 



18. If AIX admin wants to edit file he must set TERM to terminal type.


If you intend to use SMIT or vi, set your terminal type in preparation for editing the file.

terminal types are lft, ibm3151, or vt100.

        TERM=
        export TERM
when admin want to edit any configuration file at that point export of TERM variable will come in picture.

19.
Execute command
 #passwd root   //To chnage root passwd

set password
20. sync;sync;sync;reboot     //To save changes

Second method ,which i will say traditional one is using AIX OS media DVD to recover or reset password .

other solution for resetting AIX server root password are like below
1.Find Jump server from where trust(pass-wordless configuration) configured to affected server and 
reset password of root
2. Sudo root access to other user than root ,so that user can execute root user command to reset password.


Thanks









1 comment:

  1. I am thankful to this blog giving unique and helpful knowledge about this topic. Erg recovery

    ReplyDelete