Was this helpful?
Security and Permission Errors
Ingres Net encrypts the password entered in netutil and compares it with the encrypted password in “/etc/passwd” (or your machine’s similar password file). If the two do not match, an error is returned.
How You Resolve Security Problems (UNIX)
If you are having password or other security/permission problems in Ingres Net, use the following procedure:
1. Verify that you can log in to the remote machine directly. If you cannot, you do not have the right password.
2. Using netutil, re-enter the remote user authorization.
3. If you are running NIS (“yellow pages”), the account’s correct password will be in the yellow pages password file (/etc/yppasswd) rather than in /etc/passwd. Add the following string to the end of /etc/passwd file to tell Ingres Net to look in /etc/yppaswd for the encrypted password:
+::0:0:::
4. If you have additional security such as C2 security enabled on the target machine, you must verify that the ingvalidpw executable exists in $II_SYSTEM/ingres/bin by typing:
$ ls -l $II_SYSTEM/ingres/bin/ingvalidpw
This executable is required to make the password in the secure area readable by Ingres.
Note:  Not all Ingres releases on UNIX use ingvalidpw to enforce C2 security. If the ingvalidpw executable is required for your release, it will be documented in the Readme file for your platform.
5. If the ingvalidpw executable exists:
a. Verify that it is owned by root. If not, log in as root and issue the command:
$ chown root ingvalidpw
b. Verify that it has the “set uid” bit set. If not, issue the command:
$ chmod 4711 ingvalidpw
c. Verify that the Ingres variable II_SHADOW_PWD is set to the full path to the ingvalidpw executable. Type:
$ ingprenv | grep II_SHADOW_PWD
The ingprenv utility displays the II_SHADOW_PWD variable.
6. If the ingvalidpw executable is not installed, create it using the mkvalidpw script. For details, see Create Password Validation Program (UNIX) on page 7.
 
Last modified date: 01/30/2023