How to unlock user account that has been locked up in Exadata

How to unlock user account that has been locked up in Exadata?


This is a major questions that Exadata customers has asked because of they have input the wrong character/password on the screen.
if the user locked is not root, e.g. celladmin, then login as root user and execute this command:

root@cel01# pam_tally2
Login           Failures Latest failure     From
celladmin           1    06/29/12 19:49:29  10.102.3.30


From above command you will see the failure login from which user
and the for the unlock or reset command : pam_tally2 -u <username> -r :

root@cel01# pam_tally2 -u celladmin -r
Login           Failures Latest failure     From
celladmin           1    06/29/12 19:49:29  10.102.3.30
root@cel01#


After executing above reset command, now the celladmin user can try to login again to the Exadata Cell Nodes.

Note:

pam_tally2 has the following options:

pam_tally2: [-f rooted-filename] [--file rooted-filename]
[-u username] [--user username]
 [-r] [--reset[=n]] [--quiet]

If you do not wish to have pam_tally2 enabled, please check the files in /etc/pam.d/ for entries that include "pam_tally2.so" and remove these entries

Example:

/etc/pam.d/sshd

auth       required     pam_tally2.so deny=5 onerr=fail

References:
Failed to Login Through SSH to Database Node (Doc ID 1329000.1)
Login not Possible Error: pam_tally2(sshd:auth): user oracle (1000) tally 48, deny 5 (Doc ID 1269133.1)


- wdanyant -