digiturf.net

Authentication token is no longer valid; new one required. You (user) are not allowed to access to (crontab) because of pam configuration.


* This problem is faced with RHEL and OEL (Oracle Enteprise Linux)

# I am now logged in as user “root”
ent10db:~ # id
uid=0(root) gid=0(root) groups=0(root)

# I’ve created /etc/cron.allow and added the shown users to it.
ent10db:~ # cat /etc/cron.allow
mcdm1
mcdm6

# login as user “mcdm1”
ent10db:~ # su – mcdm1
mcdm1@ent10db:~> id
uid=33301(mcdm1) gid=30000(db2iadm) groups=30000(db2iadm)

# See if user “mcdm1” has any scheduled cron jobs.
mcdm1@ent10db:~> crontab -l

Authentication token is no longer valid; new one required
You (mcdm1) are not allowed to access to (crontab) because of pam configuration.

# Now login as user “mcdm6”,
ent10db:~ # su – mcdm6
mcdm6@ent10db:~> id
uid=33306(mcdm6) gid=30000(db2iadm) groups=30000(db2iadm)

# listing scheduled cron jobs and it works perfectly well with “mcdm6”
mcdm6@ent10db:~> crontab -l
no crontab for mcdm6

 
* When checked the password age for both the users, “mcdm1” shows as “password must be changed”, hence cron is giving this error. Changing the password of that user solves this error.

ent10db:~ # chage -l mcdm1
Last password change                                                   : password must be changed
Password expires                                                           : password must be changed
Password inactive                                                          : password must be changed
Account expires                                                             : never
Minimum number of days between password change     : 0
Maximum number of days between password change    : 99999
Number of days of warning before password expires     : 7

ent10db:~ # chage -l mcdm6
Last password change                                                    : Dec 04, 2013
Password expires                                                            : never
Password inactive                                                           : never
Account expires                                                              : never
Minimum number of days between password chan         : 0
Maximum number of days between password change     : 99999
Number of days of warning before password expires      : 7

Leave a Reply