Unable to change Admin Password
11431
Created On 06/20/19 22:15 PM - Last Modified 04/20/24 02:17 AM
Symptom
- An admin user attempts to make changes to the password for a local administrator user, but the changes are not taking effect.
- Ms.log (less mp-log ms.log) outputs the following which indicates that the password file is being locked and no further changes can be applied for the admin accounts:
usermod: unable to lock password file
/usr/sbin/pwconv: can't lock passwd file
- Similar logs can also be found in Configd logs (less mp-log configd.log)
useradd: existing lock file /etc/passwd.lock with an invalid PID '#%PAM-'
useradd: cannot lock /etc/passwd; try again later.
Environment
- Palo Alto Networks Firewall or Panorama
- Any PAN-OS
Cause
This issue is usually caused by an unclean shutdown or sudden power loss to the device causing the 'passwd file' to be corrupted.
Resolution
- This process requires root access.
- Please call into support line where an engineer will assist you.
- Reference this article to expedite the process.