https://community.hpe.com/t5/operating-system-hp-ux/root-privilege/m-p/4346809#M344321 I agree with the postings above. I wouldn't give root privileges to a user. I would use sudo as stated and just allow the user certain root commands.<BR /><BR />sp, <BR /> Wed, 28 Jan 2009 18:46:07 GMT Sp4admin 2009-01-28T18:46:07Z https://community.hpe.com/t5/operating-system-hp-ux/root-privilege/m-p/4346804#M344316 i want to give the root privileges to a user 'toto'. How can i configure it?<BR /><BR />i need your help please Wed, 28 Jan 2009 16:24:10 GMT https://community.hpe.com/t5/operating-system-hp-ux/root-privilege/m-p/4346804#M344316 kacou 2009-01-28T16:24:10Z https://community.hpe.com/t5/operating-system-hp-ux/root-privilege/m-p/4346805#M344317 Sudo is good option.<BR /><BR /><BR />Install sudo first from <A href="http://www.gratisoft.us/sudo/intro.html" target="_blank">http://www.gratisoft.us/sudo/intro.html</A><BR /><BR /><BR /><BR />do "visudo". I have given basic configuration to assigh user 'toto' on machine "HP" to run "su - root" command <BR /><BR />Host_Alias SMS=HP<BR /><BR />User_Alias SUSER=toto <BR /><BR />Runas_Alias ADM = root, !root* <BR /><BR /><BR />Cmnd_Alias SUROOT=/usr/bin/su -, /usr/bin/su - root <BR /><BR />SUSER SMS=(ALL) NOPASSWD: SUROOT Wed, 28 Jan 2009 16:31:01 GMT https://community.hpe.com/t5/operating-system-hp-ux/root-privilege/m-p/4346805#M344317 Yashwant 2009-01-28T16:31:01Z https://community.hpe.com/t5/operating-system-hp-ux/root-privilege/m-p/4346806#M344318 As suggested above, sudo is the good-enough and free solution. But if you will need any sort of sccountability (for audit purposes and more) you need to look into Symark's PowerBroker application. It is not cheap by any means but does the job perfectly well.<BR /><BR /><A href="http://www.symark.com" target="_blank">http://www.symark.com</A><BR /><BR />then follow the navigation to PowerBroker product.<BR /><BR />Hope this helps Wed, 28 Jan 2009 16:34:11 GMT https://community.hpe.com/t5/operating-system-hp-ux/root-privilege/m-p/4346806#M344318 Mel Burslan 2009-01-28T16:34:11Z https://community.hpe.com/t5/operating-system-hp-ux/root-privilege/m-p/4346807#M344319 You could also look into using restricted SAM (sam -r), wherein you set the user up as a restricted SAM user who has access to selected SAM functions.<BR /><BR /><BR />Pete Wed, 28 Jan 2009 16:48:58 GMT https://community.hpe.com/t5/operating-system-hp-ux/root-privilege/m-p/4346807#M344319 Pete Randall 2009-01-28T16:48:58Z https://community.hpe.com/t5/operating-system-hp-ux/root-privilege/m-p/4346808#M344320 If you are on 11iv2 (11.23) or 11iv3 (11.31) the Role Based Access Control (RBAC) may be an option as well.<BR /><BR /><A href="http://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=AccessControl" target="_blank">http://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=AccessControl</A><BR /> Wed, 28 Jan 2009 16:51:15 GMT https://community.hpe.com/t5/operating-system-hp-ux/root-privilege/m-p/4346808#M344320 Patrick Wallek 2009-01-28T16:51:15Z https://community.hpe.com/t5/operating-system-hp-ux/root-privilege/m-p/4346809#M344321 I agree with the postings above. I wouldn't give root privileges to a user. I would use sudo as stated and just allow the user certain root commands.<BR /><BR />sp, <BR /> Wed, 28 Jan 2009 18:46:07 GMT https://community.hpe.com/t5/operating-system-hp-ux/root-privilege/m-p/4346809#M344321 Sp4admin 2009-01-28T18:46:07Z