HPE Community read-only access December 15, 2018
This is a maintenance upgrade. You will be able to read articles and posts, but not post or reply.
Hours:
Dec 15, 4:00 am to 10:00 am UTC
Dec 14, 10:00 pm CST to Dec 15, 4:00 am CST
Dec 14, 8:00 pm PST to Dec 15, 2:00 am PST
cancel
Showing results for 
Search instead for 
Did you mean: 

HP SMH on 11iv3

 
christian_derek
Regular Advisor

HP SMH on 11iv3

Hi,

I need to have only 2 users accessing the HP SMH web to allow them to reset the password for users.

Can I do this? and how?

Thansk,
6 REPLIES
Tim Nelson
Honored Contributor

Re: HP SMH on 11iv3

The old HP "SAM" use to allow this restricted SAM option.

I do not know if SMH does ( doubt it, but then again I do not use it. ever ;)

An alternative if SMH fails to meet your need could be to create a script that restricts the userids that passwords can be changed on ( not root ) then install and use sudo giving permission to these two users to the script.

christian_derek
Regular Advisor

Re: HP SMH on 11iv3

Hi,

The people in charge of changing the password never connect to the hpux, this is why we show them the hp smh, but this is not secure at all.

Thansk,
Rita C Workman
Honored Contributor

Re: HP SMH on 11iv3

huh....

I don't believe SMH will buy this for you either.
You need sudo or some other third party sofware to distribute limited/controlled root access for these two users.

You might create their accounts, but in their .profile as soon as they login it runs a script.
The script it runs can be a simple case stmt that pulls up a screen once they login and the only option for them is to reset passwords; or exit.
..and make sure you have it written so that if they try to Ctl-C out of it, it logs them out immediately....

Rgrds,
Rita
Steven E. Protter
Exalted Contributor

Re: HP SMH on 11iv3

Shalom,

sudo is your best bet. I poked around smh and did not see the equivalent of restricted sam.

Sad really as this was useful.

I would create a special user for the purpose and not give it root priv.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
christian_derek
Regular Advisor

Re: HP SMH on 11iv3

Hi,

I'm pretty sure there is a restricted smh a the o/s level, but would like the web interface. Let me try smh -r, I will let you know,

Thansk,
christian_derek
Regular Advisor

Re: HP SMH on 11iv3

hi,

restricted smh exist for 11Iv3, here is the info, it look like we can achieve the same thing with the web version


# smh -r
The privileges set for the user from the Text User Interface doesn't
apply to Graphical User Interface. System Management Homepage(SMH) in
Graphical User Interface has a different way of setting the privileges.
Please look at smh(1M) man page for more information

Do you want to continue (y/n) :

Thanks,