HPE Community read-only access December 15, 2018
This is a maintenance upgrade. You will be able to read articles and posts, but not post or reply.
Hours:
Dec 15, 4:00 am to 10:00 am UTC
Dec 14, 10:00 pm CST to Dec 15, 4:00 am CST
Dec 14, 8:00 pm PST to Dec 15, 2:00 am PST
Community
System Administration
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

HP SMH on 11iv3

 
christian_derek
christian_derek
Regular Advisor

‎06-15-2010 09:39 AM

‎06-15-2010 09:39 AM

HP SMH on 11iv3

Hi,

I need to have only 2 users accessing the HP SMH web to allow them to reset the password for users.

Can I do this? and how?

Thansk,
0 Kudos
Reply
6 REPLIES
Tim Nelson
Tim Nelson
Honored Contributor

‎06-15-2010 11:03 AM

‎06-15-2010 11:03 AM

Re: HP SMH on 11iv3

The old HP "SAM" use to allow this restricted SAM option.

I do not know if SMH does ( doubt it, but then again I do not use it. ever ;)

An alternative if SMH fails to meet your need could be to create a script that restricts the userids that passwords can be changed on ( not root ) then install and use sudo giving permission to these two users to the script.

0 Kudos
Reply
christian_derek
christian_derek
Regular Advisor

‎06-15-2010 11:27 AM

‎06-15-2010 11:27 AM

Re: HP SMH on 11iv3

Hi,

The people in charge of changing the password never connect to the hpux, this is why we show them the hp smh, but this is not secure at all.

Thansk,
0 Kudos
Reply
Rita C Workman
Rita C Workman
Honored Contributor

‎06-15-2010 11:40 AM

‎06-15-2010 11:40 AM

Re: HP SMH on 11iv3

huh....

I don't believe SMH will buy this for you either.
You need sudo or some other third party sofware to distribute limited/controlled root access for these two users.

You might create their accounts, but in their .profile as soon as they login it runs a script.
The script it runs can be a simple case stmt that pulls up a screen once they login and the only option for them is to reset passwords; or exit.
..and make sure you have it written so that if they try to Ctl-C out of it, it logs them out immediately....

Rgrds,
Rita
0 Kudos
Reply
Steven E. Protter
Steven E. Protter
Exalted Contributor

‎06-15-2010 11:42 AM

‎06-15-2010 11:42 AM

Re: HP SMH on 11iv3

Shalom,

sudo is your best bet. I poked around smh and did not see the equivalent of restricted sam.

Sad really as this was useful.

I would create a special user for the purpose and not give it root priv.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
christian_derek
christian_derek
Regular Advisor

‎06-15-2010 11:45 AM

‎06-15-2010 11:45 AM

Re: HP SMH on 11iv3

Hi,

I'm pretty sure there is a restricted smh a the o/s level, but would like the web interface. Let me try smh -r, I will let you know,

Thansk,
0 Kudos
Reply
christian_derek
christian_derek
Regular Advisor

‎06-15-2010 11:52 AM

‎06-15-2010 11:52 AM

Re: HP SMH on 11iv3

hi,

restricted smh exist for 11Iv3, here is the info, it look like we can achieve the same thing with the web version


# smh -r
The privileges set for the user from the Text User Interface doesn't
apply to Graphical User Interface. System Management Homepage(SMH) in
Graphical User Interface has a different way of setting the privileges.
Please look at smh(1M) man page for more information

Do you want to continue (y/n) :

Thanks,
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.