HPE Community read-only access December 15, 2018
This is a maintenance upgrade. You will be able to read articles and posts, but not post or reply.
Hours:
Dec 15, 4:00 am to 10:00 am UTC
Dec 14, 10:00 pm CST to Dec 15, 4:00 am CST
Dec 14, 8:00 pm PST to Dec 15, 2:00 am PST
System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

How to fix the max no of login session of particular user

 
SOLVED
Go to solution
Kuntal Gupta
Frequent Advisor

How to fix the max no of login session of particular user

Hi experts,

HP-UX 11.31,

nstrtel is 1000.

How to fix the max no of allowed telnet session for following user with the given value?

root=5

user1=250

user2=450

user3=295

regards...

Kuntal
10 REPLIES
vishnu.khandare
Respected Contributor

Re: How to fix the max no of login session of particular user

Hi Kuntal,

Check the below kernel tunables and you may need to increase as per your requirement
#kctune

npty
nstrpty
nstrtel

The default values for these tunable in v3 is 60
As these tunables are static ,You nee to reboot the server for change to take effect.
recommended value of this parameter be set to 512.

Refer below thread

http://forums11.itrc.hp.com/service/forums/questionanswer.do?threadId=1344064

Hope this solves ur issue
Dont forget to assign points.

Regards
Vishnu Khandare
You should deserve before U desire!!!!
Kuntal Gupta
Frequent Advisor

Re: How to fix the max no of login session of particular user

Thanks Mr Vishnu,

I think I didn't put my quarry properly. Let me explain once again.

Im my system, max 1000 users can login, but there is no restriction of the upper limit of opening telnet session for a particular user. I want to freeze the max telnet session for a particular user.

Say, now total user login is 780, and any user can open a fresh telnet session. But i want to set a value for a prticular user.If user1 has already opened 250 sessions, he can not open any more though till 220 (1000-780) sessions can be opened.

I hope it will help you understanding my quarry.

regards...

Kuntal
vishnu.khandare
Respected Contributor

Re: How to fix the max no of login session of particular user

Hi Kuntal,

I dont thing so we can restrict perticular user sessions logins in HP Unix to perticular no.

Regards
Vishnu Khandare
You should deserve before U desire!!!!
Doug O'Leary
Honored Contributor

Re: How to fix the max no of login session of particular user

Hey;

>>I dont thing so we can restrict perticular user sessions logins in HP Unix to perticular no.

yes, you can - particularly with HPUX 11.31

man security

It outlines the parameters and values that can be applied in /etc/default/security. Pay particular attention to NUMBER_OF_LOGINS_ALLOWED.

If, for whatever reason that doesn't work, an if/then in /etc/profile should do the trick:

if [ ${LOGNAME} != "root" ]
then
n=$(w | grep -i ${LOGNAME} | wc -l)
if [ ${n} -gt ${max} ]]
then
echo "how many windows can you possibly type in at the same time???"
exit
fi
fi

NOTE: That's *completely* untested... to be used as an example only.

Hope that helps.

Doug O'Leary

------
Senior UNIX Admin
O'Leary Computers Inc
linkedin: http://www.linkedin.com/dkoleary
Resume: http://www.olearycomputers.com/resume.html
Kuntal Gupta
Frequent Advisor

Re: How to fix the max no of login session of particular user

Thanks a lot Mr Doug O'Leary,

I will definitely try will get back to all of you (tomorrow).

regards...

Kuntal
Patrick Wallek
Honored Contributor

Re: How to fix the max no of login session of particular user

>>It outlines the parameters and values that can be applied in /etc/default/security. Pay particular attention to NUMBER_OF_LOGINS_ALLOWED.

Yes, that will give you **SOME** control, but it will NOT allow you do 250 for user1, 450 for user2 and it does not apply to root at all.

Doug O'Leary
Honored Contributor

Re: How to fix the max no of login session of particular user

Hey;

You are quite correct; however, there's also a reference in that same section of the man page to an entry that can be made to the userdb. "man userdb" shows the parameter to be the same NUMBER_OF_LOGINS_ALLOWED.

Should that prove untenable, the per user limit could be easily added in the logic in /etc/profile and with the use of an external data table

user1:250
user2:450

etc.

The point I was making is limiting the number of simultaneous logins *can* be done ... several different ways.

Doug O'Leary

------
Senior UNIX Admin
O'Leary Computers Inc
linkedin: http://www.linkedin.com/dkoleary
Resume: http://www.olearycomputers.com/resume.html
Patrick Wallek
Honored Contributor

Re: How to fix the max no of login session of particular user

Hi Doug,

That is good to know. I was looking at the 11.23 security man page as I don't have 11.31.

Thanks for the additional info!
Ismail Azad
Esteemed Contributor
Solution

Re: How to fix the max no of login session of particular user

Kuntal,

In HPUX 11iv3 operating system, we don't convert the system to trusted system anymore and use SMSE for which we have commands like userdbget, userbdset and userdbck which takes the attributes of a file called as /etc/security.dsc and per user account you will be able to configure the number of logins allowed. The biggest advantage of this in HPUX 11iv3 is that I can also configure users who are associated with NIS and LDAP and have all the advantages of a trusted system as well,

Regards
Read, read and read... Then read again until you read "between the lines".....
Kuntal Gupta
Frequent Advisor

Re: How to fix the max no of login session of particular user

THANKS a lot Mr Ismail Azad, it worked.

#/usr/sbin/userdbset -u NUMBER_OF_LOGINS_ALLOWED=x

#userdbget -u --- TO CONFIRM


Thanks once again....

Kuntal