Also, it might help to specify what you mean by ITM tools. It might be something obvious for you, but for me, it is nothing other than another acronym out of the alphabet soup.
________________________________ UNIX because I majored in cryptology...
This user need to discoverig the server in ITM (IBM Tivoli management like hp-ovo) database. there some admin level commands which needs to be excuted by it.
Then I must say, your understanding of nologin user is a wrong one. If it is required to execute commands, how in the earth will it be able to do it without a shell ? What you need is "no interactive login allowed" for this user and unfortunately, in hpux, there are no settings as I know of, to create a user and prevent them from executing commands but not being able to login interactively.
We employ a similar measure to keep people from logging into service accounts, like oracle, weblogic etc., directly with a code segment like below, placed in /etc/profile.
# # Deny application accounts direct login # if [[ "`/usr/bin/tty`" != "/dev/vty0" ]] then if /usr/bin/grep -q "^${LOGNAME}$" /etc/restricted.login then ls -al $(/usr/bin/tty) | /usr/bin/awk '{print $3}' | read OWNER
if [[ "${LOGNAME}" = "${OWNER}" ]] then echo "\n******************************************************" echo " Direct login as '$LOGNAME' is NOT AUTHORIZED" echo "******************************************************\n" sleep 3 kill -9 $$ fi fi fi
If the username is in/etc/restricted.login, it will not be allowed to login interactively, but it still can fire one-off commands from a remote session via ssh (ssh is our requirement, yours can be any remote protocol)
Hope this helps
________________________________ UNIX because I majored in cryptology...
