HPE Community
Operating System - HP-UX
1832978 Members
3034 Online
110048 Solutions
New Discussion

Re: Allow user change password for only a specific group

 
Vic S. Kelan
Regular Advisor

‎06-01-2005 03:57 AM

‎06-01-2005 03:57 AM

Allow user change password for only a specific group

Hi,

Please can any one give me a detailed way to allow a none root user change password for only a specific group only?

Can Sam r do that? How please? And if sudo any body got a useful script to share?

Thanks, and I appreciate the help!!
0 Kudos
Reply
5 REPLIES 5
Mel Burslan
Honored Contributor

‎06-01-2005 04:33 AM

‎06-01-2005 04:33 AM

Re: Allow user change password for only a specific group

Your question is hard to understand. Each user who does not have root privileges, can not change password for any user account but their own. If you want to allow userA to be able to change password for userA1, userA2 and userA3, you will need to use a root power delegation software, like sudo, and in /etc/sudoers file, you will add something like this:

userA : /usr/bin/passwd userA1
userA : /usr/bin/passwd userA2
userA : /usr/bin/passwd userA3

but this is just a guess, as passwd is not your everyday application and may not play well with sudo. Try at your own risk.

hope this helps
________________________________
UNIX because I majored in cryptology...
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎06-01-2005 04:35 AM

‎06-01-2005 04:35 AM

Re: Allow user change password for only a specific group

There is a tool called webmin, which ships with the HP apache web server port.

It allows you to add a webmin user and set that user up so the only thing he/she can do is reset passords for a particular group.

http://www.webmin.com/

http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=HPUXWSATW211

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Vic S. Kelan
Regular Advisor

‎06-01-2005 05:00 AM

‎06-01-2005 05:00 AM

Re: Allow user change password for only a specific group

Thanks Mel & SEP,

With /usr/sbin/sam -r you can add privileges to an individual user such as accounts for users and groups > Groups....

And you have an option of giving the user privileges to manage all groups. What I am looking for is to be able to allow a few none root users (part time sys admin;-), change passwords but restricted to passwords of only users in a certain group (so we dont wonder who changed the root password or some other useful users)

the webmin is nice SEP, but am hoping not to have to install anything to do this...

THANKS for any additional tots.
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎06-01-2005 05:26 AM

‎06-01-2005 05:26 AM

Re: Allow user change password for only a specific group

Sam will do just fine. I forgot about it thats all.

You should be able to restrict the user to certain groups as well, otherwise webmin is a better option.

I've just done it on Linux and can provide step by step instructions on the setup if needed.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Gary L. Paveza, Jr.
Trusted Contributor

‎06-01-2005 05:54 AM

‎06-01-2005 05:54 AM

Re: Allow user change password for only a specific group

If all you are worried about is that they shouldn't be able to change root's password (but everyone else's) then restricted sam will do this nicely. It allows a user with manage accounts/groups to change any password except root.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.