HPE GreenLake Administration
- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Automated User Addtions
Operating System - HP-UX
1833694
Members
3576
Online
110062
Solutions
Forums
Categories
Company
Local Language
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-01-2000 09:17 AM
12-01-2000 09:17 AM
Automated User Addtions
Greetings,
A while ago, a friend and fellow techie told me about a process by which he added new users by the following method:
1. Request is sent via email to his account in a specific format.
2. The email is forwarded to a "system" account.
3. A nightly cron job used to message to add the user and the default password copied to an encrypted file.
Does anyone have experience doing this?
Would it be considered a major no-no when it comes to security?
A while ago, a friend and fellow techie told me about a process by which he added new users by the following method:
1. Request is sent via email to his account in a specific format.
2. The email is forwarded to a "system" account.
3. A nightly cron job used to message to add the user and the default password copied to an encrypted file.
Does anyone have experience doing this?
Would it be considered a major no-no when it comes to security?
3 REPLIES 3
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-01-2000 09:27 AM
12-01-2000 09:27 AM
Re: Automated User Addtions
Well you could use useradd cmd or write your own batch shell script to automate, but then I prefer knowing who is on the machines by giving to the new users their login names I choose (yes even when there are several hundreds...) because it never misses I can remember the names (you know the deja vu feeling) it never missed when there is a name that doesnt inspire me I investigate and find out it someone else who created the account...
Best regards
Victor
Best regards
Victor
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-01-2000 10:39 AM
12-01-2000 10:39 AM
Re: Automated User Addtions
There is little question in my mind that someone could in fact do some creative scripting to accomplish this. I created a similar type thing for maintaining multiple machine coordination without getting into NIS. It didn't use email and nothing was 'totally' automated though. Someone, somewhere, with the appropriate rights had to start the ball rolling. In the case in question, people at the help desk had the access rights to invoke a script that setup a users environment automagically. The system was somewat complex from a standpoint of coordinating application menuing, database engine, and unix group permissions. The bottom line is that there are a variety of securty functions that can be somewhat automated, but the hairs all over me stand up with the idea of anything being processed with something as insecure as email unless you have something like PGP to fully validate the sender.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-02-2000 04:32 AM
12-02-2000 04:32 AM
Re: Automated User Addtions
As someone else mentioned, the clever script can do wonderous things. This may be more work than is necessary though.
And yes, this is a security flaw!
Anyone can send the email to $box@host and have their name added.
I think I am a pretty clever scripter, and a script like this would probably take a week to write and test and debug.
Not worth it for a 1 minute job!
As mentioned before, If you have a lot of custom things to do to an ID, script those, but not the whole process.
Pretty scarry to think that anyone could add themselves direct access to my system with an e-mail...
Regards,
Shannon
And yes, this is a security flaw!
Anyone can send the email to $box@host and have their name added.
I think I am a pretty clever scripter, and a script like this would probably take a week to write and test and debug.
Not worth it for a 1 minute job!
As mentioned before, If you have a lot of custom things to do to an ID, script those, but not the whole process.
Pretty scarry to think that anyone could add themselves direct access to my system with an e-mail...
Regards,
Shannon
Microsoft. When do you want a virus today?
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
Company
Events and news
Customer resources
© Copyright 2025 Hewlett Packard Enterprise Development LP