Operating System - HP-UX
1839244 Members
2263 Online
110137 Solutions
New Discussion

Re: creating login account trick

 
SOLVED
Go to solution
Shivkumar
Super Advisor

creating login account trick

Dear Sirs,

At one of my previous job, my login account was created on a system. From that one system i was able to login on many systems in all the environment. Someone had said that it has one of the purpose to keep the same uid and gid on all the systems.

i was not able to understand how this was done ?

can some unix guru let me know how this can be achieved ?

Thanks,
Shiv
7 REPLIES 7
Patrick Wallek
Honored Contributor
Solution

Re: creating login account trick

This was via some sort of directory service. The most likely candidates in a Unix environment are NIS, NIS+ and LDAP.

Do a google search for those and you will find all kinds of information.

You can also search through http://docs.hp.com and you will likely find information on all of those as well.
Arunvijai_4
Honored Contributor

Re: creating login account trick

Hi Shiv,

This is done by NIS or NIS+. NIS is Network Information Service where you can create users and put in network to access all systems where ever it is configured.

You need to modify your /etc/nsswitch.conf to reflect the changes as,
hosts: nis [NOTFOUND=return] files
networks: nis [NOTFOUND=return] files

etc.. etc..

-Arun
"A ship in the harbor is safe, but that is not what ships are built for"
Arunvijai_4
Honored Contributor

Re: creating login account trick

Hi Shiv,

Centralized login management on unix can also be done with LDAP and Kerberos with more secured way. Kerberos is known for its ability of security and distributed env. Here is an example of Centralized User Management with Kerberos and LDAP from Sys Admin magazine,

http://www.samag.com/documents/s=9494/sam0502a/0502a.htm

-Arun
"A ship in the harbor is safe, but that is not what ships are built for"
Yogeeraj_1
Honored Contributor

Re: creating login account trick

hi,

You can also read about Oracle Internet Directory and Single Sign-ON.

With Oracle 10g, you can even allow user mappings to be soted in Microsoft Active Directory.

see also: http://www.oracle.com/technology/products/ias/daily/apr09.html

hope this helps too!

kind regards
yogeeraj
No person was ever honoured for what he received. Honour has been the reward for what he gave (clavin coolidge)
Steven E. Protter
Exalted Contributor

Re: creating login account trick

Shalom,

In addition to the ways above, it is possible to allow sign on to a system via an outside source like a Windows Primary Domain Controller. That controller can authenticate using LDAP(mostly covered above) or ADS, Active directory services.

Here is a guide to the ADS solution. ADS is used a lot because Windows won't worth with less complex solutions like NIS.

Configuring ADS for HP-UX authentication
http://www1.itrc.hp.com/service/james/dispDoc.do?docURL=http%3A%2F%2Fsearch.hp.com%2Fredirect.html%3Furl%3Dhttp%253A%2F%2Fdocs.hp.com%2Fen%2FJ4269-90049%2Fch02s05.html%26qt%3D%2Bhp%2Bux%2BADS%2Bintegration%26hit%3D2&aid=SEARCH_MANUAL&pil=4&serStr=hp+ux+ADS+integration

Integrating a CIFS server into an ADS domain.
http://www1.itrc.hp.com/service/james/dispDoc.do?docURL=http%3A%2F%2Fsearch.hp.com%2Fredirect.html%3Furl%3Dhttp%253A%2F%2Fdocs.hp.com%2Fen%2FB8725-90074%2Fch07s01.html%26qt%3D%2Bhp%2Bux%2BADS%2Bintegration%26hit%3D6&aid=SEARCH_MANUAL&pil=8&serStr=hp+ux+ADS+integration

ADS Thread
http://www1.itrc.hp.com/service/james/dispDoc.do?docURL=http%3A%2F%2Fsearch.hp.com%2Fredirect.html%3Furl%3Dhttp%253A%2F%2Fforums1.itrc.hp.com%2Fservice%2Fforums%2Fquestionanswer.do%253FthreadId%253D70242%26qt%3D%252Bhp%2B%252Bux%2B%2B%252BADS%2B%252Bintegration%2B%26hit%3D1&aid=SEARCH_FORUMS&pil=1&serStr=hp+ux+ADS+integration&pir=1

LDAP Thread
http://www1.itrc.hp.com/service/james/dispDoc.do?docURL=http%3A%2F%2Fsearch.hp.com%2Fredirect.html%3Furl%3Dhttp%253A%2F%2Fforums1.itrc.hp.com%2Fservice%2Fforums%2Fquestionanswer.do%253FthreadId%253D765217%26qt%3D%252Bhp%2B%252Bux%2B%2B%252BADS%2B%252Bintegration%2B%26hit%3D3&aid=SEARCH_FORUMS&pil=3&serStr=hp+ux+ADS+integration&pir=3

Enjoy your reading.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Muthukumar_5
Honored Contributor

Re: creating login account trick

It is all about password + account management system. Check the /etc/nsswitch.conf file for passwd: entries. If we are having only passwd then all login password lookup is done with /etc/passwd file only.

We can setup more centralised setups as,

a) LDAP
b) NIS or NIS+
c) Windows Active Directory Setup

--
Muthu
Easy to suggest when don't know about the problem!
Arunvijai_4
Honored Contributor

Re: creating login account trick

Hi Shiv, You can even try Tapesty:A centralized user management system

http://www.javaworld.com/javaworld/jw-06-2001/jw-0615-tapestry.html

-Arun
"A ship in the harbor is safe, but that is not what ships are built for"