- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: Giving a user-id the ability to add users (scr...
Operating System - HP-UX
1754823
Members
4475
Online
108825
Solutions
Forums
Categories
Company
Local Language
юдл
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
юдл
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-21-2007 02:18 AM
тАО02-21-2007 02:18 AM
Giving a user-id the ability to add users (scripted)
I have the need to give a user-id other than root the ability to add users via a script. Sudo will not work in this case. The system is trusted if that makes a difference. I would prefer that that user could only add to its group.
3 REPLIES 3
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-21-2007 02:25 AM
тАО02-21-2007 02:25 AM
Re: Giving a user-id the ability to add users (scripted)
Hi Mike:
If 'sudo' isn't an option, I'd create a simple C-wrapper, setuid to 'root' expressly for the purpose you describe. The usual caveats apply: make sure that both the wrapper and the script called within are strictly secured.
Regards!
...JRF...
If 'sudo' isn't an option, I'd create a simple C-wrapper, setuid to 'root' expressly for the purpose you describe. The usual caveats apply: make sure that both the wrapper and the script called within are strictly secured.
Regards!
...JRF...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-21-2007 02:30 AM
тАО02-21-2007 02:30 AM
Re: Giving a user-id the ability to add users (scripted)
Mike,
have you thought about possible use of access control list (acl) on the useradd etc. binaries ?
For script please see:
http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=952123
Or how about giving the user restricted SAM (see "man sam" -r option)
Please also read:
http://forums1.itrc.hp.com/service/forums/helptips.do?#33 on how to reward any useful answers given to your questions.
have you thought about possible use of access control list (acl) on the useradd etc. binaries ?
For script please see:
http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=952123
Or how about giving the user restricted SAM (see "man sam" -r option)
Please also read:
http://forums1.itrc.hp.com/service/forums/helptips.do?#33 on how to reward any useful answers given to your questions.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-21-2007 02:43 AM
тАО02-21-2007 02:43 AM
Re: Giving a user-id the ability to add users (scripted)
More info it it helps, we have a development team from LAWSON here trying to create an automated process to add users. On the windows side it IBM tivoli LDAP which they want to use to add users to HP-UX. They are using a package called ProcessFlow which can read the LDAP DB and through various process comes up with a 8 character UNIX id and from a table of preassigned UID's they grab an available UID. Too late in the process to use LDAP-UX... The killer is that all the created user-id's are deactivated (internal use only).
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
News and Events
Support
© Copyright 2024 Hewlett Packard Enterprise Development LP