HPE Community
Operating System - HP-UX
1832928 Members
2711 Online
110048 Solutions
New Discussion

Re: How to Create user accounts in three servers without affecting the security?

 
Richard Woolley
Frequent Advisor

‎07-18-2005 11:29 PM

‎07-18-2005 11:29 PM

How to Create user accounts in three servers without affecting the security?

All,

We have three hpux servers and one of them is 11i and other two are 11.

Is there a secure and simple method to create users in single step in all servers?

We currently use a script to copy /etc/passwd and group on all servers.

thanks
Thomas
0 Kudos
Reply
8 REPLIES 8
Geoff Wild
Honored Contributor

‎07-18-2005 11:40 PM

‎07-18-2005 11:40 PM

Re: How to Create user accounts in three servers without affecting the security?

Well, you could install Servicecontrol manager 3.0

http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B8339BA3.0

or HP Systems Insight Manager - HP-UX

http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=T2414BA

Looks like the direction is to go to HP Systems Insight Manager - HP-UX - but both appear to provide central management...


Rgds...Geoff
Proverbs 3:5,6 Trust in the Lord with all your heart and lean not on your own understanding; in all your ways acknowledge him, and he will make all your paths straight.
0 Kudos
Reply
Donald Kok
Respected Contributor

‎07-18-2005 11:42 PM

‎07-18-2005 11:42 PM

Re: How to Create user accounts in three servers without affecting the security?

There is a secure and a simple way:
- simple, but not secure: nis
- secure, but not simple: nis+

My systems are 100% Murphy Compliant. Guaranteed!!!
0 Kudos
Reply
baiju_3
Esteemed Contributor

‎07-19-2005 01:41 AM

‎07-19-2005 01:41 AM

Re: How to Create user accounts in three servers without affecting the security?

You may consider adding the user in one server and duplicate the same in other user .

Copying passwd and group file is not recommented .

Better create a shell script which will do the follwing .

add user in the remote system using useradd.

copy the tcb file and profiles to remote nodes.

Update the secondary group information on remote nodes.

Regards,
BL.




Good things Just Got better (Plz,not stolen from advertisement -:) )
0 Kudos
Reply
Martin Brachtl
Advisor

‎07-20-2005 05:21 PM

‎07-20-2005 05:21 PM

Re: How to Create user accounts in three servers without affecting the security?

There is one more possibility, LDAP. This could be even more secure than NIS+, and also more complicated. I'm not sure, if the pam modules are available on HP-UX11.
0 Kudos
Reply
Geoff Wild
Honored Contributor

‎07-20-2005 10:58 PM

‎07-20-2005 10:58 PM

Re: How to Create user accounts in three servers without affecting the security?

You couldn't pay me enough to use NIS...

Stick with the HP products - or if you have the cash, check out KEON - Unix Control:

http://www.tfstech.com/solutions/servercontrol/index.htm

Looks like it is now called "Server Control" - I guess I need to do an upgrade.

Rgds...Geoff
Proverbs 3:5,6 Trust in the Lord with all your heart and lean not on your own understanding; in all your ways acknowledge him, and he will make all your paths straight.
0 Kudos
Reply
Tim Nelson
Honored Contributor

‎07-21-2005 06:21 AM

‎07-21-2005 06:21 AM

Re: How to Create user accounts in three servers without affecting the security?

The below is how we address this with our 25 servers.

One server has the master list(basically a copy or recreation of the /etc/passwd file) of userids etc. I have created a script that is run by a non root user to add users. This script looks first in the master file. If found it takes all the information from the master password file parses out each piece of needed info and creates a script ( the script is basially just the useradd command with the correct uid, gid, comment, etc) This script is rcp'd as a normal user to each server or a specified one.
Then login to each other server as root. execute the script and user is added.

This method negates the need for root to have remsh or rcp accross servers and negates the need for all the problems associated with NIS.

Tweak this method to suit your needs.

The intent of the master file is to keep UIDs and GIDs consistant when creating new accounts.

Best of luck.(don't forget to assign points)
0 Kudos
Reply
Richard Woolley
Frequent Advisor

‎07-24-2005 10:37 PM

‎07-24-2005 10:37 PM

Re: How to Create user accounts in three servers without affecting the security?

Thanks everyone,

I will get thomas to asign some points.

cheers

Richard
0 Kudos
Reply
Florian Heigl (new acc)
Honored Contributor

‎07-24-2005 11:10 PM

‎07-24-2005 11:10 PM

Re: How to Create user accounts in three servers without affecting the security?

hmmm, when I look at the requirements You ask:

using useradd through ssh would comply with that and be quite easily integrated.
:)

flo
yesterday I stood at the edge. Today I'm one step ahead.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.