HPE Community
Operating System - HP-UX
1837638 Members
2916 Online
110117 Solutions
New Discussion

limit the user login

 
SOLVED
Go to solution
peterchu
Super Advisor

‎07-21-2004 02:29 PM

‎07-21-2004 02:29 PM

limit the user login

I hv set the limitation of user login ( /etc/profile ), that only allow max. of 200 concurrent user login to the system , but sometimes the total no of login is over 200 that the users need to wait until someone logout , now I want to let a group of staffs ( eg. EDP ) can access the system even the total no of login reach 200 , could suggest what can I do ?thx
0 Kudos
Reply
11 REPLIES 11
KapilRaj
Honored Contributor

‎07-21-2004 02:43 PM

‎07-21-2004 02:43 PM

Solution

Re: limit the user login

how did u restrict ? it depends on that

Kaps
Nothing is impossible
Reply
Muthukumar_5
Honored Contributor

‎07-21-2004 04:55 PM

‎07-21-2004 04:55 PM

Re: limit the user login

check identity of the user login using id command. If the user group ( EDP ),the allow them even login limit is 200.

Get the /etc/group id for EDP and keep it for checking. ID can be used to check the identity of users too. Check the id from /etc/passwd entry for the user.

see id(1) man page more

Easy to suggest when don't know about the problem!
Reply
Borislav Perkov
Respected Contributor

‎07-21-2004 07:47 PM

‎07-21-2004 07:47 PM

Re: limit the user login

Hi,

You need to check and maxusers kernel parameter to be also greater then 200.

Regards,
Borislav
Reply
RAC_1
Honored Contributor

‎07-21-2004 08:01 PM

‎07-21-2004 08:01 PM

Re: limit the user login

Restricting the users based on therir gid, uid will require some code to be put in /etc/profile.

With 11.0 and later, you can have file /etc/default/security. man 4 security for details. You can put
NUMBER_OF_LOGNS_ALLOWED=xxx in this file. This applies to non-root users. This would be mush cleaner way to do what you want. Also You make sure that you have set maxusers accordingly.

Anil
There is no substitute to HARDWORK
Reply
Mobeen_1
Esteemed Contributor

‎07-21-2004 08:23 PM

‎07-21-2004 08:23 PM

Re: limit the user login

Peter,
I think it would be best that you let us know or pass the script that you are using to restrict the login in your system currently. Based on that we would be able to recommend a way.

You can put in an additional check to see the group of the person logging in and if he belongs to a certain group like EDP, let him in.

regards
Mobeen
Reply
Jose Mosquera
Honored Contributor

‎07-21-2004 08:42 PM

‎07-21-2004 08:42 PM

Re: limit the user login

Hi,

Firts create and group the users in EDP group. Then in /etc/profile:

GRP_ALLOW=`id -Gn|grep EDP|wc -l`
if [ "$GRP_ALLOW" = "0" ]
then
...your login restriction procedure.
fi

Pls check more "id" command options with "man id"

Rgds.
Reply
peterchu
Super Advisor

‎07-21-2004 10:45 PM

‎07-21-2004 10:45 PM

Re: limit the user login

very thanks for the replies , and sorry that I have one more requirement of this,
As my question , I want to allow the EDP user to access the system even reach the 200 users on the system , my new requirement is I also want all EDP'slogins will not be counted . eg. if there are 150 general users and 10 EDP logins in the system , the system only recognize the system has 150 logins but not 160 , so that the EDP user will be affect the general user login , could suggest what can I do ?

attach the /etc/profile ,

very thank if you can help more.
0 Kudos
Reply
Rodney Hills
Honored Contributor

‎07-22-2004 01:51 AM

‎07-22-2004 01:51 AM

Re: limit the user login

Modify the following statement-

if [ "$MY" = "root" ] ;

to

if [ "$MY" = "root" && `id -g` = "##0" ] ;

Where "##" is the group id number for the EDP group. Then they will be ignored liked "root" is being ignored.

HTH

-- Rod Hills
There be dragons...
Reply
Rodney Hills
Honored Contributor

‎07-22-2004 01:53 AM

‎07-22-2004 01:53 AM

Re: limit the user login

Whoops,

Change "&&" (and) to "||" (or).

-- Rod Hills
There be dragons...
Reply
peterchu
Super Advisor

‎07-22-2004 03:37 PM

‎07-22-2004 03:37 PM

Re: limit the user login

thx replies, I tried hill's suggestion , it really meet my first requirement , but the EDP logins still count into the 200 . that mean if there are 190 general user logins and 10 EDP user logins at the same time , the system will know there are total 200 users in the system and reject the new login , what I want is the system allow total of 200 general user can access the system and ignore all the EDP user logins .

Very thanks for further help.
0 Kudos
Reply
peterchu
Super Advisor

‎07-22-2004 09:04 PM

‎07-22-2004 09:04 PM

Re: limit the user login

is it possible to do that ? thx
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.