HPE Community
Operating System - HP-UX
1838681 Members
3695 Online
110128 Solutions
New Discussion

Re: Moving passwd file

 
Ravindar_1
Occasional Advisor

‎02-20-2005 11:32 PM

‎02-20-2005 11:32 PM

Moving passwd file

I have a requirement to move the passwd file from UX11.0 to another machine(UX11.0) where both the machines are in trusted mode.Can anybody help me in finding the solution?.
0 Kudos
Reply
11 REPLIES 11
Bharat Katkar
Honored Contributor

‎02-20-2005 11:46 PM

‎02-20-2005 11:46 PM

Re: Moving passwd file

Ravidar,
Have a look at attached doc....
That should help.
Regards,
You need to know a lot to actually know how little you know
0 Kudos
Reply
Ravindar_1
Occasional Advisor

‎02-21-2005 12:01 AM

‎02-21-2005 12:01 AM

Re: Moving passwd file

Bharat,

Thanks for the quick response,the problem here is when we failover the primary machine, will the /etc/passwd file in the secondary machine will be in sync with the primary machine, if not, are there any other alternative way/scripts to make the passwd file similar as it was in primary machine.
Please advise..
0 Kudos
Reply
Bharat Katkar
Honored Contributor

‎02-21-2005 12:30 AM

‎02-21-2005 12:30 AM

Re: Moving passwd file

Hi Ravindar,

Automatically it won't becuase cluster has nothing to do with passwd file.
We also have similar cluster setup but what we did was to create users on both systems with name/UID/GID/HomeDirect identical on both the Systems. Then convert them to trusted systems.
I don't remember the exact way to do it but may be you will have to copy the files in the
/var/tcb directory to the other system.

Regards,
You need to know a lot to actually know how little you know
0 Kudos
Reply
harry d brown jr
Honored Contributor

‎02-21-2005 12:40 AM

‎02-21-2005 12:40 AM

Re: Moving passwd file


This is why one should look at NIS+ logins with possibly ldap authenification.

http://docs.hp.com/en/J4269-90012/index.html

live free or die
harry d brown jr
Live Free or Die
0 Kudos
Reply
Dave Hutton
Honored Contributor

‎02-21-2005 12:40 AM

‎02-21-2005 12:40 AM

Re: Moving passwd file

Like suggested above the supported way is un-trusting the servers and copying the user/group file.
You can also copy over the /tcb/files/auth/* files along with cutting and pasting your /etc/password file, but it isn't supported. But does work.

Really ideally you want to use the same uid/gid across all your servers. Saves a lot of headaches especially in a serviceguard type situation.


0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎02-21-2005 12:46 AM

‎02-21-2005 12:46 AM

Re: Moving passwd file

User id numeric numbers must be the same on all machines otherwise permissions will get out of whack.

A centralized LDAP server saves all these problems.

I've run into unusual behavior when copying passwd files across machines and have since ceased the practice.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Ravindar_1
Occasional Advisor

‎02-21-2005 01:05 AM

‎02-21-2005 01:05 AM

Re: Moving passwd file

Thanks to all for response.
I also have another requirement where in We were asked to convert HPUX 11.0 to trusted system. We need to do the failover process for this requirement and there are totally 13000 userid's in the system.
Can anyone please advise me on how to deal with the password file sync up in both the machines?.
0 Kudos
Reply
Dave Hutton
Honored Contributor

‎02-21-2005 02:15 AM

‎02-21-2005 02:15 AM

Re: Moving passwd file

I'm guessing you have some users unique to each server so copying from one to the other will overlap some users?

Converting is the easy part. Thats a huge amount of users. I thought 2500 on a server was a lot. You just have to go through them on both servers and map out identical users that are on both servers and go through making their uid the same. Eitherway it won't be a quick and easy task.

0 Kudos
Reply
Darrel Louis
Honored Contributor

‎02-21-2005 08:21 AM

‎02-21-2005 08:21 AM

Re: Moving passwd file

Ravindar,

With this amount of user I would suggest to make use of a Gateway server on which users will be authenticated.
Think of using the following products:
- LDAP
- OpenSSH

Further, I suggest to run: pwck
Otherwise the convert will fail if your passwd file isn't correct.

Darrel
0 Kudos
Reply
Jim Butler
Valued Contributor

‎02-21-2005 08:31 AM

‎02-21-2005 08:31 AM

Re: Moving passwd file

I would authenticate to an ldap directory server, using the pam modules supplied in the ldap distribution. The problem you are going to have in trusted mode, is that the chksum/date/etc will not match up on a trusted system. by authentication via 3rd party mechanism, you may kill 2 birds with one stone..
good luck
Man The Bilge Pumps!
0 Kudos
Reply
Ravindar_1
Occasional Advisor

‎02-27-2005 05:18 PM

‎02-27-2005 05:18 PM

Re: Moving passwd file

Thanks to all for the help!!
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.