HPE Community
Operating System - HP-UX
1834533 Members
2483 Online
110069 Solutions
New Discussion

Re: Non-Root/Role Based Admin

 
Scot Sroka
New Member

‎03-13-2003 06:33 AM

‎03-13-2003 06:33 AM

Non-Root/Role Based Admin

Hello.

Other than SCM, sudo, runas, uid=0, and restricted sam, what software and/or methods exist to allow non-root/role based administration?

In your opinion, what is the best option (including the above)?

Thanks for your help.
0 Kudos
Reply
5 REPLIES 5
Pete Randall
Outstanding Contributor

‎03-13-2003 06:37 AM

‎03-13-2003 06:37 AM

Re: Non-Root/Role Based Admin

You've pretty well covered the options that I'm aware of. The best option really depends on the circumstances and what you're trying to accomplish. I would guess that a combination of sudo and restricted SAM should pretty much cover anything, but SCM could be helpful, too.


Pete

Pete
0 Kudos
Reply
Patrick Wallek
Honored Contributor

‎03-13-2003 06:56 AM

‎03-13-2003 06:56 AM

Re: Non-Root/Role Based Admin

I agree with Pete in that you've covered the options available pretty well.

I like sudo and restricted sam where applicable as well.
0 Kudos
Reply
Ravi_8
Honored Contributor

‎03-13-2003 07:10 AM

‎03-13-2003 07:10 AM

Re: Non-Root/Role Based Admin

Hi,

You have covered all available methods.

In my opinion sudo is the best option to provide non root based admin
never give up
0 Kudos
Reply
John Payne_2
Honored Contributor

‎03-13-2003 07:24 AM

‎03-13-2003 07:24 AM

Re: Non-Root/Role Based Admin

The only thing you did not list was CA's eTrust products. (admin/access control) They are not cheap. The role based stuff is pretty much like sudo, repackaged and pretty. (It is good for if you have alot of servers with alot of users to manage, though.)

If you only have a few servers or aren't trying to manage permissions for 200+ users with 10+ different permission levels, use sudo. Otherwise, that's all you will do for months until everyone's happy. (I would definitely use sudo if you are only talking about a few different groups with relatively few special permissions.) Make sure you do not allow 'su su root' in your sudo, so you don't defeat your point...

Hope it helps.

John
Spoon!!!!
0 Kudos
Reply
Rita C Workman
Honored Contributor

‎03-13-2003 07:26 AM

‎03-13-2003 07:26 AM

Re: Non-Root/Role Based Admin

I use restricted SAM...and PowerBroker (third party vendor).

Rgrds,
Rita
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.