Operating System - HP-UX
1833780 Members
2358 Online
110063 Solutions
New Discussion

Re: Number logins allowed problem

 
Peter Gillis
Super Advisor

Number logins allowed problem

Hi,
hpux 11.11v1
I have /etc/default/security file setup with
NUMBER_OF_LOGINS_ALLOWED=6.
But this is allowing the users to only start up 4 sessions. Is anyone else experiencing the same? How sort it out? I would like to be able to say users can get 6 sessions up. I did try change the allowed number to 5 and then users could only get 3 sessions up.

any ideas??
thanks Maria
8 REPLIES 8
Mridul Shrivastava
Honored Contributor

Re: Number logins allowed problem

Which application do you use for sessions.. ie telnet, rlogin or CDE...

Since CDE does not limit the maximum number of logins based on the NUMBER_OF_LOGINS_ALLOWED variable in /etc/default/security prior to B.11.23_0409 release..
Time has a wonderful way of weeding out the trivial
Reshma Malusare
Trusted Contributor

Re: Number logins allowed problem

Hi Maria,
Check this parameter through SAM in auditing & security.check for general user policies.May be global setting is different.

Regards
Reshma


Peter Gillis
Super Advisor

Re: Number logins allowed problem

Hi,
application is telnet.
This system is actually an untruusted system at the moment. So I am using /etc/default/security file to limit the sessions.
thanks
Maria
Raj D.
Honored Contributor

Re: Number logins allowed problem

Maria,

Remember this is applcable for non-root users,

Also check this link:
http://docs.hp.com/en/B2355-90696/security.4.html


Cheers,
Raj.


" If u think u can , If u think u cannot , - You are always Right . "
Peter Gillis
Super Advisor

Re: Number logins allowed problem

Raj,
Thanks for reply. I understand this is for non-root users, and that is exactly what I want. NON-root users to be able to start up a max of 4 telnet sessions. At this moment I have the /etc/default/security file setup with NUMBER_OF_LOGINS_ALLOWED=6 . This is limiting the users to 4 telent sessions. But why is it that I now have to state the value as being 6. In the Past I had the value set as 4 and that was the number of telenet session sthe users could use. Now if I have 4 stated, the actual number of sessions the users can start up is 2!
thanks Maria
Bill Hassell
Honored Contributor

Re: Number logins allowed problem

Is this Xwindows or 'real' telnet sessions? When users are running an Xwindow emulator, it's a lot more complicated. The user is not running telnet but instead running CDE on their PC or other Xterminal display device. And starting a window is not a real telnet -- instead, they are asking the Desktop manager to start a program on the HP-UX box called dtterm or xterm, which in turn starts a session locally on the HP-UX box. The characters that you see on the screen were formed on the HP-UX box and the image is displayed on the Xwindow device. CDE/Xwindows complicates things considerably.

To verify 'normal' operation, use a PC to actually telnet to the system -- start a DOS window and telnet to your box. Then repeat with 3 additional sessions logged on as the same user. The 4th login attempt should be rejected if NUMBER_OF_LOGINS_ALLOWED=4.

I am not a fan of CDE at all, and use Xwindows *only* when there are graphics and drawings (but not CDE). A text window such as xterm or dtterm is a big consumer of bandwidth and PC power when a local telnet (or better yet, an ssh session for security) window is extremely low overhead.

I don't have a system to test CDE logins but I'm going to guess that login count is used to get the fancy desktop (CDE) started and then another one for each terminal window.


Bill Hassell, sysadmin
Peter Gillis
Super Advisor

Re: Number logins allowed problem

HI Bill, thanks for info. This is definitely a straight Telnet session. No cde, no xwindows.
thanks
Maria
Robert Fritz
Regular Advisor

Re: Number logins allowed problem

That is pretty odd... I'll guess... maybe something is out of sync, and the system thinks you have two more logins than you do.

Does "who -T" show more sessions than 4?
Those Who Would Sacrifice Liberty for Security Deserve Neither." - Benjamin Franklin