HPE Community
Operating System - HP-UX
1848575 Members
7111 Online
104033 Solutions
New Discussion

Re: Re-activate user ID

 
SOLVED
Go to solution
TakHowe Chan
Occasional Contributor

‎07-29-2007 09:01 PM

‎07-29-2007 09:01 PM

Re-activate user ID

Hi,

I would like to delegate some power users the ability to reactivate dormant user ID but without giving them the superuser's ID. Do anyone have any idea about this?

Thanks.

Our system:
RP7410
HP-UX 11.11i
0 Kudos
Reply
7 REPLIES 7
Anshumali
Esteemed Contributor

‎07-29-2007 09:07 PM

‎07-29-2007 09:07 PM

Solution

Re: Re-activate user ID

use restricted build of SAM
you can customer build sam for users using sam -r

Dreams are not which you see while sleeping, Dreams are which doesnt allow you to sleep while you are chasing for them!!
Reply
Robert-Jan Goossens
Honored Contributor

‎07-29-2007 09:18 PM

‎07-29-2007 09:18 PM

Re: Re-activate user ID

Hi,

Install and configure sudo,and setup the passwd or the modprpw (trusted system) to enable user sctivation for the "power users".

http://hpux.connect.org.uk/hppd/hpux/Sysadmin/sudo-1.6.8p12/

Regards,
Robert-Jan
0 Kudos
Reply
TakHowe Chan
Occasional Contributor

‎07-29-2007 10:10 PM

‎07-29-2007 10:10 PM

Re: Re-activate user ID

Thanks, that really solved the problem.
0 Kudos
Reply
TakHowe Chan
Occasional Contributor

‎07-31-2007 02:14 PM

‎07-31-2007 02:14 PM

Re: Re-activate user ID

Hi,

I just realize it creates another problem when I use restricted SAM. What I did was to enable users to login to SAM with "Accounts for users and groups --> Users", but that will enable the users to add users. How can allow "Reset/Modify password" and "Reactivate" only?

Thanks.
0 Kudos
Reply
skt_skt
Honored Contributor

‎07-31-2007 03:05 PM

‎07-31-2007 03:05 PM

Re: Re-activate user ID

modprpw with sudo will be good for reactivate.But giving accees to password reset/modification looks like a little risky, even though all the command logs are captured under sudo.
0 Kudos
Reply
Srinivas Thokala_1
Frequent Advisor

‎08-01-2007 02:34 AM

‎08-01-2007 02:34 AM

Re: Re-activate user ID

It is not a good idea to give this previleges to others of non root users.

Still if you want to and if sudo S/W is installed, then add line for that group in /sudo/etc/sudoers file as
/usr/lbin/modprpw
!/usr/bin/passwd root

The special charector '!' will not allow that group to change the root passwd.

-Srini
Srinivas Thokala
0 Kudos
Reply
TakHowe Chan
Occasional Contributor

‎08-01-2007 03:02 PM

‎08-01-2007 03:02 PM

Re: Re-activate user ID

Hi,

Actually I got the restricted SAM setup alright, so I thought is there any way to remove the ability to Add users in the restricted SAM and only allow them to release and reset password?

Thanks in advance.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.