HPE Community
Operating System - HP-UX
1825795 Members
2146 Online
109687 Solutions
New Discussion

Stopping Users Logging In

 
SOLVED
Go to solution
John Jayaseelan
Super Advisor

‎06-12-2002 04:57 AM

‎06-12-2002 04:57 AM

Stopping Users Logging In

Hi

Hope someone can help with what is probably a simple query!!

We have a situation here where our Ops dept have to do some checks & start some process manually after re-booting the hpux K370 (11.00). However during this time users jump on & start working before the system is ready, despite e-mails & floor walks asking them not to.
Is it possible to set the maximum users to a low number in order for Ops to do their stuff & then set back to the normal state after?
I used to work on a system where you typed "Max nn" to solve this issue & then "Max" to re-instate. It worked like a charm...
Does hp have anything similar??
Many thanks
sue
0 Kudos
Reply
10 REPLIES 10
Pete Randall
Outstanding Contributor

‎06-12-2002 05:00 AM

‎06-12-2002 05:00 AM

Solution

Re: Stopping Users Logging In

Sue,

See this thread, particularly the last entry:
http://forums.itrc.hp.com/cm/QuestionAnswer/1,,0x038fe8644a22d411ade70090279cd0f9,00.html

Good luck,
Pete

Pete
Reply
Fabrice Meynard
Frequent Advisor

‎06-12-2002 05:01 AM

‎06-12-2002 05:01 AM

Re: Stopping Users Logging In

Hi,

for me the simplest way is to boot to single user. In this mode you are alone to have a connection.
For this, interrupt the boot, when system ask you to press a key within 10 seconds, boot to single user mode : hpux -is

Hope this can help.
Fabrice
0 Kudos
Reply
harry d brown jr
Honored Contributor

‎06-12-2002 05:02 AM

‎06-12-2002 05:02 AM

Re: Stopping Users Logging In


use /etc/nologin in the boot process.

http://forums.itrc.hp.com/cm/QuestionAnswer/1,,0x406a1cc6003bd6118fff0090279cd0f9,00.html

and

http://forums.itrc.hp.com/cm/QuestionAnswer/1,,0x038fe8644a22d411ade70090279cd0f9,00.html


live free or die
harry
Live Free or Die
Reply
Pete Randall
Outstanding Contributor

‎06-12-2002 05:03 AM

‎06-12-2002 05:03 AM

Re: Stopping Users Logging In

And (particularly Patrick Walleck's comments) this thread as well:
http://forums.itrc.hp.com/cm/QuestionAnswer/1,,0x5e730b0717d1d5118ff40090279cd0f9,00.html

Pete

Pete
Reply
John Jayaseelan
Super Advisor

‎06-12-2002 05:12 AM

‎06-12-2002 05:12 AM

Re: Stopping Users Logging In

Thanks everyone!!!

nologin is the way to go for us I think.

Thanks for the speedy response.

Best Wishes
Sue
0 Kudos
Reply
Paula J Frazer-Campbell
Honored Contributor

‎06-12-2002 05:12 AM

‎06-12-2002 05:12 AM

Re: Stopping Users Logging In

Sue

Copy your password file to Passlock.

Edit passlock to just the critical users.
Remember to keep the system ones in the file,
bin
sys
adm ETC.


Routine for the admin exercise is then.
-----------------------------------------
copy passwd to passback (Master copy)
copy passlock to passwd

Clear out the users

Carry out admin

When ready to allow users back in then:-

copy passback to passwd


NOTE
When passlock is copied to passwd remember that passwords will be at the time the passlock file was created.

HTH

Paula

If you can spell SysAdmin then you is one - anon
Reply
Ceesjan van Hattum
Esteemed Contributor

‎06-12-2002 05:13 AM

‎06-12-2002 05:13 AM

Re: Stopping Users Logging In

If your Ops-dept uses root-account for login, you might use .nologin in combination of /etc/securetty.
For securetty see http://www.tldp.org/LDP/solrhe/Securing-Optimizing-Linux-RH-Edition-v1.3/chap5sec41.html

Nevertheless, ops should NOT loggin as root..

Regards
Reply
Yogeeraj_1
Honored Contributor

‎06-12-2002 05:31 AM

‎06-12-2002 05:31 AM

Re: Stopping Users Logging In

Hello,

we do it in a much simpler way! ;)

All our end-users share the same home directory.

hence, we have a created a special .profile file that we name as "profilenoaccess" which we activate (save the old profile file to "profilegood" and copy "profilenoaccess" to ".profile" whenever we want to disable access.

the last lines of the profilenoaccess file contains the following lines:
---------------------------------------------
cat ./msg; read
exit;
---------------------------------------------

Thus,we put all required user information in the msg file. and as soon as the user logs in he/she gets the message...

simple and effective ;)

Hope this helps

best regards
yogeeraj
No person was ever honoured for what he received. Honour has been the reward for what he gave (clavin coolidge)
0 Kudos
Reply
Ceesjan van Hattum
Esteemed Contributor

‎06-12-2002 06:49 AM

‎06-12-2002 06:49 AM

Re: Stopping Users Logging In

One other way:
use automounter for a shared /home on all systems.
Your Ops-users and Admin-users should have there home in /home2 (or something).
In time of maintance, disable automounter (no daemons or change /etc/auto.master, and their $HOME will not be found.

Regards,
Ceesjan
0 Kudos
Reply
Nick Wickens
Respected Contributor

‎06-12-2002 07:39 AM

‎06-12-2002 07:39 AM

Re: Stopping Users Logging In

I wanted to ensure that users only login with the number of sessions I determine is acceptable for them and did this by adding that number into the username/comment field of the /etc/passwd entries. There profiles then check the passwd and current logins before letting them in. The by-product of this is that I can now , using vipw of course, quickly drop (even by department as we record this in passwd) access down to zero if necessary.

Hats ? We don't need no stinkin' hats !!
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.