HPE Community
Operating System - HP-UX
1830827 Members
2842 Online
110017 Solutions
New Discussion

Re: sync users on multiple HP boxes

 
Victor Mendham
Regular Advisor

‎11-05-2000 09:19 AM

‎11-05-2000 09:19 AM

sync users on multiple HP boxes

I have to sync users on HP boxes, so that they have the same GID and PID no matter which box they log into.

Is there a way to get a list of users with their PID and GID numbers so I can compare and then sync among the many boxes?
0 Kudos
Reply
5 REPLIES 5
James R. Ferguson
Acclaimed Contributor

‎11-05-2000 11:47 AM

‎11-05-2000 11:47 AM

Re: sync users on multiple HP boxes

Hi:

Keeping the UID (User ID) and the GID (Group ID) of your accounts the same on all your servers is a sound practice.

In the /etc/passwd file, the first field is the username; the second is the encrypted password; UID's are the third; and GID's are the fourth. Fields in /etc/passwd are delimited by colons (":").

The /etc/group file contains the name of the group as its first field. The third field is the GID for that name. The fields in /etc/group are also delimited by colons.

You can list both of these files by doing a "cat" or "more", like:

# more /etc/passwd
# more /etc/group

You can use SAM to change the UID of an account (user) in a round-about, but safe way. First create a new, temporary account. The name doesn't matter. Next, request the deletion of the old user account. SAM will ask you what you want to do with the files owned by the account you are deleting. Choose the option to "adopt" those files by the new temporary user. Then add back the "real" user with the original name, but specify the UID you want to use. Now delete the temporary account, transferring the files owned by it to the "real" account. You can do this repetetively.

Hopefully this helps.

...JRF...
0 Kudos
Reply
James R. Ferguson
Acclaimed Contributor

‎11-05-2000 11:50 AM

‎11-05-2000 11:50 AM

Re: sync users on multiple HP boxes

Hi:

Keeping the UID (User ID) and the GID (Group ID) of your accounts the same on all your servers is a sound practice.

In the /etc/passwd file, the first field is the username; the second is the encrypted password; UID's are the third; and GID's are the fourth. Fields in /etc/passwd are delimited by colons (":").

The /etc/group file contains the name of the group as its first field. The third field is the GID for that name. The fields in /etc/group are also delimited by colons.

You can list both of these files by doing a "cat" or "more", like:

# more /etc/passwd
# more /etc/group

You can use SAM to change the UID of an account (user) in a round-about, but safe way. First create a new, temporary account. The name doesn't matter. Next, request the deletion of the old user account. SAM will ask you what you want to do with the files owned by the account you are deleting. Choose the option to "adopt" those files by the new temporary user. Then add back the "real" user with the original name, but specify the UID you want to use. Now delete the temporary account, transferring the files owned by it to the "real" account. You can do this repetetively.

Hopefully this helps.

...JRF...
0 Kudos
Reply
Dan Hetzel
Honored Contributor

‎11-06-2000 01:17 AM

‎11-06-2000 01:17 AM

Re: sync users on multiple HP boxes

This simple command would give you
a cleanly formatted list of user, userid
and gid on a system:

awk 'FS=":" {printf ("%-12s%6d%6dn",$1,$3,$4)}' < /etc/passwd

This will be a bit easier for human reading.


Dan

Everybody knows at least one thing worth sharing -- mailto:dan.hetzel@wildcroft.com
0 Kudos
Reply
Dan Hetzel
Honored Contributor

‎11-06-2000 01:19 AM

‎11-06-2000 01:19 AM

Re: sync users on multiple HP boxes

Hi again,

The backquote has been dropped at the end
of the format string - before the "n"
Command should read (hopefully)

awk 'FS=":" {printf ("%-12s%6d%6d\n",$1,$3,$4)}' < /etc/passwd



Everybody knows at least one thing worth sharing -- mailto:dan.hetzel@wildcroft.com
0 Kudos
Reply
Kevin Ernst
Regular Advisor

‎11-06-2000 07:49 AM

‎11-06-2000 07:49 AM

Re: sync users on multiple HP boxes

Is there any shame in using NIS/NIS+ to keep user accounts in sync? Or is NIS+ still so dreadfully insecure as to be unmentionable?

It's a small hurdle to get everything up and running initially, but a great investment in the long run, as it becomes a snap to add and maintain user accounts in the future. 'Installing and Administering NFS Services' (the HP system documentation, viewable at http://docs.hp.com under the 'Networking and Communications' section) made a handy reference while I was getting up to speed.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.