HPE Community
Operating System - HP-UX
1827293 Members
3596 Online
109717 Solutions
New Discussion

Trusted system going away in 11iv3 what are my options?

 
SOLVED
Go to solution
wvsa
Regular Advisor

‎01-07-2009 02:42 PM

‎01-07-2009 02:42 PM

Trusted system going away in 11iv3 what are my options?

Good afternoon all;

Getting familar with 11iv3 and noticed trusted system is not in HP's future. Wondering if anyone would care to share what they are doing in place of trusted system? Kind of need to move the passwords out of the password file doesn't look like shadow file is something we want to do in 11iv3.

Regarding auditing, one can turn on auditing with out converting the system to trusted in 11iv3 correct? Anyone out there using the auditing enhancements for 11iv3

Thank you in advance for your responses really do appreciate it.

Norm
0 Kudos
6 REPLIES 6
Patrick Wallek
Honored Contributor

‎01-07-2009 03:03 PM

‎01-07-2009 03:03 PM

Re: Trusted system going away in 11iv3 what are my options?

>>doesn't look like shadow file is something we want to do in 11iv3

Shadow passwords is the way HP is going.

The other option would be some sort of directory service like LDAP.
James R. Ferguson
Acclaimed Contributor

‎01-07-2009 03:25 PM

‎01-07-2009 03:25 PM

Solution

Re: Trusted system going away in 11iv3 what are my options?

Hi NOrm:

The Shadow password file only one piece of improved security and you don't need to wait until 11.31 to start.

Have a look at the Security Containment product offered for 11.23 and the Role-Based-Access-Control products (including the links in the overview) and :

http://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=AccessControl

http://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=AccessControl

http://docs.hp.com/en/5992-3387/index.html

Regards!

...JRF...
wvsa
Regular Advisor

‎01-08-2009 09:17 AM

‎01-08-2009 09:17 AM

Re: Trusted system going away in 11iv3 what are my options?

PAtrick & James;

Thank you for your response, we are going to use 11iv3 for our oracle DB so the info is helpful. I'm assuming I need to go and get the shadow file bits or is the shadow file functionality already on 11iv3?

James - unless I missed something your url's refer to 11iv2 and not 11iv3, so the question would it be prudent to use the tools you mentioned.


What about auditing are any of you using hp's auditing in 11iv3 if so would you mind sharing what your auditing, do you happen to use Tripwire

Thanks again for your responses.


Norm
0 Kudos
wvsa
Regular Advisor

‎01-08-2009 09:20 AM

‎01-08-2009 09:20 AM

Re: Trusted system going away in 11iv3 what are my options?

James;

Sorry about that do see your links reference 11iv3.

Norm
0 Kudos
dirk dierickx
Honored Contributor

‎01-08-2009 11:01 PM

‎01-08-2009 11:01 PM

Re: Trusted system going away in 11iv3 what are my options?

what is wrong with shadow files that you don't want to use this?
0 Kudos
Robert-Jan Goossens
Honored Contributor

‎01-09-2009 01:58 AM

‎01-09-2009 01:58 AM

Re: Trusted system going away in 11iv3 what are my options?

Hi Norm,

HP-UX Auditing and Security Attributes Configuration 11iv3

http://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=SecConfig

HP-UX Auditing System Extensions 11v3

http://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=AuditExt

--
or is the shadow file functionality already on 11iv3?
--

Shadow passwords are in the base functionality of of 11iv3, have a look at below doc.

http://docs.hp.com/en/5992-3387/ch02s04.html

Regards,
Robert-Jan
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.