HPE Community
Operating System - HP-UX
1851101 Members
1908 Online
104056 Solutions
New Discussion

Re: When we convert into trusted mode, how can we exclude one account?

 
morganelan
Trusted Contributor

‎10-12-2005 04:52 PM

‎10-12-2005 04:52 PM

When we convert into trusted mode, how can we exclude one account?

Hi Unix Gurus,
I want to ask may be we can exclude one or more account not be audited by trusted system?Can we give special treatment to one account on trusted system such as this account we treat never expired or expired every 6 months, and the rest follow the general rules, is it possible?Please advice Gurus, thanks in advance....
Kamal Mirdad
0 Kudos
6 REPLIES 6
RAC_1
Honored Contributor

‎10-12-2005 05:15 PM

‎10-12-2005 05:15 PM

Re: When we convert into trusted mode, how can we exclude one account?

You can. you can modify required setting for a user.
man modprpw and getprpw
man getprdef and modprdef
There is no substitute to HARDWORK
0 Kudos
Arunvijai_4
Honored Contributor

‎10-12-2005 05:18 PM

‎10-12-2005 05:18 PM

Re: When we convert into trusted mode, how can we exclude one account?

I dont think it is possible to exclude an account not to be audited in a trusted system.

-Arun
"A ship in the harbor is safe, but that is not what ships are built for"
0 Kudos
Darren Prior
Honored Contributor

‎10-12-2005 08:18 PM

‎10-12-2005 08:18 PM

Re: When we convert into trusted mode, how can we exclude one account?

Hi Morganelan,

You can use the audusr command to exclude a number of users from being audited.

In terms of giving special treatment to one account, there is a default file that covers all users on the system for password expiry, etc. However each user also has a file within /tcb that can be used to create a separate policy for that user. This is all controlled from within SAM.

regards,

Darren.
Calm down. It's only ones and zeros...
0 Kudos
morganelan
Trusted Contributor

‎10-12-2005 08:51 PM

‎10-12-2005 08:51 PM

Re: When we convert into trusted mode, how can we exclude one account?

Hi Daren Prior,
How to setup this special treatment from SAM?Could you give me the example?Thanks in advance.
Kamal Mirdad
0 Kudos
Joseph Loo
Honored Contributor

‎10-12-2005 09:45 PM

‎10-12-2005 09:45 PM

Re: When we convert into trusted mode, how can we exclude one account?

hi,

man audusr for more info.

# audusr
will show u a list of user whether audit or not.

# audusr -a
to audit the specified user

# audusr -A
audit all user

# audusr -d
do not audit specified user

# audusr -D
do not audit any user


thru SAM:
-> Auditing and Security -> Audited Users -> highlight Login Name of user(s) -> Actions -> "Audit User(s) or "Don't Audit User(s)"

regards
what you do not see does not mean you should not believe
0 Kudos
morganelan
Trusted Contributor

‎10-13-2005 07:46 PM

‎10-13-2005 07:46 PM

Re: When we convert into trusted mode, how can we exclude one account?

Thanks ....
Kamal Mirdad
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.