- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Script for non root user to reset passwords. Use...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-04-2012 10:28 AM
05-04-2012 10:28 AM
Script for non root user to reset passwords. Use UID 0? sudo? Or is there another way?
We want our help desk to be able to reset passwords in one of production UNIX servers and also reset password in the application on top of it. Help desk currently does not use UNIX or this application.... so teaching them restricted SAM or teaching them password screen in our application is not an option. .
I already have script that root can use to achieve this. but I do not want give root password to help desk personnel I have some ideas on how to achieve this. I can se up:
1) logins for each help desk personnel. Modify the script to use sudo. Put script in .profile?
2) a new user with UID 0. Put script in .profile. Have all help desk personnel use this login.
Which is a bettor and safer way? Or is there a better solution? I am leaning towards #1, but want to get some feedback for you guys on why I should or not do this.
Thanks again,
- Tags:
- Password reset
- sudo
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-04-2012 11:49 PM
05-04-2012 11:49 PM
Re: Script for non root user to reset passwords. Use UID 0? sudo? Or is there another way?
Using sudo safer since you can lock in exactly what script to use.
For UID 0, you would have to make sure the user doesn't get out of your .profile script.
(A better way would be to change that user's shell to your script.)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-06-2012 12:46 AM
05-06-2012 12:46 AM
Re: Script for non root user to reset passwords. Use UID 0? sudo? Or is there another way?
Hi,
As per my experience the best method is RBAC (Role based access control). Through RBAC you can assign privilage to normal users to execute root only allowed commands.It is the best and safer methods.
If audit service is enabled. You can track the executed commands.
Following url will provide you better understanding.
http://h21007.www2.hp.com/portal/download/files/unprot/hpux/RBACv1_HP-UX11i.pdf
Thanks and Regards,
Manoj K
Manoj K
- Tags:
- RBAC