Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Default system users
Operating Systems AIX Default system users Post 302221973 by lo-lp-kl on Tuesday 5th of August 2008 04:31:03 PM
Old 08-05-2008
Default system users
The principal reason its for security. that I want to lock this user account.

But I would to hear your opinions.


Thanks again
 

9 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

AIX Unix.. number of users on system in a particular group

Does anyone know what pipe string might be used to determine how many people are logged onto an AIX system where a group ID begins with lets say 4. In other words, I am looking to query the system for the number of people currently logged onto a system that belong to any group starting with 4.... (1 Reply)
Discussion started by: afiore
1 Replies

2. UNIX for Dummies Questions & Answers

Find users using system(List them only once)

Hey, got a few questions here for anyone who can help...... Command line to - display users using the system, but count them only once. Command line to - use the lastcomm command to display how many times ive used grep in october. Command line to - list all logged on users with at least 6... (3 Replies)
Discussion started by: xBuRnTx
3 Replies

3. Shell Programming and Scripting

How can i use system users in perl for login page

Hi, I want to code a script with perl. For this, I need some knowledge. How can i use system user name(with group) and password in my login page? I will be happy if you can help me (2 Replies)
Discussion started by: tahsinaltay
2 Replies

4. Shell Programming and Scripting

Bash Help: users who are not logged into the system to display

A Newbie here, I am working on a script and am having problems with the else part of the script. I can't get the users who are not logged into the system to display on the screen with their username and the text "The user is not logged in". I am sure it is something simple and stupid, but I... (5 Replies)
Discussion started by: rchirico
5 Replies

5. UNIX for Advanced & Expert Users

Best practices with AIX system users?

All, Preliminaries: AIX 5.2 Tivoli Maestro 6.1 (9.2) I am auditing an older AIX system. As it stands, I can login remotely to the system using the Maestro application's user account. This is BAD. The administrator claims that he cannot disable the remote login, because it will... (1 Reply)
Discussion started by: Thatto
1 Replies

6. Emergency UNIX and Linux Support

List of users on an AIX system

Is there a way to generate a list of users with name, user ID, and Security Group? It is urgent for audit purposes. Please help. (5 Replies)
Discussion started by: ggayathri
5 Replies

7. Homework & Coursework Questions

Find out the System users

Use and complete the template provided. The entire template must be completed. If you don't, your post may be deleted! 1. The problem statement, all variables and given/known data: I want to create a file called Allusers that contains the list of currently logged on users and the total number... (2 Replies)
Discussion started by: ahm2008
2 Replies

8. UNIX for Dummies Questions & Answers

List system users and..

Hello i need fast help... script which will list only human users from /etc/passwd and find out if they have something in home. Thanks (11 Replies)
Discussion started by: mentoscz
11 Replies

9. UNIX for Dummies Questions & Answers

Users logged into the system

So I'm trying to write a single line command So I have to use last first in this command and I've figured out the format my professor wants it in, something like thislast | cut -d' ' -f1,15 | sort > check | uniq -c.... and I never can get it right, when I just last command I get something... (2 Replies)
Discussion started by: DoubleAlpha
2 Replies

LEARN ABOUT OPENDARWIN

krb5_auth_rules

krb5_auth_rules(5)                                      Standards, Environments, and Macros                                     krb5_auth_rules(5)

NAME

       krb5_auth_rules - Overview of Kerberos V5 authorization

DESCRIPTION

       When  a  user  uses  kerberized  versions of the ftp, rdist, rcp, rlogin, rsh, or telnet clients to connect to a server, even if the user's
       claimed Kerberos V5 identity is authenticated, the user is not necessarily authorized. Authentication merely proves that the user  is  "who
       he says he is" to the Kerberos V5 authentication system. Authorization also needs to be done, since it determines if that Kerberos identity
       is permitted to access the Solaris user account that the client wants to access.

       Each user may have a private authorization list in a file ~/.k5login in his login directory (on the server). Each line in this file  should
       contain  a  Kerberos  principal name of the form principal/instance@realm. If the server finds a ~/.k5login file, then access is granted to
       the account if and only if the originating user is authenticated to one of the principals named in the ~/.k5login file.

       If there is no ~/.k5login file, the originating user will then be checked against the gsscred table (see gsscred(1M)).  If the  originating
       user's  Kerberos  V5  identity  is  in  the gsscred table, and if the UNIX user id in the gsscred table corresponds to the user account the
       client is trying access, then the originating user is granted access to the account on the server. If the UNIX user id does not match, then
       the originating user is denied access.

       For  example, suppose the originating user has a principal name of jdb@ENG.ACME.COM and the target account is jdb-user. If jdb@ENG.ACME.COM
       appears in the gsscred table with uid 23154 and if jdb-user appears in the user account database  (see  passwd(4))  with  uid  23154,  then
       access to account jdb-user is granted.  Of course, normally, the target account name in this example would be jdb and not jdb-user.

       Finally,  if there is no ~/.k5login file and if the originating user's Kerberos V5 identity is not in the gsscred table, then the user will
       be granted access to the account if and only if all of the following are true:

         o  The user part of the authenticated principal name is the same as the target account name specified by the client.

         o  The realm part of the client and server are the same.

         o  The target account name exists on the server.

       For example, if the originating user has a principal name of jdb@ENG.ACME.COM and if the server is in realm SALES.ACME.COM,  then  even  if
       jdb  is  a  valid account name on the server, the client would be denied access. This is because the realms SALES.ACME.COM and ENG.ACME.COM
       differ.

FILES

       ~/.k5login      Per user-account authorization file.

       /etc/passwd     System account file. This information may also be in a directory service. See passwd(4).

ATTRIBUTES

       See attributes(5) for a description of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE         |      ATTRIBUTE VALUE        |
       +-----------------------------+-----------------------------+
       |Interface Stability          |Evolving                     |
       +-----------------------------+-----------------------------+

SEE ALSO

       ftp(1), rcp(1), rdist(1), rlogin(1), rsh(1), telnet(1), gsscred(1M), passwd(4), attributes(5), gss_auth_rules(5)

NOTES

       To avoid security problems, the ~/.k5login file must be owned by the remote user.

SunOS 5.10                                                          13 Apr 2004                                                 krb5_auth_rules(5)
All times are GMT -4. The time now is 12:05 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy