10-09-2007
Firstly have a look at the CERT UNIX security checklist, which will list a number of measures that would be expected of any system.
In addition to these you should read up on the "two man rule" and similar security techniques. In paticular you must be careful of SOX requirements if the system will be US based.
9 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
We recently had an accidental delete from /. I hold the root password but others are allowed to sudo over to root to perform admin tasks. The only way I want to permit deletion from / is by physically being root (su -).
I'd like to add a line to the sudoers file which would permit all commands... (1 Reply)
Discussion started by: scottsl
1 Replies
2. UNIX for Dummies Questions & Answers
Is there a way to easily change an account to be a non login account (NP in the shadow) file?
I know I can just edit the file but that is not what we want to do. We use access control software and want to provide a way to set an account to be non-login using simple commands that can be mapped... (0 Replies)
Discussion started by: LordJezo
0 Replies
3. UNIX for Dummies Questions & Answers
I have access to 15+ UNIX boxes at work, and I do not consistently log onto all of them over time. When I do try to access one I havent been on in awhile, my account is locked as the password has expired.
I need to request to the UNIX SA's that the password expiration is 90 days and that if it... (1 Reply)
Discussion started by: stringzz
1 Replies
4. Linux
Hi ,
I am faceing lot of problem due to "disk space is not enough".
senerio is like as,
In system has 5 account.
a,b,c,d,e
say account c if very critical.
Due to other user's data, user 'c' is faceing disk space issue.
I want to dedicate 3 GB for user 'c'.
No user... (1 Reply)
Discussion started by: ashokd009
1 Replies
5. Linux
Hi Techs,
Please guide me the answer with the explanation.
Q1) What is the uid of an individual account which can access ftp/http?
Thanks in advance to all. (3 Replies)
Discussion started by: ajazshariff
3 Replies
6. Solaris
Hi Unix Gurus .
I have requirement where in which - I would like create duplicate root equivalent account with all the privileges equal to root. Is it possible to create this duplicate account with different UID. ?
this id i would like give it to my teams - who does multiple activities using... (2 Replies)
Discussion started by: johnavery50
2 Replies
7. Forum Support Area for Unregistered Users & Account Problems
Hi there,
I may have had a typo in my email previously provided. I have doublechecked my email for Scott's reply but havent seen it, so I am creating a new post.
My new email can be either one of these: <removed> or <removed>
I beleive my old email was <removed by admin>
thanks for your... (1 Reply)
Discussion started by: AKelam_MagnusA
1 Replies
8. How to Post in the The UNIX and Linux Forums
I have made password less connection to my remote account. and i tried to execute commands at a time. but i am unable to execute the commands.
ssh $ACCOUNT_DETAILS@$HOST_DETAILS
cd ~/JEE/*/logs/ (1 Reply)
Discussion started by: kishored005
1 Replies
9. Windows & DOS: Issues & Discussions
Hello,
Does anyone know what happens to your skype account if you close the outlook.com email account which are linked together? As you know they are both owned by Microsoft.
Thanks (0 Replies)
Discussion started by: milhan
0 Replies
LEARN ABOUT OSF1
w2kusers.deny
w2kusers.deny(4) Kernel Interfaces Manual w2kusers.deny(4)
NAME
w2kusers.deny - Authentication file for Windows 2000 Single Sign On.
SYNOPSIS
# Comment account_name
DESCRIPTION
The w2kusers.deny is a text file containing a list of user account names. When an account is included in this file, the Windows 2000 Sin-
gle Sign-On software verifies only the UNIX authentication for the named account.
To add user accounts to the file, use a text editor to enter the user's UNIX account name. The following syntax rules apply to the
w2kusers.deny file: Only one user name can be entered on a line. The user name must exactly match a user name in the UNIX /etc/passwd
file. Comment lines begin with a pound sign (#).
EXAMPLES
The following example shows a typical w2kusers.deny file: # The following file lists account names that are not allowed to use # the Win-
dows 2000 authentication information when it is enabled. # Account names must match exactly the user account name in the # /etc/passwd
file. # # Syntax: account_1 # . # . # . # account_n # root nobody nobodyV daemon bin uucp
uucpa auth cron lp tcb adm ris wnn pop imap Peter Dave Beth Martha
FILES
Location of the file.
RELATED INFORMATION
Commands: ldapcd(8), lw2ksetup(8)
Files: etc/w2kusers.deny(4)
Windows 2000 Single Sign-OnInstallation and Administration Guide.
delim off delim off
w2kusers.deny(4)