Skip to main content

7.2 Setting a User Account and Password


7.2 Setting a User Account and Password
Set a user account and password appropriate to the use environment, and assign a user privilege to the user account. Be sure to register at least one user account having the platadm and useradm user privileges.
  1. Execute the adduser command to add a user account.
    The following example specifies jsmith for the user account name. If -u is not specified, the UID is automatically assigned.
XSCF> adduser jsmith
  1. The following example adds a user account with a UID specified.
XSCF> adduser -u 359 jsmith
  1. Execute the password command, and specify a password.
XSCF> password jsmith
Password:
Retype new password:
passwd: password updated successfully
XSCF>
Note - A user with the useradm privilege can set the password for another specified user account regardless of the value specified in the setpasswordpolicy(8) command.
  1. The following example specifies 60 days for the expiration time and 15 days ahead for the start date for warnings before the password expires.
XSCF> password -M 60 -w 15 jsmith
  1. Execute the setprivileges command to assign a user privilege to the user account.
    The setprivileges command can set the following as user privileges for the entire system.
Table 7-3  User privileges
User privilege Overview Description of privilege
platadm Manage the whole system.
- Can perform all hardware operations for the system.

- Can manipulate all XSCF settings except those requiring the useradm and XSCF audit privileges.

- Can add/delete hardware in a PPAR.

- Can perform power operations for a physical partition.

- Can refer to all of the status of the server.

useradm Manage user accounts.
- Can create, delete, enable, and disable user accounts.

- Can change user passwords and password profiles.

- Can change user privileges.

auditop Refer to the audit status. Can refer to the XSCF audit status and audit methods.
auditadm Control auditing.
- Can control XSCF auditing.

- Can delete XSCF audit methods.
fieldeng Allow use by field engineers. Permits field engineers to only be able to perform maintenance work and change device configurations.
  1. The following example specifies useradm and platadm for the user account.
XSCF> setprivileges jsmith useradm platadm
Note - The setprivileges command assigns the user privilege of the specified operand.
To add a new user privilege to a user account already assigned a user privilege, specify the existing user privilege too.
  1. Execute the showuser command to check information on a created user account.
XSCF> showuser -l
User Name: jsmith
UID: 359
Status: Enabled
Minimum: 0
Maximum: 60
Warning: 15
Inactive: -1
Last Change: May 22, 2013
Password Expires: Jul 21, 2013
Password Inactive: Never
Account Expires: Never
Privileges: useradm
platadm
Note - Considering maintenance work, be sure to prepare a field engineer (FE) user account that has the fieldeng user privilege.
We recommend that the system administrator create accounts with the platadm, useradm, auditadm, and fieldeng user privileges.