SUMMARY: Username aliasing

From: Koef (koef_at_AtosOrigin.nl)
Date: 07/29/04

  • Next message: Ray Pasetes: "vxdmp help" 
    Date: Thu, 29 Jul 2004 17:52:11 +0200
To: sunmanagers@sunmanagers.org

    Original question below.

    Most people suggested two passwd file entries, that are identical except for
    the username field. Use a realname in the first, and the salary number in
    the second. This works for "ps", "top", "ls", etc. However, the wtmp entry
    is still created using the salary number, so "w", "who", "last" etc. fail.

    I ended up with hacking ssh so that I can put the salary number as the first
    string in the GECOS field in the password file and map that back to the
    realname.

    Some other points raised:
    - Solaris usernames cannot be numerical. Ok, I forgot to mention that our
      salary numbers consists of a two letter country code followed by 5 or 6
      digits.
    - Sysadmins should establish policies on their machines and nobody else.
      Do not try to fix political issues with technical workarounds.

    Thanks to all that responded. 

    -- 
Koef.
On Wed, Jul 28, 2004 at 11:19:50PM +0200, Koef wrote:
> I have a user that insists using his salary number as the login username on
> my machines. Besides not liking to treat people as numbers, I hate to see
> numeric usernames in "ps", "top", "who", logfiles, etc. so all my other
> users have "real" usernames.
> 
> Is it possible in Solaris that when this user logs in with openssh,
> his numeric username gets translated to a real username, that is in the
> first field of the password file, and he authenticates with public keys
> in his /home/realname/.ssh/authorized_keys?
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
  • Next message: Ray Pasetes: "vxdmp help"

    Relevant Pages

    • Re: NT4 Disallow multiple logins
      ... >> school and my client base comprises primarily of Students.) ... > specify access times and logon machines this ... > will allow the logon *only* in the defined time ... in 20 times by passing his username and password to 19 other students? ...
      (microsoft.public.security)
    • Re: how to pass nt password ?
      ... i logon in xp, run the service locally on xp1 local machine. ... reach out to other machines having similar services and check whether it is ... f) the logonuser fucntion requires username, ... > with the minimum credentials required to operate). ...
      (microsoft.public.dotnet.languages.vb)
    • Re: usernames and the @ symbol
      ... If the machines are in a domain, why not use domain users instead of local ... This posting is provided "AS IS" with no warranties, ... > username would have made it simple as the users would only have had to ... >> UPN. ...
      (microsoft.public.windowsxp.security_admin)
    • Re: Sharing folders on XP Pro
      ... passwords on both machines thereby giving access to a user ... username has the right permissions set. ... by right clicking on the folder, properties, etc. ...
      (microsoft.public.windowsxp.security_admin)
    • Re: Restrict User logon concurrently
      ... Kashif typed: ... own unique username & password. ... Edition) to logon to different machines at the same time. ... I want to restrict that so if User1 logs on to one ...
      (microsoft.public.windows.server.sbs)