[ Previous | Next | Contents | Glossary | Home | Search ]
AIX Version 4.3 System Management Guide: Operating System and Devices

Chapter 5. Managing Users and Groups

This chapter contains information on managing users and groups. Also included in this chapter is information on disk quotas and on setting up the environment for authenticating a user. For suggestions on how to improve the efficiency of managing users, see CPU-Efficient UserID Administration in Chapter 5 of AIX Versions 3.2 and 4 Performance Tuning Guide.

The following table lists tasks that are used for managing users and groups. You must have root authority to perform many of these tasks.

Managing Users and Groups Tasks
Web-based System Manager:    wsm users fast path
(Users application)

-OR-
Task SMIT Fast Path Command or File
Add a User smit mkuser  
Set Initial Login Shell for a User1 Environment smit chuser chsh UserName
Set Login Attributes for a User smit login_user  
Change/Show Login Attributes for a Port smit login_port  
Assign or Change a User's Password smit passwd passwd
Change User's Password Attributes smit passwdattrs  
Manage Authentication Methods for a New User smit mkuser /etc/security/users
Manage Authentication Methods for an Existing User smit chuser /etc/security/users
Establish Default Attributes for New Users   Use chsec command to edit /usr/lib/security/mkuser.default
Change User Attributes smit chuser  
Lock a User's Account smit chuser chuser account_locked=true AccountName
Unlock a User's Account smit chuser chuser account_locked=false AccountName
List Attributes for All Users smit lsuser  
List All Attributes for a Specific User smit chuser lsuser UserName
List Specific Attributes for a Specific User   lsuser -a Attributes User
List Specific Attributes for All Users   lsuser -a Attributes ALL
Remove a User2 smit rmuser  
Turn Off/On Access for Users3 smit chuser chuser login=no (or yes) UserName
Add a Group smit mkgroup  
Change Group Attributes smit chgroup  
List Groups smit lsgroup  
List Specific Attributes for All Groups   lsgroup -a Attributes | pg
List All Attributes for a Specific Group   lsgroup system
List Specific Attributes for a Specific Group   lsgroup -a Attributes Group
Remove a Group4 smit rmgroup lsgroup -a Attributes Group
Notes:
  1. The shell you specify must be defined in the usw stanza of the /etc/security/login.cfg file.
  2. You must remove information in other subsystems before removing a user, because the cron and at facilities both allow users to request programs to be run at a future date. Use the crontab command to remove a user's cron jobs. You can examine a user's at jobs with the atq command, then remove the jobs with the atrm command.
  3. In general, this procedure is not suggested for systems using NIS. This procedure will not work at all for NIS clients and it will work on NIS master servers only for users logging into the master server.
  4. This procedure removes a group and all of its attributes from your network, but it does not remove all of the users in the group from the system. Also, if the group you want to remove is the primary group for any user, you must reassign that user to another primary group before removing the user's original primary group.

[ Previous | Next | Contents | Glossary | Home | Search ]