[ Previous | Next | Table of Contents | Index | Library Home | Legal | Search ]

System Management Guide: Operating System and Devices


Chapter 4. Users and Groups

This chapter contains procedures for managing users and groups. Also included in this chapter is information on setting up the environment for authenticating a user (see Setting Up the Disk Quota System). See Disk Quota System Overview section in the AIX 5L Version 5.1 System Management Concepts: Operating System and Devices for an overview on this topic.

Perform the following tasks to manage users and groups. You must have root authority to perform many of these tasks.

Managing Users and Groups Tasks
Task SMIT Fast Path Command or File
Add a User smit mkuser  
Set Initial Login Shell for a User1 Environment smit chuser chsh UserName
Set Login Attributes for a User smit login_user  
Change/Show Login Attributes for a Port smit login_port  
Assign or Change a User's Password smit passwd passwd
Change User's Password Attributes smit passwdattrs  
Manage Authentication Methods for a New User smit mkuser /etc/security/users
Manage Authentication Methods for an Existing User smit chuser /etc/security/users
Establish Default Attributes for New Users   Use chsec command to edit /usr/lib/security/mkuser.default
Change User Attributes smit chuser  
Lock a User's Account smit chuser chuser account_locked=true AccountName
Unlock a User's Account smit chuser chuser account_locked=false AccountName
List Attributes for All Users smit lsuser  
List All Attributes for a Specific User smit chuser lsuser UserName
List Specific Attributes for a Specific User   lsuser -a Attributes User
List Specific Attributes for All Users   lsuser -a Attributes ALL
Remove a User2 smit rmuser  
Turn Off/On Access for Users3 smit chuser chuser login=no (or yes) UserName
Add a Group smit mkgroup  
Change Group Attributes smit chgroup  
List Groups smit lsgroup  
List Specific Attributes for All Groups   lsgroup -a Attributes | pg
List All Attributes for a Specific Group   lsgroup system
List Specific Attributes for a Specific Group   lsgroup -a Attributes Group
Remove a Group4 smit rmgroup lsgroup -a Attributes Group

Notes:
  1. The shell you specify must be defined in the usw stanza of the /etc/security/login.cfg file.
  2. You must remove information in other subsystems before removing a user, because the cron and at utilities both allow users to request programs to be run at a future date. Use the crontab command to remove a user's cron jobs. You can examine a user's at jobs with the atq command, then remove the jobs with the atrm command.
  3. In general, this procedure is not suggested for systems using NIS. This procedure does not work at all for NIS clients and it works on NIS master servers only for users logging into the master server.
  4. This procedure removes a group and all of its attributes from your network, but it does not remove all of the users in the group from the system. Also, if the group you want to remove is the primary group for any user, you must reassign that user to another primary group before removing the user's original primary group.


[ Previous | Next | Table of Contents | Index | Library Home | Legal | Search ]