Solved

AIX 5.3 - What does admin=true means?

Posted on 2009-07-03
4
1,718 Views
Last Modified: 2013-12-04
Hi

I am not that clear about what kind of user is the one with this setting: admin=true. Per IBM reference
"The user is an administrator. Only the root user can change the attributes of users defined as administrators. "

However, I've also seen on other sites that it means that only root can change the password of this user.

So my question is, does the user with admin=true have full (administrator) access to the system or is just a restriction on who can change the user password?

Any thoughts would be appreciated.

Thanks!
0
Comment
Question by:ralmada
  • 2
  • 2
4 Comments
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 24773284

Hi,
this flag applies to users and groups.

Normally, user attributes can be changed by root and the members of the security group (gid = 7).
With the admin flag set to true, only root can change such attributes.

For groups, you can have group admins. These users normally can change the attributes (and list of members) of the groups they are admins for, unless the admin flag of the group is set to true, which means, like for users above, that only root can do such changes.
 
That's all. admin=true doesn't have other effects than the ones I wrote above. Particularly, it doesn't give the affected user or group any privileges.

Using your words: " [It] is just a restriction on who can change the user password..."
 
wmp
0
 
LVL 41

Author Comment

by:ralmada
ID: 24773505
Thanks wmp.
One follow up question then. How can I determine if an user is an administrator or not? What command should I execute?
Sorry I'm a newbie in AIX.
0
 
LVL 68

Accepted Solution

by:
woolmilkporc earned 500 total points
ID: 24773806
No reason to be sorry.  I'm always pleased to be able to help.

"... is an admin ..."  is not quite correct. You should have said "... whose account is under admin restriction ..."
The appropriate command would be:

lsuser -a admin username

Output could be

username admin=true     (or false, of course)

Instead of username you can also use ALL (uppercase) to list all users.

The command for group is (you guess it):

lsgroup -a admin groupname

Please have a look at this EE case, where I explain 'lsuser' in detail:

http://www.experts-exchange.com/OS/Unix/AIX/Q_24519566.html

More questions? You're welcome!

wmp





0
 
LVL 41

Author Closing Comment

by:ralmada
ID: 31599609
Thanks so much! You've been very helpful
0

Featured Post

Save on storage to protect fatherhood memories

You're the dad who has everything. This Father's Day, make sure your family memories are protected. My Passport Ultra has automatic backup and password protection to keep your cherished photos and videos safe. With up to 3TB, you have plenty of room to hold the adventures ahead.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The term "Bad USB" is a buzz word that is usually used when talking about attacks on computer systems that involve USB devices. In this article, I will show what possibilities modern windows systems (win8.x and win10) offer to fight these attacks wi…
Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

947 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now