Quote:> I need to have a generic user name and
> password for my systems however I
> don't want users to use this user name
> and password to log in.
I believe I understand what you're asking. You don't want the
"special" account to login directly to the box. You want to force
users to su to that account - which is nice because it creates an
audit trail. Here is how we do it.
First, we make all user accounts use /bin/ksh as their default shell.
This means that when they login, the /etc/profile file is executed.
Second, we modify /etc/profile. If the user's shell is ksh, it
compares their login ID to a special file. This file is a list of
usernames which are NOT allowed to login directly. This file would
contain the name of your "special" account. If /etc/profile
determines that the "special" account is attempting to login directly
via telnet or SSH, it displays a warning message and kicks them off
the system.
This is fairly simple and crude, but it works suprisingly well. Let
me know if you'd like to see the shell code and I can e-mail it to
you.
I hope this helps.