Summary: Prevent users from logging onto servers

From: Anchi Zhang (
Date: Thu Sep 01 1994 - 05:46:20 CDT

Many thanks to the following who responded: (Steve Ozoa) (Barry Margolin)
Jim Murray <>
james mularadelis <>
Jesse Adam <jaa@geog.GEOG.UCSB.EDU>
"Henry Katz" <>
"Reggie Beavers" <vjq09r4@shoes.Bell-Atl.Com>
bern@penthesilea.Uni-Trier.DE (Jochen Bern)
Claus Assmann <>
brobbins@Newbridge.COM (Bert Robbins) (Bill Nolf - Logicon)

An abbreviated version of the original question:

  Does there exist a simple way to prevent ordinary users from logging
  onto NFS/DB servers in an NIS environment?

Most suggested to replace +:*:0:0::: with +:*:0:0:::/bin/false
in servers' /etc/passwd and some recommended using netgroup to restrict
logins. I prefer the first solution because, once it is set up, nothing
has to be changed when users are added/deleted.

For it to work on Solaris 2:3 machines, however, the line

  passwd: files nis

in /etc/nsswitch.conf must be replaced by

  passwd: files compact

(713) 270-1727 Home
(713) 853-5464 Office

This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:09:08 CDT