Previous Topic: How uxconsole Discovers an Active Directory SiteNext Topic: uxpreinstall Utility—Check for System Compliance


UxImport Utility—Extract Information from the UNIX Operating System

Valid on UNIX

The uximport utility extracts information from the UNIX operating system about the defined users, groups, terminals, hosts, and TCP services. It extracts information from NIS, if it is installed, and the system is configured accordingly. It also provides DNS support. You should use uximport as part of the installation procedure.

uximport automatically processed the extracted information to generate selang commands that you can use to add users and groups to the CA ControlMinder database. The generated commands are printed to the standard output. Use redirection to a file, or pipeline to the selang utility.

This command has the following format:

UxImport switches [options]
‑a

Generates the selang commands required to import users, groups, and hosts, and to join users to their default groups.

‑c

Generates the selang commands required to explicitly join users to their default groups.

Note: If you also import groups with the ‑g switch, CA ControlMinder generates the commands that join users to the groups to which they are explicitly linked.

‑g

Generates the selang commands required to import groups from UNIX and NIS to the CA ControlMinder database.

‑h

Generates the selang commands required to import hosts from UNIX, NIS, and DNS to the CA ControlMinder database. uximport extracts host information from the file /etc/hosts and from NIS, and builds HOST resources. For each host entry in the file /etc/hosts or extracted from NIS, the appropriate newres command is built, and permission to receive any TCP service is assigned to that host.

In addition, DNS is supported with the ‑d option. In some machines, information from the file /etc/hosts and NIS is ignored if the specified DNS daemon is running. In Solaris, the information gathered depends on the configuration of the system in the file /etc/nsswitch.conf.

‑t

Generates the selang commands required to import terminal rules from UNIX and NIS to the CA ControlMinder database.

uximport extracts host information from the file /etc/hosts and from NIS, and builds TERMINAL resources. For each entry in the file /etc/hosts or extracted from NIS, the appropriate newres TERMINAL command is built and permission to log in from the terminal is granted.

In addition, DNS is supported with the ‑d option. In some machines information from the file /etc/hosts and NIS is ignored if the specified DNS daemon is running. In Solaris, the information gathered depends on the configuration of the system in the file /etc/nsswitch.conf.

‑T

Generates the selang commands required to import TCP services from UNIX and NIS to the CA ControlMinder database. The names are set according to GECOS in UNIX. The names are truncated to 40 characters if they are longer.

‑u

Generates the selang commands required to import users from UNIX and NIS to the CA ControlMinder database. The actual user names are set according to GECOS in UNIX. The names are truncated to 40 characters if they are longer.

options

‑d

Specifies the use of DNS for generating the list of hosts and terminals to import. Must be accompanied by the ‑h or ‑t switch.

‑f

Skips search for multiple occurrences of the same name. By not using the standard uximport processes, this option handles the importing of many users and groups speedily, and saves memory. The ‑f option does not apply to hosts; you should combine them with one or more of the following switches: ‑u, ‑g, or ‑a. Also, use one of these switches when including the ‑c switch in conjunction with the ‑f option.

Join and surrogate rules are printed along with create records.

‑G

Creates SURROGATE class rules for groups. uximport adds a record to the SURROGATE class for each group it defines, therefore making SURROGATE requests protected resources. It also adds rules so that root can surrogate to each of the groups.

‑gr n

Specifies the number of grace logins for all users, forcing users to change their passwords after n logins. This ensures that the PASSWD_L_C property in the USER record is updated.

‑o owner

Sets ownership rules for each record. We recommended that you use this option to prevent root from automatically becoming the owner of all the records. Owner is the name of the user or group to be assigned ownership of all records defined by uximport.

Note: You must specify this option as a separate argument followed by owner.

‑pr groupname

Assigns a profile group to users. If you specify this option, CA ControlMinder uses that group when building a user's profile; otherwise, it uses the primary UNIX group.

-r

Specifies to continue scanning after a failure.

‑s

Creates SURROGATE class rules for users and groups. The uximport function adds a SURROGATE record for every group it defines, thereby making SURROGATE requests to the group into protected resources.

‑U

Creates SURROGATE class rules for users. uximport adds a record to the SURROGATE class for each user it defines, therefore making SURROGATE requests into protected resources. It also adds rules so that root can surrogate to each of the users.

‑v

Displays the status of the program (verbose mode). We recommended that you use this option if your site has many users, groups, or hosts, so that you can verify the program's progress.

Example

The following command extracts all information of users, groups, and hosts from the UNIX and NIS databases. It then creates the selang commands that add those records to the database. uximport then creates SURROGATE class records and provides progress indication. Output is directed to the file uxinfo.seos in your home directory.

UxImport ‑a ‑s ‑v > ~/uxinfo.seos