Valid on UNIX
The secompas utility compares passwords in the CA ControlMinder database with the passwords in the UNIX password file.
For each user in the CA ControlMinder database, the utility outputs one line that contains the user name and a message indicating whether the user is not defined in UNIX, whether the user has no password in CA ControlMinder, or whether the passwords match. The utility also displays the total number of users it compared and the number of users whose passwords do not match. It only adds to this total when the password exists in both environments and it is not the same. If a user is not defined in an environment, or the password is missing from an environment, secompas does not add to the counter of unmatched passwords.
To compare passwords, the secompas utility uses the /etc/passwd file, the shadow password files, and NIS/NIS+ password maps.
Note: You must have the ADMIN attribute to use this utility.
This command has the following format:
secompas [-db] [-ok] [-ux]
Specifies not to display users that do not have a password in the CA ControlMinder database.
Displays the help for this utility.
Specifies not to display users that have the same password in the CA ControlMinder database and UNIX (password match).
Specifies not to display users that do not exist in UNIX.
Example: Utility output
This example shows sample output from the utility:
Checking root : No password in Access Control database. Checking tst_001 : Undefined in UNIX. Checking tst_002 : No password in UNIX password file Checking tst_003 : *** PASSWORDS DO NOT MATCH. *** Checking tst_004 : *** NO MATCH ‑ UNIX DISABLED *** Checking tst_005 : OK Total of 6 users found in database. 2 unmatched password(s) found. (1 UNIX DISABLED).
The following explains each line in the preceding output:
Checking root : No password in Access Control database.
Either the user root is not defined in the CA ControlMinder database or the user is defined in the database but does not have a password in it.
Checking tst_001 : Undefined in UNIX.
The user tst_001 is defined in the CA ControlMinder database but not in UNIX.
Checking tst_002 : No password in UNIX password file
The user tst_002 is defined in UNIX but does not have a password.
Checking tst_003 : *** PASSWORDS DO NOT MATCH. ***
The CA ControlMinder password does not match the UNIX password of the user tst_003.
Checking tst_004 : *** NO MATCH ‑ UNIX DISABLED ***
The tst_004 user account was disabled in the UNIX environment. secompas identifies a disabled user account by the asterisk (*) in front of the password in the /etc/passwd file.
Checking tst_005 : OK
The CA ControlMinder password matches the UNIX password of the user tst_005.
Copyright © 2013 CA Technologies.
All rights reserved.
|
|