1.What is the significance of creating Groups and adding Users to Groups? Explain. It is important to put user in groups because it is easier manager there permissions. Instead of assigning permissions to a new user every time someone is hired, you would just add them to the groups they need. 2.Given a scenario where there are five (5) database administrators that may periodically need access to a given system. Discuss a concept to better manage these administrators' access permissions. You would add the 5 dba’s to group that would be assigned access to the system. 3.The new web administrator's account has been set up and a password provided. What is the process to force a password change upon first login?
You should type “su –c ‘ change –d 0 (users name)” 4.What is the purpose of the “su” command? Explain its significance.
The su command allows you to run commands a super user or better known as root. The is kind of like when windows ask you if you want to run this program as an administrator. Instead of it asking you are telling it you want to run the command as root. 5.Restricting the use of the 'su' command can be configured using what mechanism?
You would edit /etc/pam.d/su. And remove the # simbule meaning that now this group selected needs authentication to run the su command. 6.What is the purpose of the login.defs file? Explain the contents and configuration options?
Login .defs file , Allows you to change the password/ account requirements for each user. It contains how long a password could be used, the minimum days allowed between password changes, how long the password can be, and the number of days you will be warned before the password expires.
7.What is the PASS_MIN_DAYS setting? Why would it be a good idea to set the PASS_MIN_DAYS setting? The PASS_MIN_DAYS is the minimum number of days allowed before changing the password. They would be a good idea to change because you wouldn’t was a user to always changing the password then forgetting it because they are always changing it. 8.What is the PASS_MAX_DAYS setting? Why would it be a good idea to set the PASS_MAX_DAYS setting? The PASS_MAX_DAYS is the maximum number of days a password maybe used. They would be a good idea to change because you wouldn’t was a user to always use the same password. So by setting the you are forcing a user to reset there password. 9.Will changes to the commands /etc/login.defs settings (PASS_MAX_DAYS, PASS_MIN_DAYS and PASS_WARN_AGE) take effect to existing accounts?
10.Describe the password and account settings you would configure if you were told that there were a few contractors that needed accounts on the Linux system for the next 14 days.
The command you would run for a temp user would be su –c ‘change –e 2014-9-29 (username)