Use a non-root account with PowerRecon

  • 7920898
  • 30-Mar-2007
  • 24-Oct-2013

Environment

Applies to:  Recon 3.0 and higher

Situation

This article provides instructions on how to use a non-root account with PowerRecon when using a supported Linux source server or a VMware ESX/VMware Infrastructure Server.

Resolution

PowerRecon v2.5 and higher now includes the abitility to use a non-root account.  In order to use a non-root or "sudo" account with PowerRecon, the following steps are required:

  1. Create the new user account:


    For supported Linux servers or VMware ESX Server type the following command:

    useradd -G wheel -m -d /home/psuser psuser    ->   where psuser is the name of the new user account

    After creating the new user account, set a password by typing the following command:

    passwd psuser



    For supported Solaris servers type the following command:

    useradd -G wheel -m -d /export/home/psuser psuser   ->  where psuser is the name of the new user account

    After creating the new user account, set a password by typing the following command:

    passwd psuser


  2. Add the new user account to the sudoers file to allow the user to run the "sudo" command.  As root type:

    visudo         

    NOTE:  For Solaris, users will need to download the sudo package and install it. By default, visudo is installed under /usr/local/sbin and sudo is installed under /usr/local/bin.  Users will also need to ensure that the /usr/local/bin is set in the PATH statement.  Failure to set the PATH can result in the error even if the sudo package has been already installed on the Solaris server:

    "System.Exception: sh: sudo: not found" 



    After issuing the visudo command, the following will be displayed (necessary additions/changes are bold in red):

    Linux/Solaris Sample Sudoers file:

    # sudoers file.
    #
    # This file MUST be edited with the 'visudo' command as root.
    #
    # See the sudoers man page for the details on how to write a sudoers file.
    #

    # Host alias specification

    # User alias specification

    # Cmnd alias specification

    # Defaults specification

    # User privilege specification
    root    ALL=(ALL) ALL
    psuser    ALL=(ALL) ALL    ------>  ADDING THIS LINE WILL ALLOW THE NEW USER TO RUN SUDO

    # Uncomment to allow people in group wheel to run all commands
    # %wheel        ALL=(ALL) ALL  ------>  UNCOMMENT THIS LINE TO ALLOW WHEEL GROUP MEMBERS TO RUN SUDO

    # Same thing without a password
    # %wheel        ALL=(ALL)       NOPASSWD: ALL

    NOTE: When modifying the sudoers file please make sure there are no spaces before or after the "=" signs as this will cause failures to occur during the inventory/monitoring process.

    VMware ESX Server Sample Sudoers file:


    #sudoers file.
    #
    #This file MUST be edited with the 'visudo' command as root.
    #
    #See the sudoers man page for the details on how to write a sudoers file.
    #

    #Host alias specification

    #User alias specification

    #Cmnd alias specification

    #User privilege specification
    root    ALL=(ALL) ALL
    psuser    ALL=(ALL) ALL    ------>  ADDING THIS LINE WILL ALLOW THE NEW USER TO RUN SUDO


  3. Discover the Linux server or the VMware ESX Server using the new user account

Feedback service temporarily unavailable. For content questions or problems, please contact Support.