Use a non-root account with PowerRecon

  • Document ID:7920898
  • Creation Date:30-Mar-2007
  • Modified Date:24-Oct-2013
    • Micro Focus Products:
      PlateSpin Forge

Environment

Applies to:  Recon 3.0 and higher

Situation

This article provides instructions on how to use a non-root account with PowerRecon when using a supported Linux source server or a VMware ESX/VMware Infrastructure Server.

Resolution

PowerRecon v2.5 and higher now includes the abitility to use a non-root account.  In order to use a non-root or "sudo" account with PowerRecon, the following steps are required:

  1. Create the new user account:


    For supported Linux servers or VMware ESX Server type the following command:

    useradd -G wheel -m -d /home/psuser psuser    ->   where psuser is the name of the new user account

    After creating the new user account, set a password by typing the following command:

    passwd psuser



    For supported Solaris servers type the following command:

    useradd -G wheel -m -d /export/home/psuser psuser   ->  where psuser is the name of the new user account

    After creating the new user account, set a password by typing the following command:

    passwd psuser


  2. Add the new user account to the sudoers file to allow the user to run the "sudo" command.  As root type:

    visudo         

    NOTE:  For Solaris, users will need to download the sudo package and install it. By default, visudo is installed under /usr/local/sbin and sudo is installed under /usr/local/bin.  Users will also need to ensure that the /usr/local/bin is set in the PATH statement.  Failure to set the PATH can result in the error even if the sudo package has been already installed on the Solaris server:

    "System.Exception: sh: sudo: not found" 



    After issuing the visudo command, the following will be displayed (necessary additions/changes are bold in red):

    Linux/Solaris Sample Sudoers file:

    # sudoers file.
    #
    # This file MUST be edited with the 'visudo' command as root.
    #
    # See the sudoers man page for the details on how to write a sudoers file.
    #

    # Host alias specification

    # User alias specification

    # Cmnd alias specification

    # Defaults specification

    # User privilege specification
    root    ALL=(ALL) ALL
    psuser    ALL=(ALL) ALL    ------>  ADDING THIS LINE WILL ALLOW THE NEW USER TO RUN SUDO

    # Uncomment to allow people in group wheel to run all commands
    # %wheel        ALL=(ALL) ALL  ------>  UNCOMMENT THIS LINE TO ALLOW WHEEL GROUP MEMBERS TO RUN SUDO

    # Same thing without a password
    # %wheel        ALL=(ALL)       NOPASSWD: ALL

    NOTE: When modifying the sudoers file please make sure there are no spaces before or after the "=" signs as this will cause failures to occur during the inventory/monitoring process.

    VMware ESX Server Sample Sudoers file:


    #sudoers file.
    #
    #This file MUST be edited with the 'visudo' command as root.
    #
    #See the sudoers man page for the details on how to write a sudoers file.
    #

    #Host alias specification

    #User alias specification

    #Cmnd alias specification

    #User privilege specification
    root    ALL=(ALL) ALL
    psuser    ALL=(ALL) ALL    ------>  ADDING THIS LINE WILL ALLOW THE NEW USER TO RUN SUDO


  3. Discover the Linux server or the VMware ESX Server using the new user account