[Next] [Previous] [Up] [Top] [Contents]

CHAPTER 14 Administration Tool & Solstice Adminsuite

14.4 The Distributed System Administration Daemon

The distributed system administration daemon, admind (SunOS 5.4 and below), or sadmind (SunOS 5.5 and above), accepts requests for the services preformed by admintool or solstice, respectively, on the network. The admind or sadmind daemon is started automatically by inetd whenever a request is received, or it can be started on the command line. Before the request is acted upon the daemon must authenticate the client to the server. Once the client identity is verified the daemon uses this identity to allow authorization. The default security level for admind is SYS. You can use the more secure DES level by specifying the option, -S 2, when invoking the daemon, after first making sure that all servers in the domain are properly set up to use DES security.

User and group identities are used for authorization as:

root ID allows root privileges only on the local system. Root requests from a remote client are changed to user nobody. Root on the server is allowed to function as root.

user ID ordinary users can retrieve information, but cannot modify it.

sysadmin group member admintool or solstice permission is granted to users who are members of this group on the system where the task is to be performed.

Unix System Administration - 8 AUG 1996
[Next] [Previous] [Up] [Top] [Contents]