Office of Information Technology Boston University
System Support
About Getting Started News Contact
Administration Tools Administration Tools Software
Network Installations
Hostname/IP Issues
BU Linux
Solaris
SGI
Application Server
Patches
Sun Patches
Automate Sun Patches
SGI
Media Loans
Backups
Global Compliance
UID System Guide
Install
Configure
Use
Commands
Security
Links
FAQ

UID System Guide

Introduction
In order to coordinate the creation of unique user names and numeric user IDs (UIDs) on Boston University UNIX systems, the University implemented a global UID system, under which user names and UIDs are allocated from a central server.

The UserAdm tools are your interface to the global UID system. They ease the task of creating new accounts, checking for "dead" accounts, and making sure that only authorized users have accounts on your system.

Why Use A Global UID Database?
A global UID systems brings several advantages to our computing environment:

  • The centralized database helps prevent outdated or unauthorized accounts by comparing database entries to the registrar's data.
  • The database makes backups interchangeable between systems. File ownership is UID based, thus when each user has a UID that is unique across the University, files can be restored onto any system without creating conflicts. Global UID compliance is mandatory for systems taking advantage of IT Operations' centralized backups.
  • A centralized server allows the creation of an online directory service (the 'ph' system).
  • Global UIDS make it possible to mount NFS filesystems across administrative boundaries. Since NFS software recognizes UIDs rather than usernames, UIDs can be associated with varied usernames without threatening shared filesystems.

Global UID Basics
Each member of the Boston University community has an entry in the central database server. Registered BU students, faculty, and staff have this entry created automatically. Other users (e.g., visiting professors) must have this entry created in the central database via the pre-approve program.

The central database entry does not represent an account on any particular system, but is a precursor to creating one. The database lacks the following information which is necessary to create an account on a specific system:

group(s)
home directory
shell

This information is created on a local system through the UserAdm tools. A user wishing to have an account on a particular machine must run new on that machine and then have the account approved by the system administrator.

This document will discuss how you, as a system administrator, can obtain, install, configure, and use the UserAdm tools to make your life easier and your system more secure.

next

 
November 18, 2002
Office of Information Technology
Boston University