user administration
TRANSCRIPT
User Administration
1.User password Reset
Clearing the unsuccessful login count.
/usr/local/bin/sudo chsec –f /etc/security/lastlog -a "unsuccessful_login_count=0" –s username
Where,
-f File Specifies the name of the stanza file to modify. -a Attribute = Value Specifies the attribute to modify and the new value for that attribute. If you do not specify the value, the attribute is removed from the given stanza. -s Stanza Specifies the name of the stanza to modify.
To confirm the unsuccessful login count becomes zero,use
/usr/local/bin/sudo lsuser –f username
Where,
-f Displays the output in stanzas, with each stanza identified by a user name. Each Attribute=Value pair is listed on a separate line: user: attribute1=value attribute2=value attribute3=value
Setting the new password
/usr/local/bin/sudo passwd username
2.User needs recently used password,while setting same password getting below error3004-314 Password was recently used and is not valid for reuse.
/usr/local/bin/sudo chuser histexpire=0 username /usr/local/bin/sudo chuser histsize=0 username
3. Creating new user
Example: (testuser,primarygroup-dba,sec.group-cp,chris)
/usr/local/bin/sudo useradd -u 238 -d /home/testuser -g dba -G cp,chris -m -c "Testuser " -s /usr/bin/ksh testuser
Where,
-u uid Specifies the user ID.-d dir Identifies the home directory of the user specified by the login parameter. -g group Identifies the user's primary group. The group parameter must contain a valid group name and cannot be a null value. -G group1,group2,... Identifies the groups the user belongs to. The group1,group2,... parameter is a comma-separated list of group names.-m Makes user's home directory if it does not exist. The default is not to make the home directory.-c comment-s shell Defines the program run for the user at session initiation. The shell parameter is a full path name.
4.To change users primary group to DBA and add secondary groups finance and accounting, type: #chuser pgrp=dba groups=finance, accounting username
Where,
pgrp Identifies the user's primary group. The Value parameter must contain a valid group name and cannot be a null value.groups Identifies the groups the user belongs to. The Value parameter is a comma-separated list of group names.
5. Check password has been set for the user or not
more /etc/passwd |grep username
Note: Second field options( ! ,*)
Example:
sundarsu: ! :774:1:Suresh Sundaresan:/home/sundarsu:/usr/bin/ksh – Pwd setkaveti: * :775:1:Prashanth.Kaveti:/home/kaveti:/usr/bin/ksh –Pwd not set
6. To change ownership,
/usr/local/bin/sudo chown owner:group /mountpoint
Example:
/usr/local/bin/sudo chown oracle:dba /oracle/ora40
7. To disable/lock user account,
/usr/local/bin/sudo chuser account_locked=true username
To confirm,
/usr/local/bin/sudo lsuser –f username
8. To change comment/gecos of user.
sivarara@kaxdev02:/>passwd -f sivarara's current gecos: "Rajkumar.Sivaraman" Change (yes) or (no)? >
Devices:
1.lscfg - lists all installed devices
2.lscfg -v lists all installed devices in detail
3.lscfg -vl (device name) lists device details
Eg: sivarara@kaxdev02:/>lscfg -vl fcs0 fcs0 U7311.D20.103E18B-P1-C06-T1 FC Adapter
Part Number.................03N5029 EC Level....................A Serial Number...............1B621042F1 Manufacturer................001B Customer Card ID Number.....5759 FRU Number.................. 03N5029 Device Specific.(ZM)........3 Network Address.............10000000C95612DA
4.bootinfo -b reports last device the system booted from
Eg:sivarara@kaxdev02:/>/usr/local/bin/sudo bootinfo -bhdisk0
5.bootinfo -r reports amount of memory (/ by 1024)
Eg:sivarara@kaxdev02:/>/usr/local/bin/sudo bootinfo -r12582912
6.bootinfo -s (disk device) reports size of disk drive Eg:sivarara@kaxdev02:/>/usr/local/bin/sudo bootinfo -s hdisk073728
7.lsdev -C lists all customised devices ie installed Eg:sivarara@kaxdev02:/>lsdev -Cc diskhdisk0 Available Virtual SCSI Disk Drivehdisk1 Available Virtual SCSI Disk Drivehdisk2 Defined 02-08-02 EMC CLARiiON FCP RAID 5 Diskhdisk30 Available 02-08-02 HP HSV450 Enterprise Virtual Array
Where ,-C Lists information about a device that is in the Customized Devices object class. -c Class Specifies a device class name.
8.lsdev -P lists all pre-defined devices ie supported
Eg:sivarara@kaxdev02:/>lsdev -P -H|pgclass type subclass description
3dx 03000008 usbif USB 3D mousePCM ds4k-ui fcp DS3/4K PCM User InterfacePCM ds4k-ui friend Active/Passive Disk Path Control ModulePCM fcpother friend AIX SCSI/FCP Disk Path Control Module
Where,-P Lists information about a device that is in the Predefined Devices object class.-H Displays headers above the column output.
9.chdev –l hdisk1 –a pv=yes Changes an available disk to a physical volume(pvid)
Where,
-l Name Specifies the device logical name in the Customized Devices object class whose characteristics are to be changed.-a Attribute=Value Specifies the device attribute.
10.lsattr -EH -l (device) List detailed configuration for a deviceEg:$ /usr/local/bin/sudo lsattr -El sys0 | grep maxmaxbuf 20 Maximum number of pages in block I/O BUFFER CACHE Truemaxmbuf 0 Maximum Kbytes of real memory allowed for MBUFS Truemaxpout 0 HIGH water mark for pending write I/Os per file Truemaxuproc 256 Maximum number of PROCESSES allowed per user TrueWhere, -H Displays headers above the column output. -h Displays the command usage message. -l Name Specifies the device logical name in the Customized Devices object class whose attribute names or values you want displayed.
11.rmdev -l (device) Change device state from available to defined
12.rmdev -l (device) -d Delete the device
LVM
Volume groups :1.One or more physical volumes(PV) combined to have one VG.
2. One PV cannot be shared by two different VG’s.
3.Volume Groups are of 3 types,
i. Normal – 32 pv’s
ii. Big – 128 pv’s
iii.Scalable – 1024 pv’s.
create a volume group:mkvg:To create a volume group.
mkvg -y name_of_volume_group -s partition_size list_of_hard_disks
Eg-1:
mkvg -y datavg -s 64 hdisk2 hdisk3
Explanation:
In this a volume group is created with user defined name(datavg) with partition size of 64 megabytes with two physical volumes(pv) hdisk2 and hdisk3.
Eg-2:
Mkvg –s 32 –t 2 hdisk3
Explanation:
In this the volume group is created with system generated name(-y flag is not used),with physical partition size of 32mb and Max.PP per PV(-t flag is used) is twice the default(2*1016=2032).
Eg-3:
To create big VG.
Mkvg –B –y bigvg hdisk3 hdisk4
Explanation:
Here the Big (-B used )volume group is created ,which has the Max.PV’s upto 128PV .And physical partition size(-s flag not used) it takes default size as per HDD size.
Eg-4:
To create Scalable VG.
Mkvg –S –y scalablevg hdisk3 hdisk4
Explanation:
Here the Scalable (-S used )volume group is created ,which has the Max.PV’s upto 1024PV . .And physical partition size(-s flag not used) it takes default size as per HDD size.
lsvg :To list Volume Groups, Run the lsvg command on the volume group and look at the value for MAX PVs like 32,128,1024.
1. lsvg – To list volume group
2. lsvg datavg – To list particular volume group
3. lsvg –o – To list only active volume group
4. lsvg –p datavg –To list physical volumes in particular volume group
5. lsvg –l datavg – to list logical volumes in particular volume group
chvg:Use the following command to change the characteristics of a volume group:
Example:
To cause volume group vg03 to be automatically activated during system startup, type:
chvg -a y vg03
Extendvg:Used to extend or increase size of volume group by adding physical volumes.
Extendvg –f datavg hdisk5
Explanation:
Using extendvg command ,we are increasing the size of already existing volume group dynamically. If HDD size varies,it is not an issue.(-f flag is used for force ).
Reducevg: Used to reduce or decrease size of volume group by removing physical volumes.
Reducevg –d –f datavg hdisk4
Explanation:
Using reducevg command ,we are decereasing the size of already existing volume group dynamically. (-f flag is used for force ).
-d Deallocates the existing logical volume partitions and then deletes resultant empty logical volumes from the specified physical volumes. User confirmation is required unless the -f
Logical volumes:1.Logical volume is group of logical partition which may span physical volumes.
2.Logical volume can be dynamically extended.
3.Logical partitions are mapped one-to-one with physical partitions unless its mapped.
Mklv:mklv is used to create a logical volume.
Type the following:
mklv -y name_of_logical_volume name_of_volume_group number_of_partition
Eg-1:
Mklv –y newlv datavg 2
Explanation:
To make a logical volume in volume group datavg with 2 logical partition of the data.
Eg-2:
mklv -u 3 -S 64K vg05 12
Explanation:
To make a striped logical volume in vg05 with a strip size of 64K across 3 physical volumes and 12 logical partitions.
Lslv:List information about logical volumes.
Lslv lv02
Extendlv:Used to increase the size of the logical volume.
Eg-1:
extendlv lv05 3
Explanation:
To increase the size of the logical volume represented by the lv05 directory by three logical partitions.
Eg-2:
Chlv –x 1000 lv01
Explanation:
To increase size of logical volume in volume group.
Reducelv :To reducelv ,we have to take backup of existing lv,delete it and create new lv with new size and restore it.
Rmlv:To remove logical volume.
Rmlv lv07
File Systems:1.It is a method of storing data on logical volumes.
2. Four types,
a.JFS(Minimum PP size is 4MB)
b.JFS2(Minimum PP size is 16MB)
c.NFS
d.CDRFS
crfs:Used to create file system.
Eg-1:
crfs -v jfs -g testvg -a size=10M -m /fs1
Explanation:
In this a File system will create, within volume group testvg, a jfs file system of 10MB with mounting point /fs1
Eg-2:
crfs -v jfs2 -g testvg -a size=5G -m /fs1 –A yes
Explanation:
In this a File system will create, within volume group testvg, a jfs2 file system of 5GB with mounting point /fs1 with Auto mount (-A flag)which automatically mount file system when system restarts.
Mount:Command is used to mount created file system manually.
Mount /dev/fs1
Umount /dev/fs1 – to unmount file system.
Chfs:
To increase or decrease the size of file system.
Eg-1:
chfs -a size=1000000 /test
To set the /test file system size to 1000000.
Eg-2:
chfs -a size=+1000000 /usr
To increase the /usr file system size by 1000000. Eg-3:
chfs -d size=-2G /test
To decrease the /test file system size by 2GB. Rmfs:To remove a file system.
Rmfs /test
Refering to KM 4176:
Extend FS/VG:
1) Verify if the LV (VG) requested to extend is having free space.a) List the VG configured.
Note :If the VG is having space to extend, then go to step no- 9 to extend File system
Example:-
$ lsvgrootvgTSMDBTSMSTGTSTATA
b) To see the VG details.
$ lsvg TSMDB
VOLUME GROUP: TSMDB VG IDENTIFIER: 000abd160000d70000000126568628a2VG STATE: active PP SIZE: 256 megabyte(s)VG PERMISSION: read/write TOTAL PPs: 1198 (306688 megabytes)MAX LVs: 256 FREE PPs: 92 (23552 megabytes)LVs: 5 USED PPs: 1106 (283136 megabytes)OPEN LVs: 5 QUORUM: 2 (Enabled)TOTAL PVs: 2 VG DESCRIPTORS: 3STALE PVs: 0 STALE PPs: 0
ACTIVE PVs: 2 AUTO ON: yesMAX PPs per VG: 32512MAX PPs per PV: 1016 MAX PVs: 32LTG size (Dynamic): 1024 kilobyte(s) AUTO SYNC: noHOT SPARE: no BB POLICY: relocatable
See PP size and FREE PPS - > PP Size*FREE PP / 1024 - > Here, 256*92/1024 = 23 ( This is VG is having 23 GB available space)If the requested size to extend FS is more than the avaibale size, then raise a case with storage team requesting new luns. See KM : 1014Once the Luns are assigned SA will get an e-mail from storage with device ID details.Example :- Added a 34gb lun, dev 185, to the listed hba's.
Note :If the VG is having space to extend, then go to step no- 9
ADD disk to VG
2.Discover the luns.
$ cfgmgr
3.Identify the newly added disk by using LUN ID?
$ powermt display dev=all | grep -ip <Device ID>
Example: -$powermt display dev=all | grep -ip 185
Pseudo name=hdiskpower5
CLARiiON ID=APM00091900487 [kenabkp001p]Logical device ID=600601607332260022C5B5645879DF11 [LUN 185]state=alive; policy=CLAROpt; priority=0; queued-IOs=0Owner: default=SP B, current=SP A Array failover mode: 3
4.Check the size of newly added luns
$ bootinfo -s (disk Name)
Example:- $ bootinfo hdiskpower551200
5.Set the PV Id for the newly assigned disk.
$chdev -l (diskname) -a pv=yes
6.Check if the PV id is set to one disk.
$ lspv
hdiskpower4 none Nonehdisk22 none None
hdisk23 none Nonehdisk24 none Nonehdisk25 none Nonehdiskpower5 000abd166473c321 TSMDB active
7.Add the disk to existing volume group
$extendvg <vgname> <diskname>
Example :-$extendvg TSMDB hdiskpower5
8. Check if the disk is added to volume group
$ lsvg -p TSMDBTSMDB:PV_NAME PV STATE TOTAL PPs FREE PPs FREE DISTRIBUTIONhdiskpower0 active 999 0 00..00..00..00..00hdiskpower5 active 199 92 12..00..00..40..40
9.Extending the file system as requested, here we are extending 20GB of /ut01
$chfs -a size=+<Size>G <Mount Point>
Example : chfs -a size=+20G /ut01
In Some case,
When trying to increase filesystem size ,some times we are getting errors like extendlv. Maximum number of LPs for the logical volume has been exceeded - must increase the allocation
Steps for Extending maximum LP in logical volume:
1. Checking the filesystem which needs additional space.
$ df -g /u02Filesystem GB blocks Free %Used Iused %Iused Mounted on/dev/vg2lvol1 31.06 4.73 85% 23 1% /u02
2. When trying to increase filesystem size ,some times we are getting errors like extendlv. Maximum number of LPs for the logical volume has been exceeded - must increase the allocation
$ /usr/local/bin/sudo chfs -a size=+35G /u020516-787 extendlv: Maximum allocation for logical volume vg2lvol1 is 2048.
3. Check that logical volume,Maximum LP's and Used LP's using lslv command.
$ lslv vg2lvol1LOGICAL VOLUME: vg2lvol1 VOLUME GROUP: max11vg2LV IDENTIFIER: 0009fa0f00004c0000000105ee23775c.1 PERMISSION: read/writeVG STATE: active/complete LV STATE: opened/syncdTYPE: jfs2 WRITE VERIFY: offMAX LPs: 2048 PP SIZE: 16 megabyte(s)COPIES: 1 SCHED POLICY: parallelLPs: 1988 PPs: 1988STALE PPs: 0 BB POLICY: non-relocatableINTER-POLICY: maximum RELOCATABLE: yesINTRA-POLICY: middle UPPER BOUND: 32MOUNT POINT: /u02 LABEL: /u02MIRROR WRITE CONSISTENCY: on/ACTIVEEACH LP COPY ON A SEPARATE PV ?: yesSerialize IO ?: NO
Note:(2048-1988=50LP)Which is not sufficient for 35GB space. To calculate the number of LPs needed = LV Size in MB / LP size in MB
$ bc35*1024/1622402240+2048 (Adding the new space with the existing space)4288Quit
4. Command to extend logical partitions in logical volume.
$ /usr/local/bin/sudo chlv -x 4288 vg2lvol1
5. Checking the logical volume,And increase in maximum LP's.Number of LP's in vg2lvol1 LV is increased.
$ lslv vg2lvol1LOGICAL VOLUME: vg2lvol1 VOLUME GROUP: max11vg2LV IDENTIFIER: 0009fa0f00004c0000000105ee23775c.1 PERMISSION: read/writeVG STATE: active/complete LV STATE: opened/syncdTYPE: jfs2 WRITE VERIFY: offMAX LPs: 4288 PP SIZE: 16 megabyte(s)COPIES: 1 SCHED POLICY: parallelLPs: 1988 PPs: 1988STALE PPs: 0 BB POLICY: non-relocatableINTER-POLICY: maximum RELOCATABLE: yesINTRA-POLICY: middle UPPER BOUND: 32
MOUNT POINT: /u02 LABEL: /u02MIRROR WRITE CONSISTENCY: on/ACTIVEEACH LP COPY ON A SEPARATE PV ?: yesSerialize IO ?: NO
6. Again trying to increase the size of filesystem.Now able to increase
$ /usr/local/bin/sudo chfs -a size=+35G /u02Filesystem size changed to 138543104
7.Checking the filesystem for increase in free space.
$ df -g /u02Filesystem GB blocks Free %Used Iused %Iused Mounted on/dev/vg2lvol1 66.06 39.72 40% 23 1% /u02
Create New LV and mount Point:
1.Check if the VG is having free space to create LV, if not raise case with storage for space- refer KM 10142.Create LV using mklv command
#mklv -y <LV_NAME> <VG_NAME> <# of LP>
Where # of LP is derived from PP size of the VG, for example if the request is to create 15GB then LP = 15*1024/PP size of VG
Example:- (Create LV - vg1lv5 in VG max10vg1 of size 15GB) $ lsvg max10vg1 | grep "PP SIZE"VG STATE: active PP SIZE: 16 megabyte(s)
Hence,LP is 15*1024/16 = 960 LPS
#mklv -y vg1lvo5 max10vg1 960(960*16/1024 = 15GB) 2.Make filesystem, create the mountpoint and updates to /etc/filesystems #crfs -v jfs/jfs2 -d <LV_NAME> -m /<MOUNTPOINT> -A yes
Where, jfs/jfs2 - check the existing lv's in the VG(lsvg -l vgname) for fstype and - A = auto mount to yes.
Ex:-crfs -v jfs2 -d /dev/vg1lv05 -m /u10 -A yes 3.Mount the new fileystem ( crfs will create the mount point on own)#mount /<MOUNTPOINT>
4. Change the permission of mount point as requestedex : chown oracle:dba /MOUNTPOINT
5.verifies the mount and the size of the new filesystem #df /<MOUNTPOINT>
Create Oracle ASM LV: Note : Oracle Automatic Storage Management(ASM)-volume groups are managed by Database team and they use RAW LV for storing data. This is not mounted in UNIX and df-k won't show as mounted.UNIX team need to create raw lvol and change the ownership to database user and group.
Note: DBA may ask single lvol or bunch of space (200GB or 500GB) for ASM volume group. You need to check the existing ASM oracle raw lvol size and split the requested size equally as the ASM LV should be in equal size. For example if the requested size is 200GB and existing lvol is 20GB, then we need to create another 10* 20GB lvols and change the ownership to oracle:group. 1. Check if the VG is having free space to create LV, if not raise case with storage for space- Refer KM 10142. Create LV using mklv
mklv -t jfs/jsf2 -y <LV_NAME> <VG_NAME> <# of LP> Where # of LP is derived from PP size of the VG, for example if the request is to create 15GB then LP = 15*1024/PP size of VGNote : For FStype jfs/jfs2, check the existing lv type from lsvg -lNote : The fstype does not matter. The only thing that matters is that all ASM volumes are
the same size. We generally make them the same fstype but it does not matter. Example:-# lsvg Oracle | grep "PP SIZE"VG STATE: active PP SIZE: 256 megabyte(s)
Hence,LP is 20*1024/256 = 80LP
#mklv -t jfs2 -y ora40 Oracle 80
(80*256/1024 = 20GB)
2. Check if the lvol is created# lsvg -l Oracle
3. Change the ownership of the lvol(check the dba user, it may differ from one system to other and remember to change ownership of b & c devices)
#chown oracle:dba /dev/ora40#chown oracle:dba /dev/rora40
4. List the deivce to confirm the ownership
# ls -ld /dev/*ora40*
Create VG : Volume Groups are of 3 types,i. Normal – 32 pv’sii. Big – 128 pv’siii.Scalable – 1024 pv’s.Create a New volume group:#mkvg -y <name_of_volume_group> -s <partition_size> <list_of_hard_disks>eg.#mkvg –y norvg hdisk3 hdisk4Explanation:Here this Normal volume group is created ,which has the Max.PV’s up to 32PV .And physical partition size (-s flag not used) it takes default size as per HDD size.
Additional Info :
1.How to check WWN number?
Example:
$ lsdev -Cc adapterent0 Available 05-08 2-Port 10/100/1000 Base-TX PCI-X Adapter (14108902)ent1 Available 05-09 2-Port 10/100/1000 Base-TX PCI-X Adapter (14108902)ent2 Available 09-08 2-Port 10/100/1000 Base-TX PCI-X Adapter (14108902)ent3 Available 09-09 2-Port 10/100/1000 Base-TX PCI-X Adapter (14108902)ent4 Available 0B-08 2-Port 10/100/1000 Base-TX PCI-X Adapter (14108902)ent5 Available 0B-09 2-Port 10/100/1000 Base-TX PCI-X Adapter
(14108902)ent6 Available EtherChannel / IEEE 802.3ad Link Aggregationent7 Available VLANent8 Available VLANent9 Available VLANent10 Available VLANfcs0 Available 00-08 FC Adapterfcs1 Available 00-09 FC Adapterfcs2 Available 06-08 FC Adapterfcs3 Available 06-09 FC Adapterfcs4 Available 07-08 FC Adapterfcs5 Available 07-09 FC Adapterfcs6 Available 0A-08 FC Adapterfcs7 Available 0A-09 FC Adapteride0 Available 03-08 ATA/IDE Controller Devicesisscsia0 Available 04-08 PCI-X Dual Channel Ultra320 SCSI Adapterusbhc0 Available 08-08 USB Host Controller (33103500)usbhc1 Available 08-09 USB Host Controller (33103500)usbhc2 Available 08-0a USB Enhanced Host Controller (3310e000)vsa0 Available LPAR Virtual Serial Adapter
/usr/local/bin/sudo lscfg -vpl <adapter>
$ /usr/local/bin/sudo lscfg -vpl fcs0
fcs0 U787F.001.DPM440X-P1-C4-T1 FC Adapter
Part Number.................10N8620 Serial Number...............1B7450579B Manufacturer................001B EC Level....................A Customer Card ID Number.....5759 FRU Number.................. 10N8620 Device Specific.(ZM)........3 Network Address.............10000000C96EBCDE - WWN Number