IBM Support

IV66113: RESTRICTING ROOT USER TO HAVE ONLY LOCAL GROUPS FOR ADMGROUPS APPLIES TO AIX 6100-09

A fix is available

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • Root user can be assigned LDAP groups to its admgroups and
    sugroups when domainlessgroups feature is enabled.
    

Local fix

Problem summary

  • Root user can be assigned LDAP groups to its admgroups and
    sugroups when domainlessgroups feature is enabled.
    

Problem conclusion

  • Via API even without domainlessgroups feature, one can upload
    any group name for admgroups and sugroups. So the fix is
    provided in the user space commands to prevent adding ldap
    groups to root user's account as admgroups or sugroups. This
    will main the API behaviour as is.
    

Temporary fix

Comments

APAR Information

  • APAR number

    IV66113

  • Reported component name

    AIX 610 STD EDI

  • Reported component ID

    5765G6200

  • Reported release

    610

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Submitted date

    2014-10-20

  • Closed date

    2014-10-20

  • Last modified date

    2015-12-31

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

    IV66114 IV66207

Fix information

  • Fixed component name

    AIX 610 STD EDI

  • Fixed component ID

    5765G6200

Applicable component levels

  • R610 PSY U861370

       UP15/11/22 I 1000

PTF to Fileset Mapping



Document information

More support for: AIX Standard Edition

Software version: 610

Operating system(s): AIX

Reference #: IV66113

Modified date: 31 December 2015