I have a question about the administrator's permission on a management server installed on a Linux 7.2 platform.
We have CP NG distributed installation. The management server is installed on Linux 7.2. I have two questions. 1. Can we set up the management server so that a non-superuser can run the utilities, such as cpconfig, on the management server? 2. When I run cpconfig, I can set a group permission. The document says: "Normally a VPN/FireWall Module is given group permission for access and execution. You can name such a group or instruct the installation procedure to give no group permissions to the VPN/FireWall Module. In the latter case, only the Super-User will be able to access and execute the VPN/FireWall Module." It looks like setting the group permission will allow the group to run utilities, such as cpconfig, without the root permission. I tried and it did not work. I did the following: a. logon as root and run cpconfig b. set group permission to the "Firewall" group. c. create a user account in the Firewall group. d. logout root and logon as the new user e. try to run cpconfig and it failed. Does the group permission affect anything I do on the management server? _____________________________ Changguan Fan, (480) 554-1284 IT Flex Services, Intel Corp., Chandler, AZ 85226-3699 <mailto:[EMAIL PROTECTED]> ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
