Administering other systems with SCOadmin managers

Several SCOadmin managers enable you to manage other SCO OpenServer systems on your network. Two types of administration are supported: remote and distributed.

With remote administration, you can manage one remote system at a time. For example, you can add a printer to another system. To add that printer to additional systems, you need to repeat the procedure, once for each system.

With distributed administration, you can manage multiple systems at one time. For example, you can add a user to multiple systems in one step.

Generally speaking, remote administration entails minimal setup but does require repetitive steps to accomplish a task (such as providing a printer definition to multiple systems). Distributed administration, while requiring additional overhead in configuration, allows you to perform a task (such as distributing a user to multiple networked machines) in one step or procedure.

Remote capabilities

The root user can accomplish the following tasks, through remote administration, by opening another host to manage from the Host menu of a SCOadmin manager:

• all Account Manager tasks

• all Backup Manager tasks

• all Filesystem Manager tasks

• all Printer Manager tasks

• all SNMP Agent Manager tasks

• all Software Manager tasks

• manipulate remote print jobs that show up in the Print Job Manager's queue.

• add a remote filesystem to be backed up by the local system with the Backup Manager.

• export filesystems to remote machines, and mount remote filesystems, with the Filesystem Manager.

Enabling remote manager capabilities

Before using SCOadmin managers to administer remote systems, you must:

• Create user equivalence between your system and the systems to be managed. Grant this equivalence for each user (root and others) who has subsystem authorization for the SCOadmin managers. Do so by using the User Equivalence Manager on each system.

  ---

  CAUTION: Granting user equivalence compromises the security of your system, in that all persons who may access the root account of the remote machine now have access, as root, to your machine. Grant this equivalence sparingly.

  ---

• Grant subsystem authorization (as described in ``Assigning subsystem authorizations'') on each machine to those users who will access the SCOadmin managers. Relevant authorizations are:

  Subsystem authorizations

  Authorization	SCOadmin Manager	User can:
  lp	Printer Manager	administer printers
  backup	Backup Manager	perform backups
  auth	Account Manager	administer accounts: adding users, changing passwords, and so on
  passwd	Account Manager	change user passwords
  sysadmin	Filesystem Manager	mount filesystems

  ---

  CAUTION: The auth subsystem authorization should only be assigned to persons entrusted with account administration. Never assign auth by default because it permits users to make changes to any account, including root.

  ---

Distributed capabilities

You can accomplish the following tasks through distributed administration:

• Creating, removing, retiring, or modifying NIS-distributed users with the Account Manager (NIS must be configured on your network).

• Distributing users' home directories with the Account Manager (NIS and Automounter must be configured on your network).