5 Replies Latest reply on Jun 12, 2012 11:41 AM by Mike Jones

    Best way to give restricted NSH access to a server

    Mike Jones

      I would like to enable restricted nsh access to a server from another role.


      Ideally this role would not be able to see the server in the BladeLogic console and would only be able to copy files to and from a set directory with nsh to another server the restrictedrole has full access to.


      I know that the following will work by add this to the users.local


      restrictedrole:*     rw,map=localuser,commands=nexec


      This will allow me to run an nsh script job as restrictedrole which uses ncp.


      However I would like to restrict folder that this role can access but changing the entry to


      restrictedrole:*     rw,rootdir=/transferfolder,map=localuser,commands=nexec


      results in a "login not allowed for user" error


      Is it possible to do this using nsh permissions and even restrict command to ncp only