3.sas usermanagement
DESCRIPTION
administrasi serverTRANSCRIPT
![Page 1: 3.SAS UserManagement](https://reader034.vdocuments.pub/reader034/viewer/2022042516/563db885550346aa9a947024/html5/thumbnails/1.jpg)
Administrasi ServerUser Management
![Page 2: 3.SAS UserManagement](https://reader034.vdocuments.pub/reader034/viewer/2022042516/563db885550346aa9a947024/html5/thumbnails/2.jpg)
Issues
• Untuk memecahkan beberapa masalah
• Accounting : mendaftar user, dan mendelete user Kenyamanan
Support
Masalah ethical
Manajemen kepercayaan dan keamanan
![Page 3: 3.SAS UserManagement](https://reader034.vdocuments.pub/reader034/viewer/2022042516/563db885550346aa9a947024/html5/thumbnails/3.jpg)
User Registration
• Small organizations
- Simple ? How?
- Admin tinggal mendaftarkan user ke sebuah server terpusat, dan mengijinkan user tersebut untuk terhubung dengan host lain dengan berbagai mekanisme sharing ( login, copy data dsb )
• Large organizations
- Complex ? Why ?
- Pendaftaran server secara terpusat terkadang konflik denganpendelegasian tanggung jawab.
- Tiap departemen mampu membuat user sendiri
![Page 4: 3.SAS UserManagement](https://reader034.vdocuments.pub/reader034/viewer/2022042516/563db885550346aa9a947024/html5/thumbnails/4.jpg)
User Account
• Daftar pengguna /etc/passwd
![Page 5: 3.SAS UserManagement](https://reader034.vdocuments.pub/reader034/viewer/2022042516/563db885550346aa9a947024/html5/thumbnails/5.jpg)
File /etc/passwd
• Nama login
• Password terenkripsi
• UID (user ID)
• Group ID (GID)
• Informasi nama, telepon, alamat, “GECOS”
• Home direktory
• Login shell
![Page 6: 3.SAS UserManagement](https://reader034.vdocuments.pub/reader034/viewer/2022042516/563db885550346aa9a947024/html5/thumbnails/6.jpg)
Add/Remove User
• Menambah user:
useradd –m [user]
adduser [user]
• Menghapus user:
userdel [user]
userdel –r [user]
![Page 7: 3.SAS UserManagement](https://reader034.vdocuments.pub/reader034/viewer/2022042516/563db885550346aa9a947024/html5/thumbnails/7.jpg)
GECOS
• General Electric Comprehensive Operating System
• Informasi personal tentang user
• Nama lengkap, nomor kantor, nomor telepon kantor, nomor telepon rumah
![Page 8: 3.SAS UserManagement](https://reader034.vdocuments.pub/reader034/viewer/2022042516/563db885550346aa9a947024/html5/thumbnails/8.jpg)
User Configuration File
• User pertama kali dibuat pada /home/user, ada beberapa file konfigurasi:
.bashrc
.bash_profile atau .profile
.bash_history
![Page 9: 3.SAS UserManagement](https://reader034.vdocuments.pub/reader034/viewer/2022042516/563db885550346aa9a947024/html5/thumbnails/9.jpg)
File /etc/shadow
• Daftar password user
- Nama login
- Password terenkripsi
- Tanggal password terakhir dimodifikasi
- Minimum jumlah hari antara pergantian password (sejak 1 Jan 1970)
- Maksimum jumlah hari antara pergantian password
- Peringatan jumlah hari sebelum password berakhir
- Inactive
- Expire
![Page 10: 3.SAS UserManagement](https://reader034.vdocuments.pub/reader034/viewer/2022042516/563db885550346aa9a947024/html5/thumbnails/10.jpg)
File /etc/shadow (cont.)
• Algoritma Enkripsi Password:
- $1$: MD5
- $2a$: Blowfish
- $2y$: Blowfish, correct handling 8 bit
- $5$: SHA-256
- $6$: SHA-512
• Perintah chage –l [user] untuk melihat properties password
• Perintah passwd [user] untuk mengubah password
![Page 11: 3.SAS UserManagement](https://reader034.vdocuments.pub/reader034/viewer/2022042516/563db885550346aa9a947024/html5/thumbnails/11.jpg)
UID, GID
• UID (User ID) dan GID (Group ID)
• Root UID dan GID 0, user selain mesin > 500 (Red-Hat), > 1000 (Ubuntu)
• Range UID dan GID: 0 sampai 65535
• Daftar GID ada di /etc/group
• Control range /etc/login.defs
![Page 12: 3.SAS UserManagement](https://reader034.vdocuments.pub/reader034/viewer/2022042516/563db885550346aa9a947024/html5/thumbnails/12.jpg)
File /etc/group
• Nama group
• Informasi password yang dienkripsi
• Nomor GID
• List dari anggota group
![Page 13: 3.SAS UserManagement](https://reader034.vdocuments.pub/reader034/viewer/2022042516/563db885550346aa9a947024/html5/thumbnails/13.jpg)
Add/Remove Group
• Menambah grup:
groupadd [group]
useradd –G [group] [user]
• Menghapus grup:
groupdel [group]
• Modifikasi grup:
usermod –a –G [group] [user]
• Cek user di group:
groups [user]
![Page 14: 3.SAS UserManagement](https://reader034.vdocuments.pub/reader034/viewer/2022042516/563db885550346aa9a947024/html5/thumbnails/14.jpg)
Shell
• Lingkungan dari OS untuk interaksi dengan user
• Macam-macam shell:
- korn shell (ksh)
- c shell (csh)
- bourne shell (sh)
- bourne again shell (bash)
![Page 15: 3.SAS UserManagement](https://reader034.vdocuments.pub/reader034/viewer/2022042516/563db885550346aa9a947024/html5/thumbnails/15.jpg)
Permission
• Hak akses ada 3 bagian: user, group, other
• Hak akses diterjemahkan 3 huruf r (read), w (write), dan x (execute).
r = bagian pertama jika berisi bernilai 4
w = bagian kedua jika berisi bernilai 2
x = bagian ketiga jika berisi bernilai 1
• Contoh:
rwx rwx rwx = 111 111 111 = 777
chmod [angka_akses] [file/direktori]
![Page 16: 3.SAS UserManagement](https://reader034.vdocuments.pub/reader034/viewer/2022042516/563db885550346aa9a947024/html5/thumbnails/16.jpg)
Ownership
• Untuk mengganti kepemilikan user direktori atau file:
chown [pemilik_baru] [nama_direktori/file]
• Untuk mengganti kepemilikan grup dari direktori atau file:
chgrp [grup_pengganti] [nama_direktori/file]
![Page 17: 3.SAS UserManagement](https://reader034.vdocuments.pub/reader034/viewer/2022042516/563db885550346aa9a947024/html5/thumbnails/17.jpg)
Support policy
• Training users.
• Helping users.
• Documenting and providing the answers to frequently asked questions.
![Page 18: 3.SAS UserManagement](https://reader034.vdocuments.pub/reader034/viewer/2022042516/563db885550346aa9a947024/html5/thumbnails/18.jpg)
Checklist
• Read the user request properly.
• Do you understand the request?
• Is the request in line with policy?
• Are you competent to deal with the request?
• Schedule the request (rapid response mitigates frustration).
![Page 19: 3.SAS UserManagement](https://reader034.vdocuments.pub/reader034/viewer/2022042516/563db885550346aa9a947024/html5/thumbnails/19.jpg)
Limoncelli’s model of user assistance