Configuring a Captive Logon Account

I have 5 Windows XP PCs that are connecting to a Solaris 10 OS host from a telnet session using a telnet client.

Here is the meaning of the phrase CAPTIVE ACCOUNTS...

It is acceptable in certain cases to have restricted accounts with known or null passwords; these accounts are often known as "captive accounts" - typically for these accounts the usual login shell is replaced with a program from which it is not possible to "escape" and do anything unintended to the system.

Now, I have this program called POWERHOUSE FROM COGNOS
http://www.cognos.com/products/powerhouse/index.html

I want to create CUSTOMER ORDER PROCESSING SYSTEM type MENU SCREEN were users can select what orders to be processed and such...

Is there a website thatcan teach me this type of CAPTIVE ACCOUNTS process or programing using the KORN SHELL??

I need documents over the web that can explain this in much more detail using the Solaris 10 OS.

Or...hopefully, someone here can post an example of a KSH (KORN SHELL) script that can tell Solaris to go to this specific application right after a user logs on from the standard UNIX command shell...That would be great...

rksh (restricted ksh) seems to be what you are looking for.

Ok, thanks.

But is there document which explains this in more detail? Or can you please post an example script or something?

It's quite simple.

Set rksh as the user's shell (passwd -e username) then enter /bin/rksh

Edit the user's .profile to only run the intended menu then exit.

Chmod the .profile read-only.

thanks alot.

I need to really read upon this and learn this in more detail, so is there like a website or a PDF manual which explains these restrictive accounts which I need?

ksh/rksh manual page describe the differences.

I saw an example of what I really want to do here to give you a concept here below: So AFTER when a user logs on I want them to see this screen here.

User Selection Menu for USER XXXXX

ddsusr_menu.ksh/003

1 - ORDER PROCESSING - (mcop01.ksh)
2 - TABLES MAINTENANCE - (mfil01.ksh)
3 - FINANCIAL/INVOICING - (minv01.ksh)

Did you try to write a small script showing this menu as a starting point ?

I see also a minor problem, there is no menu entry to allow the users to log out.

OK, heres what I want to do after my users are logged on is to drop this screen without going to the standard UNIX command shells...


<img src="http://static.imgfly.com/2007/04/08/2684/sample1.jpg"

OK, here is what I to do n=below after my users had logged on and then I w want this rogram to drop in as sson as they logged on. So please see here Below:

SunOS 5.8

Unauthorized access to this United States Government Computer System and
software is prohibited by Public Law 99-474, Title 18, United States Code.
Public Law 99-474 and Chapter XXI, Section 1030 states that: Whoever
knowingly, or intentionally accesses a computer without authorization or
exceeds authorized access, and by means of such conduct, obtains, alters,
damages, destroys, or discloses information or prevents authorized use of
(data or a computer owned by or operated for) the Government of the United
States shall be punished by a fine under this title or imprisonment for
not more than 10 years, or both.

All activities on this system and network may be monitored, intercepted,
recorded, read, copied, or captured in any manner and disclosed in any
manner, by authorized personnel. THERE IS NO RIGHT TO PRIVACY IN THIS
SYSTEM. System personnel may give to law enforcement officials any
potential evidence of crime found on USDA computer systems. USE OF THIS
SYSTEM BY ANY USER, AUTHORIZED OR UNAUTHORIZED, CONSTITUTES CONSENT TO
THIS MONITORING, INTERCEPTION, RECORDING, READING, COPYING OR CAPTURING
AND DISCLOSURE. REPORT UNAUTHORIZED USE TO AN INFORMATION SYSTEMS
SECURITY OFFICER.

login:

AND THEN I WANT THEM TO ONLY SEE OR ACESS THIS APPLICATION...HOA CAN I DO THIS?

http://imgfly.com/group/2690/
http://imgfly.com/group/2691/

How can I dot his under Solaris that i dont users to sccess the command line?

Please show my on how to create one please.

Please pay attention to my previous remark, and please answer my previous question too.

If you are unable to write a small shell script, then I doubt you'll find someone willing to do it for free, especially as this is clearly not in the scope of an open-source community project.

I suggest you to start learning how to do it (eg: http://www.tldp.org/LDP/abs/html/testbranch.html#EX30 ) or hire someone with this skill.

Ok.....

Pictures are worth a tons of worth.... Please see the link to see what my project I want to do. I have compiled this example on what I my goal is tho do here. Nad please explain what script goes onto that file or directory in order to accomplis this in Solaris...PLEASE SEE THIS LINK...

http://imgfly.com/group/2717/


How can I configure this were users will not be able to access thr UNIX command line using the .KSH???

I want users to logon and then have that application drop down and they can work with it from there witout accessing the UNIX command shell.

Thanks...Please see link.

Again, please start learning how to write a shell script then came back for help, or hire someone to help you.

Don't expect people to work for free for something that has nothing to do with the Open Source community.

I will try to bring a few samples pictures on I mean.

I'm afraid you are still misunderstanding the issue.

You are unlikely to find free help if you do not show any willingness to learn how to do it yourself.