The following document contains a description of the user and group requirements that will need to be considered during the configuration and maintenance of users.

USERS AND GROUPS

• All files and directories have one owner and one user group assignment.
• User Groups may contain multiple users.
• Users may be members of multiple groups.

Files and Directories

• Files stored by inode number not by name.
• File and directory permissions are controlled by the User ID number (UID) and the Group ID number (GID), not the user name and group name.
• User name is simply a reference to the UID.
• Group name is simply a reference to the GID.

User Names

• Each user will have an Enterprise wide unique user name assigned to them. As per the AIX MSB.
• The user name structure will be the first letter of the first name, followed by a maximum of the first four letters of the last name, followed by a two digit number which will ensure the user name is unique.

For example:

• jdoe00 - John Doe
• hbear00 - Harry Bear
• mchri00 - Mary Christmas

User ID's

• The UID is generated from a shell script. This shell script exists on all AIX machines in the Data Center. The syntax of the shell script is:

/home/bin/mkuid zzzzz99

• Where zzzzz99 represents the user name for which to calculate a UID.

UID Generator

Uses a base 26 calculation of each letter of the user name to calculate the UID number.


a = 0
b = 1
c = 2
.
.
.
z = 25

Each character position of the user name increases exponent of the base 26 value by one, starting at zero:

      v     w     x     y     z     99
    26^0  26^1  26^2  26^3  26^4  26^5

The numeric value assigned to each letter is then multiplied by 26^n:

  v = 21  ~  21 * 26^0 = 21
  w = 22  ~  22 * 26^1 = 572
  x = 23  ~  23 * 26^2 = 15548
  y = 24  ~  24 * 26^3 = 421824
  z = 25  ~  25 * 26^4 = 11424400

The last two positions of the user name are treated as a literal numeric value and multiplied by 26^5.

99 * 26^5 = 1176255224

The UID is the sum of all these values plus 1100:

             21
  +         572
  +       15548
  +      421824
  +    11424400
  +  1176255224
  -----
     1188118589
  +        1100
  -----
     1188119689

The addition of "1100" is to ensure that no user ID has a value of less than 1100. This is for AIX administration purposes.

Administrative Users

There is be a requirement for administrative users to be created during the course of installing software packages on the AIX systems. The Unix Administration group should to create and maintain the administrative users.

Example Administrative Users:
• ecs
• controlm
• mqm
• informix
• dcoms
• cduser

Groups and GID's

The Unix Administration group should continue to create and maintain the group names and GID's. This a necessary part of performing software installs.

Example Groups:
• ecs
• controlm
• mqm
• informix