My customer has a requirement to limit the number of concurrent logins to 1. Currently, my login-script identifies if there are multiple users logged in with the same user name and logs a syslog event but does not take any action. This meets part of the requirement. The second part is to take some action (my customer wants options so I need to script and test several solutions). Of the three possible actions, log out user 1, log out user 2, or log out both (option 4 is log only and that currently works), all are similar except in the tty and/or from address. Because logging out all users is the easiest, I started there.
For a full admin, adding:
var $RPC = "request system logout user " _ $user _ " all";
var $outputRPC = jcs:invoke( $RPC );
to the portion of code that determines number of currently logged-in users with the same user name works. However, for an audit admin, this does not work because that admin doesn't have permission to run that command. Therefore, I need to run this portion of the script as a privileged user; is that possible?
Richard