Reset user's password without root:
We all know to reset the users password in linux using the following command.
Sol: sudo passwd username
But is there any way to allow non-root users to change other user's password. Specifically, is there a way to grant help desk employees the ability to do password resets. The help desk already can reset Windows passwords, which is easy to delegate out.
Sol: Add a group called helpdesk and add all heldesk users to it. Then add the following to sudoers file.
%helpdesk ALL=/usr/bin/passwd
Now they can sudo to change passwords but nothing else.
No comments:
Post a Comment