DELL EMC support dials into Isilon using a non-root account that is specific to the cluster only. You don't have to do anything. The commands they can use is very limited.
I have been asked for root credentials on our Isilon by ESRS support staff. We had them perform an upgrade recently and they needed root.
I have asked a number of EMC representatives about the proper configuration of the 'sudoers file', as I had hoped to make Dell/EMC/ESRS an account which they could keep on our corporate file and 'sudo' to root if required (also for our staff here). So far I have not been given instructions on how this can be setup, or if there is a better way.
Why no equivalent to root? What about sudo? Why do I have to hand the keys to the kingdom to "some person on the phone"? Is giving up my root password for my protection, because it doesn't feel like it. Root? Could there not be a built-in 'EMCesrs" account with the necessary credentials? Who is building this OS? Is the onus on me to protect my employer or does EMC have a more efficient way for their staff to perform their duties, paid for by the customer, without putting their customers environment in jeopardy? Asking for a root password over the phone, what is this, the 90s? I am 100% sure EMC has a better way, or can come up with one in short order.
PS: They always try the default and I'm told *most* customers 'just use the default'. LOL yup, the 90s.
Phil.Lam
3 Apprentice
•
635 Posts
0
October 2nd, 2017 10:00
StuartKendrick
DELL EMC support dials into Isilon using a non-root account that is specific to the cluster only. You don't have to do anything. The commands they can use is very limited.
Phil
MrSuzi
6 Posts
0
October 2nd, 2017 10:00
I have been asked for root credentials on our Isilon by ESRS support staff. We had them perform an upgrade recently and they needed root.
I have asked a number of EMC representatives about the proper configuration of the 'sudoers file', as I had hoped to make Dell/EMC/ESRS an account which they could keep on our corporate file and 'sudo' to root if required (also for our staff here). So far I have not been given instructions on how this can be setup, or if there is a better way.
Phil.Lam
3 Apprentice
•
635 Posts
0
October 3rd, 2017 16:00
MikeSusylinski
There is no user equivalent to root. So for you protection, they have to engage you for root access.
Phil
MrSuzi
6 Posts
0
October 4th, 2017 07:00
Why no equivalent to root? What about sudo? Why do I have to hand the keys to the kingdom to "some person on the phone"? Is giving up my root password for my protection, because it doesn't feel like it. Root? Could there not be a built-in 'EMCesrs" account with the necessary credentials? Who is building this OS? Is the onus on me to protect my employer or does EMC have a more efficient way for their staff to perform their duties, paid for by the customer, without putting their customers environment in jeopardy? Asking for a root password over the phone, what is this, the 90s? I am 100% sure EMC has a better way, or can come up with one in short order.
PS: They always try the default and I'm told *most* customers 'just use the default'. LOL yup, the 90s.
MrSuzi
6 Posts
0
October 4th, 2017 09:00
Community for the win!
Thank you!
Phil.Lam
3 Apprentice
•
635 Posts
1
October 4th, 2017 09:00
MikeSusylinski
Have you seen this KB 462749? DELL EMC dials in using the File remotesupport account.
# isi auth users list --provider=file
Name
-------------
root
admin
compadmin
ftp
www
nobody
insightiq
remotesupport
-------------
Total: 8
#
462749 : How to provide limited access with sudo in OneFS 6.5 and later
https://support.emc.com/kb/462749