Default system special user accounts - locked

[bvgsy]

Can anyone please tell me if locking the default system accounts will cause a running system to hung, crash etc?

The accounts are:

adm
sys
bin
daemon

Also, once these accounts are locked, if I need to do any system-specific activity like mksysb, OS restore, etc, will I still be able to do it?

Any suggestion are appreciated.

Thanks
bvgsy

 

[lillracksingen]

How would you lock these accounts? At our site we have the standard practice of "disabling" the same accounts (and including some more). This we do with the command:

[tt]# chuser login=false rlogin=false ttys=ALL,!RSH,!REXEC shell=/bin/false username[/tt].

We also list the users in /etc/ftpusers.

 

[albertosep]

If you lock the user accounts the system works fine, we have locked all default system account. We have tested this on aix 4.3.3 5.1 5.2 . The property that we have set to unlock an account is "account_disabled=true". If you want you can set "login=false" "rlogin=false" but it doesn´t matter, setting "account_disabled=true" is sufficient.

 

[bvgsy]

Thanks for the replies...

We use the command chuser -a account_locked=true foo to lock accounts that we don't normally use or for expired accounts.

I'm glad to know we can safely lock these default accounts...

Thanks!
bvgsy