Beruflich Dokumente
Kultur Dokumente
Adam Cormany
National Data Center Manager
Scientific Games Corporation
15 Sep 2009
Dive into the configuration files behind users and groups in IBM® AIX®, as well as
command-line tools designed to help manage the users and groups easily.
Administering users and groups in IBM AIX is an essential part of an administrator's
duties. You can manage users and groups in many different ways: You can maintain
them through the AIX System Management Interface Tool (SMIT), manually editing
the configuration files, or by using command-line commands. This article discusses
the configuration files behind users and groups on AIX, as well as command-line
tools designed to help manage the users and groups easily.
Look at the some of the files that affect the user itself:
• /etc/passwd
• /etc/security/.profile
• /etc/security/limits
• /etc/security/passwd
• /etc/security/user
• /usr/lib/security/mkuser.default
Commands in AIX
Keep in mind that the commands and methods in this article should
be used on AIX systems that have local users and groups in their
configuration files. Some of the commands, such as chuser and
chgroup, should not be used if the system is handling users and
groups from a remote source (for example, Network Information
System, or NIS).
/etc/passwd
The file /etc/passwd contains the basics of a user and is probably the best-known file
to UNIX® and Linux® users for user administration. Listing 1 provides an example of
an /etc/passwd file.
root:!:0:0::/:/usr/bin/ksh
daemon:!:1:1::/etc:
bin:!:2:2::/bin:
sys:!:3:3::/usr/sys:
adm:!:4:4::/var/adm:
uucp:!:5:5::/usr/lib/uucp:
guest:!:100:100::/home/guest:
nobody:!:4294967294:4294967294::/:
lpd:!:9:4294967294::/:
lp:*:11:11::/var/spool/lp:/bin/false
invscout:*:6:12::/var/adm/invscout:/usr/bin/ksh
snapp:*:200:13:snapp login user:/usr/sbin/snapp:/usr/sbin/snappd
ipsec:*:201:1::/etc/ipsec:/usr/bin/ksh
nuucp:*:7:5:uucp login user:/var/spool/uucppublic:/usr/sbin/uucp/uucico
pconsole:*:8:0::/var/adm/pconsole:/usr/bin/ksh
esaadmin:*:10:0::/var/esa:/usr/bin/ksh
sshd:*:206:201::/var/empty:/usr/bin/ksh
atc:!:8000:400:Adam Cormany,Sr UNIX Admin:/home/atc:/bin/ksh
amdc:!:8001:401:AMDC:/home/amdc:/bin/ksh
pac:!:8002:400:PAC,Jr UNIX Admin:/home/pac:/bin/ksh
atc2:!:8003:402:ATCv2:/home/atc2:/bin/ksh
As you can see, the file is colon (:) delimited, and each entry contains seven fields
in the following format (with spaces added before and after delimiter to ease
reading):
Linux. In AIX, the second field can contain one of two characters, either !
or *. If the ! is displayed, a password has been set for the user. If no
password has been set, * appears. The passwords themselves are
stored in /etc/security/passwd.
• UID. The User Identifier (UID) is a numeric identifier to a user.
• GID. The Group Identifier (GID) is similar to the UID but is associated with
groups. The GIDs are defined in /etc/group.
• GECOS. The General Electric Comprehensive Operating System
(GECOS) information is stored in the fifth field. The user's name, phone
numbers, and other generic personal information are stored here.
• Home. This is the user's home directory.
• Shell/Command. Typically, the seventh and final field contains the shell
that is started at the user's login. Administrators can also change this field
to execute other commands instead of shells to limit access (for example,
/bin/false).
/etc/security/.profile
The file /etc/security/.profile can really save you some valuable time and ease
frustration. When you create a user using the mkuser command, the script
/usr/lib/security/mkuser.sys is executed. This script creates the user's directory, sets
the correct permissions, and "creates" the user's .profile. The mkuser.sys script
actually copies the /etc/security/.profile file into the user's new home directory.
If you are building a new system, or maybe a new division of 100 people needs
accounts on a system, make sure you make your changes to the /etc/security/.profile
file before creating all the users' accounts. If you create the accounts and then
realize that you need to make a simple change in a variable or modify another
setting, you're going to have to manually make the change to everyone's profile. It
could be scripted out easily, but life would have been much simpler if you would
have just changed the /etc/security/.profile.
PATH=/usr/bin:/etc:/usr/sbin:/usr/ucb:$HOME/bin:/usr/bin/X11:/sbin:.
export PATH
if [ -s "$MAIL" ] # This is at Shell startup. In normal
then echo "$MAILMSG" # operation, the Shell checks
fi # periodically.
/etc/security/limits
The /etc/security/limits file contains all the ulimits, or users' system resource
limitations. Table 1 defines the fields in the /etc/security/limits file and their use.
What's the difference between soft and hard limits? A soft limit is a value that a user
or application can change on the fly up to the maximum (the hard limit). The hard
limit is just that -- the maximum value a parameter can be set to. If setting the
parameter to a numeric value is too difficult (for example, if a developer has no idea
how much memory his or her program is going to take or the number of files it will
need to open), you can set the parameter to -1, which translates to unlimited.
It isn't imperative that you set individual ulimits for each and every user, however.
The /etc/security/limits file contains a section called default that defines a template
of standard values for each user unless that user has set custom values. If the
default section doesn't exist, IBM kindly set predetermined limits just in case.
* Attribute Value
* ========== ============
* fsize_hard set to fsize
* cpu_hard set to cpu
* core_hard -1
* data_hard -1
* stack_hard 8388608
* rss_hard -1
* nofiles_hard -1
default:
fsize = 4194303
core = 16384
cpu = -1
data = 262144
rss = 65536
stack = 65536
pac:
fsize = 131072
fsize_hard = 262144
core = 262144
Considering that user "pac" is a junior UNIX administrator, his fsize soft value was
reduced from the default section's 4,194,303 to 131,072; however, you were nice
enough to allow the user to increase his value to 262,144, if needed. Also, pac is
notorious for finding ways to break his own programs. As a result, you've increased
his core ulimit to 262,144.
/etc/security/passwd
The /etc/security/passwd file contains the AIX user's password information. The file
contains three fields per user:
• lastupdate. Number of seconds since epoch when the password was last
updated.
• flags. Restrictions to changing the user's password. You can set three
different flags:
• ADMIN. If set, only the root user can change the user's password.
• ADMCHG. If set, the user is prompted to change his or her password
on the next login/su.
• NOCHECK. If set, any additional restrictions in /etc/security/user are
ignored.
Listing 4 provides an example of a /etc/security/password file.
amdc:
password = oBQaUkPkUryCY
lastupdate = 1243972006
flags = ADMCHG
In this example, user "amdc" has a password that was set on Tue. Jun. 2 15:46:46
EDT 2009. The next time the user logs in or sus to amdc, he or she will be prompted
to change the password.
If you're wondering how I converted the seconds from epoch to something a little
more readable, I wrote a Perl script. Here's the gist of that script:
/etc/security/user
Now you're getting into the meat of AIX user administration. The /etc/security/user
file contains the most important settings, outside of the basics in /etc/passwd, for a
user. Table 2 shows some of the parameters.
For a full listing of all parameters, look in your AIX system under /etc/security/user,
or see AIX Information Center. Like /etc/security/limits, a default section sets all
the fields if not specified by the individual account.
/usr/lib/security/mkuser.default
user:
pgrp = staff
groups = staff
shell = /usr/bin/ksh
home = /home/$USER
admin:
pgrp = system
groups = system
shell = /usr/bin/ksh
home = /home/$USER
Many more parameters can be defined in this file. To view the full list, look at man
chuser, or go to IBM Systems Information Center.
mkuser
The first command to know is mkuser. Without mkuser, the rest of the commands
are useless. You use this command to create the AIX user and set its initial values.
There are a few simple rules to remember when creating a user:
• Users cannot be named ALL or default, as those names are reserved for
the operating system.
• User names cannot include:
• Colon (:)
• Quotation marks—single or double (' or ")
• Pound or hash symbol (#)
• Comma (,)
• Equal sign (=)
• Slashes—back or forward (\ or /)
• Question mark (?)
• Back quote or tick (`)
• White space (space or tab)
• New-line characters
• User names can only be eight characters or fewer in AIX version 5.2 and
earlier. Starting with AIX version 5.3, IBM increased the maximum
number of characters to 255.
To verify the setting in AIX 5.3 and later, you can extract the value from getconf:
# getconf LOGIN_NAME_MAX
9
or lsattr:
Please note that this change will not go into effect until you have rebooted the
operating system. Once the server has been rebooted, you can verify that the
change has taken effect:
# getconf LOGIN_NAME_MAX
128
Keep in mind, however, that if your environment includes IBM RS/6000® servers
prior to AIX version 5.3 or operating systems that cannot handle user names longer
than eight characters and you rely on NIS or other authentication measures, it would
be wise to continue with the eight-character user names.
To create a user with default settings and allocate the next available UID, simply
execute mkuser plus the user name as the root user:
# mkuser xander
# finger xander
Login name: xander
Directory: /home/xander Shell: /usr/bin/ksh
No Plan.
Easy, isn't it? Try something a bit more personable. By adding some values found in
the chuser man page (man chuser), you can include the user's GECOS
information and change his or her core ulimit to 524,288, as shown in Listing 6.
It's worth mentioning that the GECOS, like any other field in /etc/passwd, should not
include a colon (:) in the value. By trying to add a colon, the fields will be adjusted,
and all expected values would shift to the right. For instance, if the user tried to have
Xander:Cormany in the GECOS field in /etc/passwd, Xander would actually be in the
correct field, while Cormany would be the value of the field to the right (that is, the
home directory). Also, the GECOS field cannot end with !#.
Most administrators do not really use the command line like this, but it is important to
understand what utilities like SMIT (man smit or man smitty) are doing behind
the scenes. If you would rather continue through SMIT, the process is simple. Here's
an example of creating the same user with the same attributes through SMIT. By
entering SMIT directly into the user creation screen, you go in using the fastpath
mkuser:
# smitty mkuser
When you are finished filling out the user name, GECOS field, and core ulimit,
click Enter to create the user. When SMIT returns that the command finished
successfully, click F10 or Esc + 0 to exit the program. You can verify the user using
# finger xander
Login name: xander In real life: Xander Cormany
Site Info: 317.555.1234
Directory: /home/xander Shell: /usr/bin/ksh
No Plan.
# su - xander "-c ulimit -a"
time(seconds) unlimited
file(blocks) unlimited
data(kbytes) unlimited
stack(kbytes) 4194304
memory(kbytes) unlimited
coredump(blocks) 524288
nofiles(descriptors) unlimited
threads(per process) unlimited
processes(per user) unlimited
chuser
The hard part is done now. But wait: Xander's manager, Ann, just came by and
informed you that Xander's core ulimit should have been 1,048,576 (someone
forgot to multiply by 2). No problem: Just change the ulimit with chuser.
The chuser command works very much like mkuser in syntax and uses the
identical attributes. Listing 8 provides an example of the chuser command.
As always, IBM has made these commands easily accessible in SMIT using
fastpaths. Logically, smitty chuser takes you directly to the user modification
screen.
chsh
There are times when you want to change your shell. The default shell in AIX is the
Korn shell, or ksh. To change the shell, execute chsh with the user's name, and
then select the desired shell, as shown in Listing 9.
# finger xander
Login name: xander In real life: Xander Cormany
Site Info: 317.555.1234
Directory: /home/xander Shell: /usr/bin/ksh
No Plan.
# chsh xander
Current available shells:
/bin/sh
/bin/bsh
/bin/csh
/bin/ksh
/bin/tsh
/bin/ksh93
/usr/bin/sh
/usr/bin/bsh
/usr/bin/csh
/usr/bin/ksh
/usr/bin/tsh
/usr/bin/ksh93
/usr/bin/rksh
/usr/bin/rksh93
/usr/sbin/uucp/uucico
/usr/sbin/sliplogin
/usr/sbin/snappd
xander's current login shell:
/usr/bin/ksh
Change (yes) or (no)? > yes
To?>/usr/bin/csh
# finger xander
Login name: xander In real life: Xander Cormany
Site Info: 317.555.1234
Directory: /home/xander Shell: /usr/bin/csh
No Plan.
chfn
The administrator who created Xander's AIX user introduced a typo into his name in
the GECOS information. To correct the mistake, you use the chfn command. This
command works much like chsh, where the command displays the current value,
asks the user whether he or she wants to change it, and then changes the value to
what was entered. Listing 10 provides an example.
# finger xander
Login name: xander In real life: Zander Cormany
Site Info: 317.555.1234
Directory: /home/xander Shell: /usr/bin/ksh
No Plan.
# chfn xander
xander's current gecos:
"Zander Cormany,317.555.1234"
Change (yes) or (no)? > yes
To?>Xander Cormany,317.555.1234
# finger xander
Login name: xander In real life: Xander Cormany
Site Info: 317.555.1234
Directory: /home/xander Shell: /usr/bin/ksh
No Plan.
Correcting the GECOS information may sound trivial, but it is helpful to the other
administrators and users on the system. For example, if you're trying to find
Xander's account but can't remember his user name, you could search for it through
his GECOS information. Searching for his last name, which was correctly entered
into the GECOS field, would quickly show me his user name. The finger command
will search for all instances of the string entered in /etc/passwd's user name and real
name in the first field of the GECOS information:
# finger cormany
Login name: atc In real life: Adam Cormany
Directory: /home/cormany Shell: /bin/ksh
No Plan.
Login name: xander In real life: Xander Cormany
Site Info: 317.555.1234
Directory: /home/xander Shell: /usr/bin/ksh
No Plan.
lsuser
Gathering all the information for a user from the various user files may seem
cumbersome. Fortunately, AIX provides a command to gather the data in one fell
swoop. The lsuser command returns all the attributes used on the user from the
various administration files, which can be very helpful if you are comparing users,
wanting to generate a complete listing of all users for backup purposes, or are
troubleshooting an issue with an individual account.
To view a user's attributes, you can use the -f switch, which displays everything in
a stanza structure. Listing 11 provides an example of this output.
# lsuser -f xander
xander:
id=214
pgrp=staff
groups=staff
home=/home/xander
shell=/usr/bin/ksh
gecos=Xander Cormany,317.555.1234
login=true
su=true
rlogin=true
daemon=true
admin=false
sugroups=ALL
admgroups=
tpath=nosak
ttys=ALL
expires=0
auth1=SYSTEM
auth2=NONE
umask=22
registry=files
SYSTEM=compat
logintimes=
loginretries=0
pwdwarntime=0
account_locked=false
minage=0
maxage=0
maxexpired=-1
minalpha=0
minother=0
mindiff=0
maxrepeats=8
minlen=0
histexpire=0
histsize=0
pwdchecks=
dictionlist=
default_roles=
fsize=-1
cpu=-1
data=-1
stack=-1
core=1048576
rss=-1
nofiles=-1
roles=
If you are comparing users, simply change the switch from -f to -c and add the
users you want to compare as a comma-delimited argument. Listing 12 provides an
example of this output.
# lsuser -c xander,atc
#name:id:pgrp:groups:home:shell:gecos:login:su:rlogin:daemon:admin:
sugroups:tpath:ttys:expires:auth1:auth2:umask:registry:SYSTEM:loginretries:
pwdwarntime:account_locked:minage:maxage:maxexpired:minalpha:minother:
mindiff:maxrepeats:minlen:histexpire:histsize:fsize:cpu:data:stack:core:rss:nofiles
xander:214:staff:staff:/home/xander:/usr/bin/ksh:Xander Cormany,317.555.1234:
true:true:true:true:false:ALL:nosak:ALL:0:SYSTEM:NONE:22:files:compat:0:0:false:
0:0:-1:0:0:0:8:0:0:0:-1:-1:-1:-1:1048576:-1:-1
#name:id:pgrp:groups:home:shell:gecos:login:su:rlogin:daemon:admin:sugroups:
tpath:ttys:expires:auth1:auth2:umask:registry:SYSTEM:loginretries:pwdwarntime:
account_locked:minage:maxage:maxexpired:minalpha:minother:mindiff:maxrepeats:
minlen:histexpire:histsize:fsize:cpu:data:stack:core:rss:nofiles:time_last_login:
time_last_unsuccessful_login:tty_last_login:tty_last_unsuccessful_login:host_last_login:
host_last_unsuccessful_login:unsuccessful_login_count
cormany:215:staff:staff,support:/home/cormany:/bin/ksh:Adam Cormany:true:true:
true:true:false:ALL:nosak:ALL:0:SYSTEM:NONE:22:NIS:compat:0:0:false:0:0:
-1:0:0:0:8:0:0:0:-1:-1:-1:-1:-1:-1:-1:1250854405:1250522447:/dev/pts/3:/dev/pts/13:
10.20.30.40:10.20.30.41:0
That is a lot of information to look at and may be a bit overwhelming in its raw form.
However, if you import this data into a spreadsheet, it will look much cleaner. Having
a delimited format is also helpful when you are using the data in scripts to manage
users.
If you are only looking for a few fields—say, the user's shell and home directory—the
lsuser command can do the work for you with the -a switch. Listing 13 provides an
example of this command using the fields from the chuser man page.
passwd
Many think the passwd command only changes a user's password. Although
passwd does perform this important function, it contains other features, as well.
The passwd command can also change a user's GECOS information like chfn or
his or her shell/command to execute during the login process, like chsh. Listing 15
provides an example.
# passwd -f xander
xander's current gecos:
"Xander Cormany,317.555.1234"
Change (yes) or (no)? > yes
To?>Xander Cormany,317.555.7890
# passwd -s xander
Current available shells:
/bin/sh
/bin/bsh
/bin/csh
/bin/ksh
/bin/tsh
/bin/ksh93
/usr/bin/sh
/usr/bin/bsh
/usr/bin/csh
/usr/bin/ksh
/usr/bin/tsh
/usr/bin/ksh93
/usr/bin/rksh
/usr/bin/rksh93
/usr/sbin/uucp/uucico
/usr/sbin/sliplogin
/usr/sbin/snappd
xander's current login shell:
/usr/bin/ksh
Change (yes) or (no)? > yes
To?>/usr/bin/bsh
# finger xander
Login name: xander In real life: Xander
Cormany
Site Info: 317.555.7890
Directory: /home/xander Shell:
/usr/bin/bsh
No Plan.
pwdadm
The pwdadm command can change passwords in AIX. In addition, pwdadm can
display (excluding encrypted passwords) or update a user's flags in
/etc/security/passwd. Continuing with Xander's account as a guinea pig, First change
his password, and then view his current password attributes. Because his password
was just changed, the ADMCHG flag will be set. Change that flag to ADMIN, and
restrict the account so that only administrators can update the password going
forward. Listing 16 shows the code to perform this task.
# pwdadm xander
Changing password for "xander"
xander's New password:
Enter the new password again:
# pwdadm -q xander
xander:
lastupdate = 1250858719
flags = ADMCHG
# pwdadm -f ADMIN xander
# pwdadm -q xander
xander:
lastupdate = 1250858719
flags = ADMIN
rmuser
The time has come to remove a user from the system; Xander's account must be
deleted. To do so, you need rmuser.
To remove a user, simply execute rmuser with the user's account name as the
argument. Doing so with no switches removes the user from the system, but the
user's password information will be retained in the /etc/security/passwd file:
# rmuser xander
# rmuser –p xander
Note that rmuser does not remove the user's home directory. If a user has
important data in his or her home directory that should be kept, it is up to you to
remove the home directories when you deem it safe.
Groups
You're familiar with a few user modification commands; now, let's talk about groups.
Like user administration, it's important that you know the configuration files behind
the commands that modify them.
/etc/group
The /etc/group file contains the basics of a group. Listing 17 provides an example of
the file /etc/group.
system:!:0:root,pconsole,esaadmin
staff:!:1:ipsec,esaadmin,sshd,xander
bin:!:2:root,bin
sys:!:3:root,bin,sys
adm:!:4:bin,adm
uucp:!:5:uucp,nuucp
mail:!:6:
security:!:7:root
cron:!:8:root
printq:!:9:lp
audit:!:10:root
ecs:!:28:
nobody:!:4294967294:nobody,lpd
perf:!:20:
shutdown:!:21:
lp:!:11:root,lp
invscout:!:12:invscout
snapp:!:13:snapp
ipsec:!:200:
pconsole:!:14:pconsole
sshd:!:201:sshd
As you can see, the file is colon delimited like the /etc/passwd file, and each entry
contains only four fields in the following format (with spaces added before and after
the delimiter to ease reading):
/etc/security/group
For more attributes, read the man page for /etc/security/group (man group), or visit
http://publib.boulder.ibm.com/infocenter/pseries/v5r3/index.jsp?topic=/com.ibm.aix.files/doc/aixfiles/
The file is broken down into stanzas like the other configuration files in /etc/security,
with the group name as the identifier. A nice feature of this file is that it allows you to
set administrator rights to a standard user for a group. The administrators of that
group can then modify the group as they see fit by adding members to or removing
members from the group. Listing 18 provides an example of what an
/etc/security/group looks like. In this example, the group jradmin has admin set to
False and standard users pac and xander defined as administrators of the group.
system:
admin = true
staff:
admin = false
bin:
admin = true
sys:
admin = true
jradmin:
admin = false
adms = pac,xander
mkgroup
Creating a group in AIX is simple and straightforward. The same restrictions for
creating a user pertain to creating a group:
To create a group, simply execute the mkgroup command with the group name as
an argument, as shown in Listing 19.
# mkgroup atctest
# grep atctest /etc/group
atctest:!:202:
# grep -p atctest /etc/security/group
atctest:
admin = false
# mkgroup -a atcadmin
# grep atcadmin /etc/group
atcadmin:!:15:
# grep -p atcadmin /etc/security/group
atcadmin:
admin = true
To create a group and add Xander as the administrator of the group, add the adm
Like mkuser, mkgroup follows the same attributes as chgroup. For a full list of the
attributes, read chgroup's man page (man chgroup).
chgroup
The chgroup command works just like chuser, and its man page contains all the
attributes you can change on a group. Listing 22 provides an example of how to
change the group's xangroup GID from 203 to 204. Add a few users to the group,
as well.
chgrpmem
For example, the group xangroup has xander and atc as members and xander as an
administrator of the group. Remove atc from the group, as shown in Listing 23.
# chgrpmem xangroup
xangroup:
members = xander,atc
adms = xander
Suppose there was a mistake and user atc was not supposed to be removed.
Instead, user atc was supposed to become the administrator of the group, while
xander's administrative rights were to be removed. Listing 24 shows the code to
make the correction.
Listing 24. Add a deleted user and change the group administrator
lsgroup
With such a nice command for users as lsuser, shouldn't there be one for groups,
as well? There is: lsgroup. To continue with the standard format of commands and
their options in AIX, lsgroup follows the same structure as lsuser.
Listing 25 provides a few examples using the same switches as in lsuser in Listing
11, Listing 12, and Listing 13.
# lsgroup xangroup
xangroup id=204 admin=false users=xander,cormany adms=cormany registry=files
# lsgroup -f xangroup
xangroup:
id=204
admin=false
users=xander,cormany
adms=cormany
registry=files
# lsgroup -c xangroup,atcadmin
#name:id:admin:users:adms:registry
xangroup:204:false:xander,cormany:cormany:files
#name:id:admin:registry
atcadmin:15:true:files
# lsgroup -c -a id xangroup,atcadmin
#name:id
xangroup:204
#name:id
atcadmin:15
rmgroup
Throughout this article, you've been creating sample groups. Now, it's time to clean
up the AIX system you're using. To remove a group from the system, simply execute
rmgroup with the group's name as the argument:
# rmgroup atctest
The rmgroup command does not allow you to remove the group until you have
moved all users that have the group as their primary group to another group.
Conclusion
After reading this article, you should now have a better understanding of the
configuration files for user and group maintenance in AIX. You should also
understand the command-line tools better and see how easy it really is to create,
modify, and remove users and groups. IBM really has made such maintenance
simple so that you can focus on more complicated issues.
Resources
Learn
• getconf: See IBM's man page for the getconf command.
• /etc/security/limits: See IBM's System Information Center Web page for
/etc/security/limits.
• /etc/security/user: See IBM's System Information Center Web page for
/etc/security/user.
• /usr/lib/security/mkuser.default: See IBM's System Information Center Web
page for /usr/lib/security/mkuser.default.
• chuser: See IBM's System Information Center Web page for the chuser
command.
• /etc/group: See IBM's System Information Center Web page for /etc/group.
• /etc/security/group: See IBM's System Information Center Web page for
/etc/security/group.
• The AIX and UNIX developerWorks zone provides a wealth of information
relating to all aspects of AIX systems administration and expanding your UNIX
skills.
• New to AIX and UNIX? Visit the New to AIX and UNIX page to learn more.
• Browse the technology bookstore for books on this and other technical topics.
Discuss
• Check out developerWorks blogs and get involved in the developerWorks
community.
• Participate in the AIX and UNIX forums:
• AIX Forum
• AIX Forum for developers
• Cluster Systems Management
• IBM Support Assistant Forum
• Performance Tools Forum
• Virtualization Forum
• More AIX and UNIX Forums