Where User Account and Group Information Is Stored

Depending on your site policy, user account and group information can be stored in your local system's /etc files or in a name or directory service as follows:

The NIS+ name service information is stored in tables.
The NIS name service information is stored in maps.
The LDAP directory service information is stored in indexed database files.

Note - To avoid confusion, the location of the user account and group information is generically referred to as a file rather than as a database, table, or map.

Most user account information is stored in the passwd file. Password information is stored as follows:

In the passwd file when you are using NIS or NIS+
In the /etc/shadow file when you are using /etc files
In the people container when you are using LDAP

Password aging is available when you are using NIS+ or LDAP, but not NIS.

Group information is stored in the group file for NIS, NIS+ and files. For LDAP, group information is stored in the group container.

Fields in the `passwd` File

The fields in the passwd file are separated by colons and contain the following information:

username:password:uid:gid:comment:home-directory:login-shell

For example:

kryten:x:101:100:Kryten Series 4000 Mechanoid:/export/home/kryten:/bin/csh

For a complete description of the fields in the passwd file, see the passwd(1) man page.

Default `passwd` File

The default Solaris passwd file contains entries for standard daemons. Daemons are processes that are usually started at boot time to perform some system-wide task, such as printing, network administration, or port monitoring.

root:x:0:1:Super-User:/:/sbin/sh
daemon:x:1:1::/:
bin:x:2:2::/usr/bin:
sys:x:3:3::/:
adm:x:4:4:Admin:/var/adm:
lp:x:71:8:Line Printer Admin:/usr/spool/lp:
uucp:x:5:5:uucp Admin:/usr/lib/uucp:
nuucp:x:9:9:uucp Admin:/var/spool/uucppublic:/usr/lib/uucp/uucico
smmsp:x:25:25:SendMail Message Submission Program:/:
listen:x:37:4:Network Admin:/usr/net/nls:
gdm:x:50:50:GDM Reserved UID:/:
webservd:x:80:80:WebServer Reserved UID:/:
nobody:x:60001:60001:NFS Anonymous Access User:/:
noaccess:x:60002:60002:No Access User:/:
nobody4:x:65534:65534:SunOS 4.x NFS Anonymous Access User:/:

Table 4-5 Default `passwd` File Entries

User Name	User ID	Description
`root`	`0`	Superuser account
`daemon`	`1`	Umbrella system daemon associated with routine system tasks
`bin`	`2`	Administrative daemon associated with running system binaries to perform some routine system task
`sys`	`3`	Administrative daemon associated with system logging or updating files in temporary directories
`adm`	`4`	Administrative daemon associated with system logging
`lp`	`71`	Line printer daemon
`uucp`	`5`	Daemon associated with `uucp` functions
`nuucp`	`6`	Another daemon associated with `uucp` functions
`smmsp`	`25`	Sendmail message submission program daemon
`webservd`	`80`	Account reserved for WebServer access
`gdm`	50	GNOME Display Manager daemon
`listen`	`37`	Network listener daemon
`nobody`	`60001`	Account reserved for anonymous NFS access.
`noaccess`	`60002`	Assigned to a user or a process that needs access to a system through some application but without actually logging in.
`nobody4`	`65534`	SunOS 4.0 or 4.1 version of the `nobody` user account

Fields in the `shadow` File

The fields in the shadow file are separated by colons and contain the following information:

username:password:lastchg:min:max:warn:inactive:expire

For example:

rimmer:86Kg/MNT/dGu.:8882:0::5:20:8978

For a complete description of the fields in the shadow file, see the shadow(4) and crypt(1) man pages.

Fields in the `group` File

The fields in the group file are separated by colons and contain the following information:

group-name:group-password:gid:user-list

For example:

bin::2:root,bin,daemon

For a complete description of the fields in the group file, see the group(4) man page.

Default `group` File

The default Solaris group file contains the following system groups that support some system-wide task, such as printing, network administration, or electronic mail. Many of these groups having corresponding entries in the passwd file.

root::0:
other::1:
bin::2:root,daemon
sys::3:root,bin,adm
adm::4:root,daemon
uucp::5:root
mail::6:root
tty::7:root,adm
lp::8:root,adm
nuucp::9:root
staff::10:
daemon::12:root
smmsp::25:
sysadmin::14:
gdm::50:
webservd::80:
nobody::60001:
noaccess::60002:
nogroup::65534:

Table 4-6 Default `group` File Entries

Group Name	Group ID	Description
`root`	`0`	Superuser group
`other`	`1`	Optional group
`bin`	`2`	Administrative group associated with running system binaries
`sys`	`3`	Administrative group associated with system logging or temporary directories
`adm`	`4`	Administrative group associated with system logging
`uucp`	`5`	Group associated with `uucp` functions
`mail`	`6`	Electronic mail group
`tty`	`7`	Group associated with tty devices
`lp`	`8`	Line printer group
`nuucp`	`9`	Group associated with `uucp` functions
`staff`	`10`	General administrative group.
`daemon`	`12`	Group associated with routine system tasks
`sysadmin`	`14`	Administrative group associated with legacy Admintool and Solstice AdminSuite tools
`smmsp`	25	Daemon for Sendmail message submission program
`webservd`	`80`	Group reserved for WebServer access
`gdm`	50	Group reserved for the GNOME Display Manager daemon
`nobody`	`60001`	Group assigned for anonymous NFS access
`noaccess`	`60002`	Group assigned to a user or a process that needs access to a system through some application but without actually logging in
`nogroup`	`65534`	Group assigned to a user who is not a member of a known group