Edit: Some links no longer work.
Originally posted May 13, 2014 on AIXchange
Recently, an AIX mailing list member was asking about limiting concurrent logins to a machine:
Is there a setting in AIX that will allow the number of times a user can login? The scenario is thus:
John logs in, uses one app license.
John logs in from a second terminal and uses a second license.
John logs in again from a third terminal and uses a third license.
And so on.
We have multiple users doing this and we are maxing out our application licenses, looking for a way to stop it. The logins are ssh based via a proprietary application. Their .profile funnels them into a limited menu where they can only do certain things.
Discussion followed and some good suggestions emerged. Since this issue is something that may come up for some of you, I thought I’d lay out the solution here. First, a mailing list commenter recommended this blog post:
How to restrict users to a single login to a system at any one given time.
Question: The ability to set up user accounts so that users can only be logged onto a system only once at any given time (no concurrent access) does not exist on AIX.
Cause: This is a not a defect, but just the way AIX is designed. Sun Solaris has the same limitation.
Answer: The answer is to create a method that will check to see if a user is already logged in. Here is an example of one possible solution:”
The blog author then described creating a script and making a few modifications to the system to enable the desired behavior.
Another commenter recommended the setting, chuser maxulogs=2 user_name, noting that this limits users to two login sessions. He adds that details can be found by doing a man page lookup on chuser.
I prefer this latter option for its simplicity, but either solution is worth considering if you’re faced with this dilemma.
How many of you saw the original exchange on the mailing list? Do any of you have another way to address this problem?