To demonstrate, in this article the functional user id on the target system is called 'funcacct'.
1. Create the functional account (funcacct) and set its password.
2. Log in to the Linux/Unix system and use visudo to edit the /etc/sudoers. Add the below lines for the variant of Linux/Unix:
# AIX systems
Defaults:funcacct !requiretty
funcacct ALL=(root) NOPASSWD: /bin/sed
funcacct ALL=(root) NOPASSWD: /usr/bin/passwd
funcacct ALL=(root) NOPASSWD: /usr/bin/pwdadm
# HP-UX systems
Defaults:funcacct !requiretty
funcacct ALL=(root) NOPASSWD: /bin/grep
funcacct ALL=(root) NOPASSWD: /usr/bin/passwd
funcacct ALL=(root) NOPASSWD: /usr/lbin/modprpw
funcacct ALL=(root) NOPASSWD: /bin/sed # Only required for Account Discovery
# Linux and other Unix systems
Defaults:funcacct !requiretty
funcacct ALL=(root) NOPASSWD: /bin/grep
funcacct ALL=(root) NOPASSWD: /usr/bin/passwd
funcacct ALL=(root) NOPASSWD: /bin/sed # Only required for Account Discovery
3. Log into TPAM and go to the *nux system that are configured to be managed by the functional account (funcacct) created.
On the system’s Details tab in the "Delegation Prefix" enter the full path and location of sudo.
E.g.:
/usr/bin/sudo
5. Click “Save Changes”, then click “Test System” and a successful message should appear.