Best practices with AIX system users?

UNIX for Advanced & Expert Users
1

All,
Preliminaries:
AIX 5.2
Tivoli Maestro 6.1 (9.2) [?]

 I am auditing an older AIX system. As it stands, I can login remotely to the system using the Maestro application's user account. This is BAD. The administrator claims that he cannot disable the remote login, because it will break the application.

Since I do not know much about AIX, I need to know if:

a.) We can safely disable remote login for maestro (ala root)?
b.) If so, where can I find supporting documentation to prove it to the administrator?

I have not had much luck with google... I get marketing and IBM training links.

Thanks in advance,
Todd

2

disabling remote login for root is a good thing and should be done. It should be done for the application id also if possible. Check the requirements on the software. It's possible it does require it. If it does I would ask the vendor to change it.