diff --git a/files/sudoers_aes b/files/sudoers_aes
index fd26df8d85be47707e6cd65368cc8d379a3809cb..ed7936c24e0354eaa2bc4a4f58d2e6055117931c 100644
--- a/files/sudoers_aes
+++ b/files/sudoers_aes
@@ -1,2 +1,7 @@
 klaar36 ALL=(ALL) NOPASSWD: ALL
 filst04 ALL=(ALL) NOPASSWD: ALL
+
+User_Alias EXAM_ADMINS = torjo38, klaar36, vikol94, magni54, filst04
+Runas_Alias EXAM_USER = examadm
+
+EXAM_ADMINS ALL=(EXAM_USER) NOPASSWD:NOEXEC: ALL
diff --git a/manifests/aes_sw.pp b/manifests/aes_sw.pp
new file mode 100644
index 0000000000000000000000000000000000000000..9071cb6d6dc249874d93d55d82a0fa87515615f8
--- /dev/null
+++ b/manifests/aes_sw.pp
@@ -0,0 +1,11 @@
+class aes::aes_sw {
+
+  user { "examadm" :
+    ensure => present,
+    managehome => false,
+    membership => inclusive,
+    system => true,
+    shell => '/sbin/nologin',
+  }
+
+}
diff --git a/manifests/init.pp b/manifests/init.pp
index 2273e7aa0032512fd64237b1fb4cd2357d312c1c..058eb02ead0081a4897cd3e3c0e42e3e8d38d652 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -1,4 +1,6 @@
 class aes {
+  include aes::aes_sw
+  include aes::opendsa
   include aes::squid_filter
   include ::liurepo::centos_sclo_rh
 
@@ -55,11 +57,13 @@ class aes {
     service squid is tcp/3128
     service sclogin is tcp/23431
     service aesms is tcp/23816
+#    service opendsa is tcp/12000
 
     policy chain INPUT is
       accept service:squid from class:liu-nets
       accept service:sclogin from class:liu-nets
       accept service:aesms from class:liu-nets
+#      accept service:opendsa from class:liu-nets
     end policy
     |-EOF
   }