 |
HP OpenVMS System Management Utilities Reference
Manual
Uppercase and lowercase characters are equivalent. All lowercase
characters are converted to uppercase before the password is encrypted.
Avoid using the word password as the actual password.
Use the /PASSWORD qualifier as follows:
- To set only the first password and clear the second, specify
/PASSWORD=password.
- To set both the first and second password, specify
/PASSWORD=(password1, password2).
- To change the first password without affecting the second, specify
/PASSWORD=(password, "").
- To change the second password without affecting the first, specify
/PASSWORD=("", password).
- To set both passwords to null, specify /NOPASSWORD.
When you modify a password, the new password expires automatically; it
is valid only once (unless you specify /NOPWDEXPIRED). On login, the
user is forced to change the password (unless you specify
/FLAGS=DISFORCE_PWD_CHANGE).
Note that the /GENERATE_PASSWORD and /PASSWORD qualifiers are mutually
exclusive.
/PBYTLM
This flag is reserved for HP.
/PGFLQUOTA=value
Specifies the paging file limit. This is the maximum number of pages
that the person's process can use in the system paging file. By
default, the value is 256,000 pagelets on Alpha and Integrity server
systems.
If decompressing libraries, make sure to set PGFLQUOTA to twice the
size of the library.
/PRCLM=value
Specifies the subprocess creation limit. This is the maximum number of
subprocesses that can exist at one time for the specified user's
process. By default, the value is 8 on Alpha and Integrity server
systems.
/PRIMEDAYS=([NO]day[,...])
Defines the primary and secondary days of the week for logging in.
Specify the days as a list separated by commas, and enclose the list in
parentheses. To specify a secondary day, prefix the day with NO (for
example, NOFRIDAY). To specify a primary day, omit the NO prefix.
By default, primary days are Monday through Friday and secondary days
are Saturday and Sunday. If you omit a day from the list, AUTHORIZE
uses the default value. (For example, if you omit Monday from the list,
AUTHORIZE defines Monday as a primary day.)
Use the primary and secondary day definitions in conjunction with such
qualifiers as /ACCESS, /INTERACTIVE, and /BATCH.
/PRIORITY=value
Specifies the default base priority. The value is an integer in the
range of 0 to 63 on Alpha and Integrity server systems. By default, the
value is set to 4 for timesharing users.
/PRIVILEGES=([NO]privname[,...])
Specifies which privileges the user is authorized to hold, although
these privileges are not necessarily enabled at login. (The
/DEFPRIVILEGES qualifier determines which ones are enabled.) A NO
prefix removes the privilege from the user. The keyword NOALL disables
all user privileges. Many privileges have varying degrees of power and
potential system impact (see the HP OpenVMS Guide to System Security for a detailed
discussion). By default, a user holds TMPMBX and NETMBX privileges.
Privname is the name of the privilege.
/PWDEXPIRED (default)
/NOPWDEXPIRED
Specifies the password is valid for only one login. A user must change
a password immediately after login or be locked out of the system. The
system warns users of password expiration. A user can either specify a
new password, with the DCL command SET PASSWORD, or wait until
expiration and be forced to change. By default, a user must change a
password when first logging in to an account. The default is applied to
the account only when the password is being modified.
/PWDLIFETIME=time (default)
/NOPWDLIFETIME
Specifies the length of time a password is valid. Specify a delta time
value in the form [dddd-] [hh:mm:ss.cc]. For example, for a lifetime of
120 days, 0 hours, and 0 seconds, specify /PWDLIFETIME="120-". For a
lifetime of 120 days 12 hours, 30 minutes and 30 seconds, specify
/PWDLIFETIME="120-12:30:30". If a period longer than the specified time
elapses before the user logs in, the system displays a warning message.
The password is marked as expired.
To prevent a password from expiring, specify the time as NONE. By
default, a password expires in 90 days.
/PWDMINIMUM=value
Specifies the minimum password length in characters. Note that this
value is enforced only by the DCL command SET PASSWORD. It does not
prevent you from entering a password shorter than the minimum length
when you use AUTHORIZE to create or modify an account. By default, a
password must have at least 6 characters. The value specified by the
/PWDMINIMUM qualifier conflicts with the value used by the
/GENERATE_PASSWORD qualifier or the DCL command SET PASSWORD/GENERATE,
the operating system chooses the lesser value. The maximum value for
generated passwords is 10.
/QUEPRIO=value
Reserved for future use.
/REMOTE[=(range[,...])]
Specifies hours during which access is permitted for interactive logins
from network remote terminals (with the DCL command SET HOST). For a
description of the range specification, see the /ACCESS qualifier. By
default, remote logins have no access restrictions.
/SHRFILLM=value
Specifies the maximum number of shared files that the user can have
open at one time. By default, the system assigns a value of 0, which
represents an infinite number.
/TQELM
Specifies the total number of entries in the timer queue plus the
number of temporary common event flag clusters that the user can have
at one time. By default, a user can have 100.
/UIC=value
Specifies the user identification code (UIC). The UIC value is a group
number in the range from 1 to 37776 (octal) and a member number in the
range from 0 to 177776 (octal), which are separated by a comma and
enclosed in brackets. HP reserves group 1 and groups 300--377 for its
own use.
Each user must have a unique UIC. By default, the UIC value is
[200,200].
/WSDEFAULT=value
Specifies the default working set limit. This represents the initial
limit to the number of physical pages the process can use. (The user
can alter the default quantity up to WSQUOTA with the DCL command SET
WORKING_SET.) By default, a user has 4096 pagelets on Alpha and
Integrity server systems.
The value cannot be greater than WSMAX. This quota value replaces
smaller values of PQL_MWSDEFAULT.
/WSEXTENT=value
Specifies the working set maximum. This represents the maximum amount
of physical memory allowed to the process. The system provides memory
to a process beyond its working set quota only when it has excess free
pages. The additional memory is recalled by the system if needed.
The value is an integer equal to or greater than WSQUOTA. By default,
the value is 16384 pagelets on Alpha and Integrity server systems. The
value cannot be greater than WSMAX. This quota value replaces smaller
values of
PQL_MWSEXTENT.
/WSQUOTA=value
Specifies the working set quota. This is the maximum amount of physical
memory a user process can lock into its working set. It also represents
the maximum amount of swap space that the system reserves for this
process and the maximum amount of physical memory that the system
allows the process to consume if the systemwide memory demand is
significant.
The value cannot be greater than the value of WSMAX and cannot exceed
8,192 pagelets on Alpha and Integrity server systems. This quota value
replaces smaller values of PQL_MWSQUOTA.
Description
The MODIFY command changes values in a SYSUAF user record. Most values
not in the command remain unchanged. If the UIC is changed, the value
of the corresponding identifier is also changed.
Modifications to the user record are not retroactive; thus, any changes
to quota values apply to the next process that is created but not to
the current one.
Examples
| #1 |
UAF> MODIFY ROBIN /PASSWORD=SP0172
%UAF-I-MDFYMSG, user record(s) updated
|
The command in this example changes the password for user ROBIN without
altering any other values in the record.
| #2 |
UAF> MODIFY ROBIN/FLAGS=RESTRICTED
%UAF-I-MDFYMSG, user record(s) updated
|
The command in this example modifies the UAF record for user ROBIN by
adding the login flag RESTRICTED.
Modifies an identifier name, its associated value, or its attributes in
the rights database.
Format
MODIFY/IDENTIFIER id-name
Parameter
id-name
Specifies the name of an identifier to be modified.
Qualifiers
/ATTRIBUTES=(keyword[,...])
Specifies attributes to be associated with the modified identifier. The
following keywords are valid:
|
DYNAMIC
|
Allows unprivileged holders of the identifier to remove and to restore
the identifier from the process rights list by using the DCL command
SET RIGHTS_LIST.
|
|
HOLDER_HIDDEN
|
Prevents people from getting a list of users who hold an identifier,
unless they own the identifier themselves.
|
|
NAME_HIDDEN
|
Allows holders of an identifier to have it translated, either from
binary to ASCII or from ASCII to binary, but prevents unauthorized
users from translating the identifier.
|
|
NOACCESS
|
Makes any access rights of the identifier null and void. If a user is
granted an identifier with the No Access attribute, that identifier has
no effect on the user's access rights to objects. This attribute is a
modifier for an identifier with the Resource or Subsystem attribute.
|
|
RESOURCE
|
Allows holders of an identifier to charge disk space to the identifier.
Used only for file objects.
|
|
SUBSYSTEM
|
Allows holders of the identifier to create and maintain protected
subsystems by assigning the Subsystem ACE to the application images in
the subsystem. Used only for file objects.
|
To remove an attribute from the identifier, add a NO prefix to the
attribute keyword. For example, to remove the Resource attribute,
specify /ATTRIBUTES=NORESOURCE.
Note
If you specify the NORESOURCE keyword without naming any holder with
the /HOLDER qualifier, all holders lose the right to charge resources.
|
/HOLDER=username
Specifies the holder of an identifier whose attributes are to be
modified. The /HOLDER qualifier is used only in conjunction with the
/ATTRIBUTES qualifier.
If you specify /HOLDER, the /NAME and /VALUE qualifiers are ignored.
/NAME=new-id-name
Specifies a new identifier name to be associated with the identifier.
/VALUE=value-specifier
Specifies a new identifier value. Note that an identifier value cannot
be modified from a UIC to a non-UIC format or vice versa. The following
formats are valid for the value-specifier:
|
IDENTIFIER:n
|
An integer value in the range of 65,536 to 268,435,455. You can also
specify the value in hexadecimal (precede the value with %X) or octal
(precede the value with %O).
To differentiate general identifiers from UIC identifiers,
%X80000000 is added to the value you specify.
|
|
GID:n
|
GID is the POSIX group identifier. It is an integer value in the range
0 to 16,777,215 (%XFFFFFF). The system will add %XA400.0000 to the
value you specify and then enter this new value into the system
RIGHTSLIST as an identifier.
|
|
UIC:uic
|
A UIC value in the standard UIC format.
|
Description
The MODIFY/IDENTIFIER command changes identifier names, associated
values, and attributes in the rights database. Values not specified in
the command remain unchanged.
Examples
| #1 |
UAF> MODIFY/IDENTIFIER OLD_ID /NAME=NEW_ID
%UAF-I-RDBMDFYMSG, identifier OLD_ID modified
|
The command in this example changes the name of the OLD_ID identifier
to NEW_ID.
| #2 |
UAF> MODIFY/IDENTIFIER/VALUE=UIC:[300,21] ACCOUNTING
%UAF-I-RDBMDFYMSG, identifier ACCOUNTING modified
|
The command in this example changes the old UIC value of the identifier
ACCOUNTING to a new value.
| #3 |
UAF> MODIFY/IDENTIFIER/ATTRIBUTES=NORESOURCE-
_UAF> /HOLDER=CRAMER ACCOUNTING
%UAF-I-RDBMDFYMSG, identifier ACCOUNTING modified
|
The command in this example associates the attribute NORESOURCE with
the identifier ACCOUNTING in CRAMER's holder record. The identifier
ACCOUNTING is not changed.
Modifies an entry in the network proxy authorization file to specify a
different local account as the default proxy account for the remote
user or to specify no default proxy account for the remote user.
The command modifies an entry in the network proxy authorization file
NET$PROXY.DAT and, to maintain compatibility with other systems,
modifies an entry in NETPROXY.DAT.
Note
You must modify the proxy database from a system running the current
OpenVMS system.
|
Format
MODIFY/PROXY node::remote-user
Parameters
node
Specifies a node name. If you specify an asterisk wildcard character
(*), the specified remote user on all nodes is served by the local user.
remote-user
Specifies the user name of a user at a remote node. If you specify an
asterisk wildcard character, all users at the specified node are served
by the local user.
For systems that are not OpenVMS systems that implement DECnet,
specifies the UIC of a user at a remote node. You can specify an
asterisk wildcard in the group and member fields of the UIC.
Qualifier
/DEFAULT[=local-user]
/NODEFAULT
Designates the default user name on the local node through which proxy
access from the remote user is directed. If /NODEFAULT is specified,
removes the default designation.
Description
Use the MODIFY/PROXY command to specify a different local account as
the default proxy account for the remote user or to specify that there
is no default proxy account for the remote user. Whenever you modify
user entries, AUTHORIZE signals DECnet to update its volatile database.
Proxy modifications take effect immediately on all nodes in a cluster
that share the proxy database.
The first command in the following example grants remote user
STIR::YETTA proxy access to the PROXY1 and PROXY2 local accounts. The
default proxy account is PROXY1. The second command changes the default
proxy account to PROXY2.
UAF> ADD/PROXY STIR::YETTA PROXY1/DEFAULT, PROXY2
.
.
.
UAF> MODIFY/PROXY STIR::YETTA /DEFAULT=PROXY2
|
The next example shows the command used to remove the default proxy
designation.
UAF> MODIFY/PROXY STIR::YETTA /NODEFAULT
|
If you remove the default proxy designation as shown in the last
command, remote user STIR::YETTA must include the name of the proxy
account (PROXY1 or PROXY2) in the access control string of each network
operation to gain proxy access to the local system.
If no default proxy account is specified either in the network proxy
database or in the access control string of the DCL command, the system
attempts to perform the network operation using the default DECnet
account.
Example
|
UAF> MODIFY/PROXY MISHA::MARCO /DEFAULT=JOHNSON
%UAF-I-NAFADDMSG, record successfully modified in NETPROXY.DAT
|
The command in this example changes the default proxy account for user
MARCO on the remote node MISHA to the JOHNSON account.
Changes the systemwide password.
Note
The systemwide password is different from the password for the SYSTEM
user name. See the note in the Description.
|
This command operates similarly to the DCL command SET PASSWORD/SYSTEM.
Format
MODIFY/SYSTEM_PASSWORD= system-password
Parameter
system-password
Specifies the new systemwide password.
Qualifiers
None.
Description
For a detailed description of the effects of this command, see the
discussion of the SET PASSWORD/SYSTEM command in the HP OpenVMS Guide to System Security.
Example
|
UAF> MODIFY/SYSTEM_PASSWORD=ABRACADABRA
UAF>
|
This command changes the systemwide password to ABRACADABRA.
Deletes a SYSUAF user record and corresponding identifiers in the
rights database. The DEFAULT and SYSTEM records cannot be deleted.
Note
REMOVE/IDENTIFIER and REMOVE/PROXY are documented as separate commands.
|
Format
REMOVE username
Parameter
username
Specifies the name of a user in the SYSUAF.
Qualifier
/REMOVE_IDENTIFIER (default)
/NOREMOVE_IDENTIFIER
Specifies whether the user name and account name identifiers should be
removed from the rights database when a record is removed from the UAF.
If two UAF records have the same UIC, the user name identifier is
removed only when the second record is deleted. Similarly, the account
name identifier is removed only if there are no remaining UAF records
with the same group as the deleted record.
Description
If you remove a SYSUAF record for a user who also appears as a local
user in the network user authorization file, every network
authorization record for that user is also removed.
Example
|
UAF> REMOVE ROBIN
%UAF-I-REMMSG, record removed from SYSUAF.DAT
%UAF-I-RDBREMMSGU, identifier ROBIN value: [000014,000006] removed from
RIGHTSLIST.DAT
|
The command in this example deletes the record for user ROBIN from the
SYSUAF and ROBIN's UIC identifier from RIGHTSLIST.DAT.
Removes an identifier from the rights database.
Format
REMOVE/IDENTIFIER id-name
Parameter
id-name
Specifies the name of an identifier in the rights database.
Qualifiers
None.
Example
|
UAF> REMOVE/IDENTIFIER Q1SALES
%UAF-I-RDBREMMSGU, identifier Q1SALES value %X80010024 removed from
RIGHTSLIST.DAT
|
The command in this example removes the identifier Q1SALES from the
rights database. All of its holder records are removed with it.
Deletes network proxy access for the specified remote user.
Format
REMOVE/PROXY node::remote-user [local-user,...]
Parameters
node
Specifies the name of a network node in the network proxy authorization
file.
remote-user
Specifies the user name or UIC of a user on a remote node. The asterisk
wildcard character (*) is permitted in the remote-user specification.
local-user
Specifies the user name of from 1 to 16 users on the local node. If no
local user is specified, proxy access to all local accounts is removed.
Qualifiers
None.
Example
|
UAF> REMOVE/PROXY MISHA::MARCO
%UAF-I-NAFREMMSG, proxy from MISHA::MARCO to * removed
|
The command in this example deletes the record for MISHA::MARCO from
the network proxy authorization file, removing all proxy access to the
local node for user MARCO on node MISHA.
Changes the user name of the SYSUAF record (and, if specified, the
corresponding identifier) while retaining the characteristics of the
old record.
Note
RENAME/IDENTIFIER is documented as a separate command.
|
Format
RENAME oldusername newusername
Parameters
oldusername
Specifies the current user name in the SYSUAF.
newusername
Specifies the new name for the user. It can contain 1 to 12
alphanumeric characters and underscores. Although dollar signs are
permitted, they are usually reserved for system names.
Qualifiers
/GENERATE_PASSWORD[=keyword]
/NOGENERATE_PASSWORD (default)
Invokes the password generator to create user passwords. Generated
passwords can consist of 1 to 10 characters. Specify one of the
following keywords:
|
BOTH
|
Generate primary and secondary passwords.
|
|
CURRENT
|
Do whatever the DEFAULT account does (for example, generate primary,
secondary, both, or no passwords). This is the default keyword.
|
|
PRIMARY
|
Generate primary password only.
|
|
SECONDARY
|
Generate secondary password only.
|
When you modify a password, the new password expires automatically; it
is valid only once (unless you specify /NOPWDEXPIRED). On login, users
are forced to change their passwords (unless you specify
/FLAGS=DISFORCE_PWD_CHANGE).
Note that the /GENERATE_PASSWORD and /PASSWORD qualifiers are mutually
exclusive.
/MODIFY_IDENTIFIER (default)
/NOMODIFY_IDENTIFIER
Specifies whether the identifier associated with the user is to be
modified in the rights database. This qualifier applies only when you
modify the UIC or user name in the UAF record. By default, the
associated identifiers are modified.
/PASSWORD=(password1[,password2])
/NOPASSWORD
Specifies up to two passwords for login. Passwords can be from 0 to 32
alphanumeric characters in length. The dollar sign ($) and underscore
(_) are also permitted.
Uppercase and lowercase characters are equivalent. All lowercase
characters are converted to uppercase before the password is encrypted.
Avoid using the word password as the actual password.
Use the /PASSWORD qualifier as follows:
- To set only the first password and clear the second, specify
/PASSWORD=password.
- To set both the first and second password, specify
/PASSWORD=(password1, password2).
- To change the first password without affecting the second, specify
/PASSWORD=(password, "").
- To change the second password without affecting the first, specify
/PASSWORD=("", password).
- To set both passwords to null, specify /NOPASSWORD.
When you modify a password, the new password expires automatically; it
is valid only once (unless you specify /NOPWDEXPIRED). On login, the
user is forced to change the password (unless you specify
/FLAGS=DISFORCE_PWD_CHANGE).
Note that the /GENERATE_PASSWORD and /PASSWORD qualifiers are mutually
exclusive.
When you create a new UAF record with the RENAME command, you must
specify a password.
Description
The RENAME command renames a SYSUAF record. It changes the user name of
the SYSUAF record (and, if specified, the corresponding identifier)
while retaining the characteristics of the old record. Retention of
these characteristics can be particularly helpful when a user's name
changes.
Note that because password verification includes the user name as well
as the password, an attempted login will fail when the user whose name
has been changed attempts to log in with an old password. (Only null
passwords can be effectively transferred from one user record to
another by the RENAME command.) Make it a practice to include a new
password when you use the RENAME command, and notify the user of the
change. If you omit the /PASSWORD qualifier, you receive a warning
message reminding you that the old password must be changed.
The user's network authorization records are automatically changed to
the new name.
Examples
| #1 |
UAF> RENAME HAWKES KRAMERDOVE/PASSWORD=MARANNKRA
%UAF-I-PRACREN, proxies to HAWKES renamed
%UAF-I-RENMSG, user record renamed
%UAF-I-RDBMDFYMSG, identifier HAWKES modified
|
|
