Safeguard Reference Manual (G06.24+, H06.03+ )
User Security Commands
Safeguard Reference Manual—520618-013
5-2
Who Can Manage User Security
user’s ability to log on to the system, and delete the user (ALTER USER, FREEZE
USER, THAW USER, and DELETE USER commands, respectively).
The original primary owner and the secondary owners of a user authentication record
can change the OWNER attribute to the user ID of any other user. That other user then
has control of the user’s ability to access the system. At any time, the new primary
owner (or the secondary owners or the primary owner’s group manager or the super
ID) can transfer ownership to yet another user.
When the Safeguard software converts a user authentication record that was added by
the Guardian ADDUSER program, it sets the OWNER attribute of that record to the
group manager of the administrative group to which the user belongs.
The ability to display a user’s security attributes through the INFO USER command is
restricted to these users:
•
The user
•
The primary and secondary owners of the user’s authentication record
•
The primary owner’s group manager
•
The super ID
Table 5-1 shows who can use the user security commands to display, add, modify, or
delete a user’s authentication record.
Table 5-1. Who Can Use the User Security Commands (page 1 of 2)
USER Command Who Can Use
SET USER LIKE User, primary and secondary record owners, primary owner’s group
manager, and super ID
INFO USER User, primary and secondary record owners, primary owner’s group
manager, and super ID
ALTER USER Primary and secondary record owners, primary owner’s group
manager, and super ID
FREEZE USER Primary and secondary record owners, primary owner’s group
manager, and super ID
THAW USER Primary and secondary record owners, primary owner’s group
manager, and super ID
DELETE USER Primary and secondary record owners, primary owner’s group
manager, and super ID