Safeguard Reference Manual (G06.24+, H06.03+ )

ManualsBrandsHP ManualsServerHP Integrity NonStop H-Series

121

122

123

124

125

126

127

128

129

130

User Security Commands

Safeguard Reference Manual—520618-013

5-21

ALTER USER Command

Considerations

•

Changing your logon password

Only the owner of a user’s authentication record or the owner’s group manager

can use the ALTER USER command to change a user’s password. However, with

the Guardian PASSWORD program, any users can change their own password. In

addition, users can change their own passwords during logon.

For example, this command changes the user’s logon password to itsme:

4> PASSWORD itsme

When you change your logon password, your Safeguard authentication record is

automatically updated.

Your password is subject to restrictions defined by the configuration attributes

described in Section 16, Safeguard Subsystem Commands.

•

Adding or deleting default protection while a user is logged on

If you add or delete default protection for a user while that user is logged on, and

the user subsequently creates a disk file during that session, the FUP INFO and

TACL FILEINFO displays are not updated until the next time the disk file’s

protection record is altered.

•

Changing Guardian default security while a user is logged on

If you change the Guardian default disk file security for a user while that user is

logged on, the change does not take effect until the next time the user logs on or

issues a Guardian VOLUME command.

•

Changing a user’s primary group

Programmatic logon sets the group list of a process to contain the user’s entire

group list and also copies the user’s primary group to the real group ID, effective

group ID, and saved set-group-ID of the process. Because a user’s primary group

can differ from that user’s administrative group, the effective group ID of a process

can differ from the administrative group of the process as defined by the PAID.

Examples

1. The PRS group manager owns the authentication record for PRS.DARLENE. The

manager enters the following command to transfer primary ownership of that

record to the user who has user ID 86,2 and to require that Darlene change her

logon password every 35 days:

=ALTER USER prs.darlene, OWNER admin.sue, &

=PASSWORD-MUST-CHANGE EVERY 35 DAYS

Because the OWNER attribute for PRS.DARLENE was changed to a member of

another group, PRS.MANAGER can no longer manage this authentication record.