Expand Configuration and Management Manual (H06.21+, J06.10+)
Managing the Network
Expand Configuration and Management Manual — 529522-013
18 - 7
Setting Up Network Security
Setting Up Network Security
One of the first tasks you must perform after completing the network configuration is to
set up access to remote resources for network users. To access a process, device, or
file on a remote system, a user must have the appropriate access. Topics explained in
this section include:
•
Remote File Security
•
Remote Process Security
•
Remote TACL Processes
•
Global Remote Passwords
•
Subnetwork Security
•
Remote Super ID User
•
Additional Security Techniques
Remote File Security
A user on node \WEST who wants to access a file (including a disk file, device, or
process) on a node \EAST must satisfy these requirements:
•
The user must also be established as a user on node \EAST.
•
The user must have matching remote passwords established on both nodes.
•
To access a disk file, the user on node \WEST must have authority to access the
file on node \EAST as a remote accessor.
Each of these requirements is described in these subsections.
Establishing Global User IDs
Each user is known to the local node by a user name and a user ID (for example,
ADMIN.BILL and 6,14). A user can access files on a remote node only if the user’s
user name and user ID are also known to the remote node.
For example, if ADMIN.BILL, who is on node \WEST
, wants to access a file on remote
node \EAST, the remote node must also have a user identified as ADMIN.BILL with a
user ID of 6,14. A super group user (user ID 255,255) or a group manager at node
\EAST must add ADMIN.BILL with the TACL ADDUSER command.
You can also use the Safeguard command interpre
ter, SAFECOM, to define user
authentication records. For more information on SAFECOM, see the Safeguard
Administrator’s Manual.
You can verify user names and IDs with the USERS co
mmand. As shown in this
example, the USERS command returns the default group and user of the user’s logon,
the group user ID, the current security, and the default volume and subvolume:
1> USERS