Manualshelf

H06.08 Release Version Update Compendium

ManualsBrandsHP ManualsServerHP Integrity NonStop Release and Migration
21222324252627282930
Manageability Products
H06.08 Release Version Update Compendium543560-001
6-3
Safeguard Support for OSS ACL
can have a value between 0 and 64 inclusive, or between 0 and
PASSWORD-MAXIMUM-LENGTH inclusive, whichever is smaller.
There are special considerations. PASSWORD-MINIMUM-LENGTH is reset to 6 when
PASSWORD-MINIMUM-LENGTH is greater than 8 and one of these situations is true:
PASSWORD-ENCRYPT is changed from ON to OFF.
PASSWORD-ALGORITHM is changed from HMAC256 to DES.
Enabling the Longer Password Feature
By default, the longer password feature is disabled. Upon migration to the H06.08
RVU, the following Safeguard configuration attributes must be changed using
SAFECOM or PWCONFIG:
1. Change PASSWORD-COMPATIBILITY-MODE to OFF.
2. Change PASSWORD-MAXIMUM-LENGTH to a value greater than 8 characters.
Changes to the Guardian Procedure Call
USER_AUTHENTICATE_( )
The USER_AUTHENTICATE_( ) procedure is enhanced to accept passwords of length
greater than eight characters. The inputtext-len parameter, which specifies the length
of the inputtext string in bytes, is enhanced to accept a value of up to 256 bytes. Also,
a new bit has been defined in the options parameter. Bit 4 of the options parameter,
when set, indicates that the password field can be up to 64 characters long. A new
status value of 23 is defined to inform the user that a long password was specified
when the PASSWORD-COMPATIBILITY-MODE attribute was set to ON. Only the first
eight characters of the specified password are accepted as the new password. This
status takes effect when the error value returned is 0.
For more information, see the Guardian Procedure Calls Reference Manual.
Safeguard Support for OSS ACL
The new Safeguard Security-Group, SECURITY-OSS-ADMINISTRATOR, resembles
the SECURITY-ADMINISTRATOR and SYSTEM-OPERATOR security groups in that it
is managed through similar SAFECOM or SPI commands. Members of the
SECURITY-OSS-ADMINISTRATOR security group are granted additional OSS
security management privileges over normal users, such as the ability to change the
ownership and permissions of OSS files and directories. This group does not exist until
it is added to the Safeguard database.
The new Safeguard configuration attribute, AUDIT-CLIENT-OSS, is used to determine
whether OSS audit records are written to the Safeguard audit trail. This new attribute
allows for the auditing of OSS related operations to be configured independently of the
existing AUDIT-CLIENT-SERVICE attribute, which currently controls OSS and all other
subsystem client auditing. A synonym, AUDIT-CLIENT-GUARDIAN, is also created for