Manualshelf

H06.12 Software Installation and Upgrade Guide

ManualsBrandsHP ManualsServerHP Integrity NonStop Release and Migration
51525354555657585960
4. Users are prompted to change their password when logging into the system if:
Their user account existed before the installation of the H03 version of Safeguard, or
They are new users and their password was encrypted in DES or not encrypted at all
before PASSWORD-ALGORITHM was changed to HMAC256.
When prompted, users should enter and re-enter a new password and log onto the
system as usual.
5. For new users that were added to the system after PASSWORD-ALGORITHM was changed
to HMAC256, the system administrator must reset their passwords to enable them to log
onto the system. Otherwise, the users cannot access the system after fallback.
Migration With Standard Security (Safeguard Not Installed)
Once the new version is installed, use the new PWCONFIG utility to modify the appropriate
attributes if you do not want to accept the new default values.
Fallback With Standard Security (Safeguard Not Installed)
In all cases, install the previous version of Standard Security.
If ENCRYPTPASSWORD is OFF or ALGORITHM is set to DES, no extra fallback steps are
required.
If ALGORITHM is set to HMAC256:
When users first change their password after HMAC256 is enabled, they must remember
their immediate previous password.
After fallback, users must use their old password to log onto the system if:
Their user account existed before the installation of the H03 version of Standard Security,
or
They are new users whose password was encrypted in DES or not encrypted at all
before ALGORITHM was changed to HMAC256.
If a user was added to the system after ALGORITHM was changed to HMAC256, they must
use a blank password to log onto the system.
Safeguard Support for OSS Access Control List
The H03 and later versions of Safeguard and Standard Security are enhanced to support the OSS
Access Control List (ACL) feature. A new security group, SECURITY-OSS-ADMINISTRATOR,
and a new Safeguard configuration attribute, AUDIT-CLIENT-OSS, are provided to support this
feature.
Fallback Considerations for OSS ACL
After fallback, the AUDIT-CLIENT-GUARDIAN attribute, which is a synonym for
AUDIT-CLIENT-SERVICE, is longer be applicable.
After fallback, if OSS-related operations are to be audited, enable the
AUDIT-CLIENT-SERVICE attribute if it is not already enabled.
To restore backup tapes from an H06.08 or later RVU to H06.05, H06.06, or H06.07 RVU,
you must install the T0744H01^AAA Backup/Restore 2 SPR. This SPR is required because
changes have been made to the information stored with each object. A Backup/Restore 2
SPR is not available for pre-H06.05 systems.
Safeguard Longer Password Length
Starting with the H04 version of Safeguard, the maximum allowed Safeguard password length
is increased from 8 bytes to 64 bytes.
Safeguard Support for OSS Access Control List 55