Safeguard Administrator's Manual (G06.24+, H06.03+)
Table Of Contents
- What’s New in This Manual
- About This Manual
- 1 Introduction
- 2 Controlling User Access
- Introduction
- Using SAFECOM to Establish a Local User Community
- Using SAFECOM to Manage User Access to Your System
- Changing the Owner of a User Authentication Record
- Granting a User Temporary Access to Your System
- Requiring Users to Change Their Passwords
- Granting a Grace Period for Changing an Expired Password
- Forcing Immediate Expiration of a User’s Password
- Freezing a User's Ability to Access the System
- Specifying Auditing for a User ID
- Deleting Users
- Deleting Administrative Groups
- Using SAFECOM to Establish a Network of Users
- Using Safeguard With Nodes With Standard Security
- Identifying Network Users
- Granting a Network User Access to Objects on Your System
- Establishing a Community of Network Users
- Changes to the PAID During a User’s Session
- Additional Considerations for Aliases and Groups
- Additional Considerations for ACCESS with Network Specific Subject IDs
- Establishing Default Protection for a User's Disk Files
- Specifying a Default Command Interpreter for a User
- Establishing Guardian Defaults
- Assigning an Alias to a User
- 3 Managing User Groups
- 4 Securing Volumes and Devices
- 5 OBJECTTYPE Control
- 6 Managing Security Groups
- 7 Securing Terminals
- 8 Warning Mode
- 9 Configuration
- Safeguard Attributes
- Configuring User Authentication
- Configuring Password Control
- Configuring Device Control
- Configuring Process Control
- Configuring Disk-File Control
- Configuring Safeguard Auditing
- Configuring a Default Command Interpreter
- Configuring Communication With $CMON
- Configuring Logon Dialog
- Configuring Exclusive Access at Safeguard Terminals
- Configuring Warning Mode
- Configuring Persistence
- Configuring Attributes for Node Specific Subjects in ACLs
- 10 Installation and Management
- Safeguard Components
- Process Considerations for the SMP and SAFECOM
- Safeguard Subsystem Management Commands
- General Installation Procedure
- Installing the Safeguard Software
- Starting the SMP
- Converting to the Safeguard Subsystem
- Updating the Safeguard Software
- Guidelines for Securing the Safeguard Subsystem
- Monitoring the Safeguard Subsystem
- A SAFECOM Command Syntax
- Index
Index
Safeguard Administrator’s Manual—523317-013
Index-3
E
DETAIL option
of INFO OBJECTTYPE command 5-6
of INFO USER command 2-12
Device security commands 4-1
Devices
adding to the Safeguard database 4-4
valid ACCESS authorities 4-4
E
Effective group ID 2-33
Establishing a network of users 2-26
Establishing a user community 2-4
Establishing network users 2-29
Exclusive access at Safeguard
terminals 7-1, 9-21
Expiration date for users 2-16
F
FREEZE DEVICE command 4-1
FREEZE OBJECTTYPE command 5-3
FREEZE SECURITY-GROUP
command 6-6
FREEZE TERMINAL command 7-5
FREEZE USER command 2-10, 2-24
FREEZE VOLUME command 4-1
G
Grace period 2-22, 7-2, 9-5
GRANT option 8-2, 9-21
Group
administrative 2-4, 3-1
as an object type 5-4
commands 3-1
file-sharing 2-4, 3-1
list 2-33
security 6-1
Guardian
default security 2-6, 2-37, 8-2
default volume 2-6, 2-37
fallback option 8-2, 9-21
GUARDIAN DEFAULT SECURITY
attribute 2-6, 2-38
GUARDIAN DEFAULT VOLUME
attribute 2-6, 2-38
I
Identifying network users 2-27
INFO DEVICE command 4-1
INFO GROUP command 3-2
INFO OBJECTTYPE
command 5-3
DETAIL option 5-6
INFO SAFEGUARD command 10-4
INFO SECURITY-GROUP command 6-3
INFO TERMINAL command 7-3
INFO USER
CI option 2-37
command 2-10
DEFAULT-PROTECTION option 2-34
GENERAL option 2-19
INFO VOLUME command 4-1
INITIAL-DIRECTORY attribute 2-10
INITIAL-PROGRAM attribute 2-10
INITIAL-PROGTYPE attribute 2-10
L
Login name 2-33
Logon dialog 7-2, 9-20
M
Managing network users
with SAFECOM commands 2-27
with standard security 2-27
Managing the audit files 10-13
Monitoring Safeguard status 10-12
N
NAMED process protection records 9-11
NAMELOGON attribute 9-20