Safeguard Administrator's Manual (G06.24+, H06.03+)
Table Of Contents
- What’s New in This Manual
- About This Manual
- 1 Introduction
- 2 Controlling User Access
- Introduction
- Using SAFECOM to Establish a Local User Community
- Using SAFECOM to Manage User Access to Your System
- Changing the Owner of a User Authentication Record
- Granting a User Temporary Access to Your System
- Requiring Users to Change Their Passwords
- Granting a Grace Period for Changing an Expired Password
- Forcing Immediate Expiration of a User’s Password
- Freezing a User's Ability to Access the System
- Specifying Auditing for a User ID
- Deleting Users
- Deleting Administrative Groups
- Using SAFECOM to Establish a Network of Users
- Using Safeguard With Nodes With Standard Security
- Identifying Network Users
- Granting a Network User Access to Objects on Your System
- Establishing a Community of Network Users
- Changes to the PAID During a User’s Session
- Additional Considerations for Aliases and Groups
- Additional Considerations for ACCESS with Network Specific Subject IDs
- Establishing Default Protection for a User's Disk Files
- Specifying a Default Command Interpreter for a User
- Establishing Guardian Defaults
- Assigning an Alias to a User
- 3 Managing User Groups
- 4 Securing Volumes and Devices
- 5 OBJECTTYPE Control
- 6 Managing Security Groups
- 7 Securing Terminals
- 8 Warning Mode
- 9 Configuration
- Safeguard Attributes
- Configuring User Authentication
- Configuring Password Control
- Configuring Device Control
- Configuring Process Control
- Configuring Disk-File Control
- Configuring Safeguard Auditing
- Configuring a Default Command Interpreter
- Configuring Communication With $CMON
- Configuring Logon Dialog
- Configuring Exclusive Access at Safeguard Terminals
- Configuring Warning Mode
- Configuring Persistence
- Configuring Attributes for Node Specific Subjects in ACLs
- 10 Installation and Management
- Safeguard Components
- Process Considerations for the SMP and SAFECOM
- Safeguard Subsystem Management Commands
- General Installation Procedure
- Installing the Safeguard Software
- Starting the SMP
- Converting to the Safeguard Subsystem
- Updating the Safeguard Software
- Guidelines for Securing the Safeguard Subsystem
- Monitoring the Safeguard Subsystem
- A SAFECOM Command Syntax
- Index
Index
Safeguard Administrator’s Manual—523317-013
Index-5
R
Process stop modes 8-3
Protecting an entire object type 5-3
Protecting an object 4-2
R
Remote passwords
converting to Safeguard
protection 10-9
for network users 2-28
REMOTEPASSWORD attribute 2-6
RESET DEVICE command 4-1
RESET OBJECTTYPE command 5-3
RESET USER command 2-10
RESET VOLUME command 4-1
RESET-BINARY-DESCRIPTION
attribute 2-8
Returning to a previous RVU 10-10
RPASSWRD program 2-27, 10-9
S
SAFECOM 10-1
command syntax A-3
commands for network users 2-27
PIN considerations 10-3
Safeguard management
commands 10-4
securing the SAFECOM program
file 10-11
security commands 4-1
syntax elements A-1
user security commands 2-10
Safeguard
components 10-1
management commands 10-4
Safeguard console messages 10-13
Safeguard management commands 10-4
Safeguard software, updating to a new
product version 10-9
Safeguard status, monitoring 10-12
Securing an entire object type 5-3
Securing devices 4-4
Securing disk volumes 4-3
Securing subdevices 4-4
Securing terminals 7-1
Securing the Safeguard software,
guidelines for 10-11
Security administrator 1-3
Security group, creating 6-1
Security Manager Process (SMP)
defined 10-1
starting the SMP 10-7
Security Monitor (SMON) 10-1, 10-2
Security officer 1-3
Security planning 1-3
Security policy
importance of 1-2
types of 1-3
SECURITY-ADMINISTRATOR group 6-1
SECURITY-OSS-ADMINISTRATOR
group 6-1
SECUTITY-OSS-ADMINISTRATOR
privileges over the normal users 6-1
Sensitive objects 10-11
SET DEVICE command 4-1
SET OBJECTTYPE command 5-3
SET USER command 2-10
SET VOLUME command 4-1
SHOW DEVICE command 4-1
SHOW OBJECTTYPE command 5-3
SHOW USER command 2-10
SHOW VOLUME command 4-1
SMON (Security Monitor) 10-1
SMON (Security Monitor) Process 10-2
SMP PIN considerations 10-3
SMP (Security Manager Process)
defined 10-1
starting the SMP 10-7
Special considerations
for devices 4-4
for subdevices 4-4
for volumes 4-3