Manualshelf

Safeguard Administrator's Manual (G06.29+, H06.08+, J06.03+)

ManualsBrandsHP ManualsServerHP NonStop G-Series
41424344454647484950
Controlling User Access
Safeguard Administrator’s Manual—523317-029
2-17
Granting a User Temporary Access to Your System
sequence of SAFECOM commands. ADMIN.MANAGER begins by displaying the
current user attributes defined for ADMIN.BOB:
=INFO USER admin.bob
This INFO display shows that the user authentication record for ADMIN.BOB is
currently owned by 1,255 (ADMIN.MANAGER). ADMIN.MANAGER now gives the user
authentication record for ADMIN.BOB to SECURITY.SUSAN with this command:
=ALTER USER admin.bob, OWNER security.susan
Then SECURITY.SUSAN checks the INFO display:
=INFO USER admin.bob
Now the display shows that 200,1 (SECURITY.SUSAN) owns the user authentication
record for ADMIN.BOB. ADMIN.MANAGER has thus limited the ability to change the
user authentication record for ADMIN.BOB to only three users: SECURITY.SUSAN,
her group manager, and the super ID. Now that she owns this user authentication
record, SECURITY.SUSAN can use the ALTER USER command to control the ability
of ADMIN.BOB to access the system.
Granting a User Temporary Access to Your System
Occasionally, an installation needs to limit the period that a user has access to the
system. For example, if you hire a contract programmer for only a few weeks, the
security administrator might want to limit that programmer's ability to access the
system to the term of employment.
To control the length of time that a user can access the system, specify a USER-
EXPIRES date for the user. The USER-EXPIRES attribute is contained in every user
authentication record. Its default value is no expiration date.
For example, assume you are the manager of the SOFTWARE group (user ID 4,255).
The following sequence of SAFECOM commands adds a user whose ability to access
the system expires on December 19, 2005.
Reset the default user attributes to predefined values:
=RESET USER
Set default values for the USER-EXPIRES and PASSWORD attributes:
=SET USER USER-EXPIRES Dec 19 2005
=SET USER PASSWORD b9v7
GROUP.USER USER-ID OWNER LAST-MODIFIED LAST-LOGON STATUS WARNING-MODE
ADMIN.BOB 1,0 1,255 17JUN05, 11:22 * NONE * THAWED OFF
GROUP.USER USER-ID OWNER LAST-MODIFIED LAST-LOGON STATUS WARNING-MODE
ADMIN.BOB 1,0 200,1 20JUN05, 11:25 * NONE * THAWED OFF