Safeguard Administrator's Manual (G06.29+, H06.08+, J06.03+)
Controlling User Access
Safeguard Administrator’s Manual—523317-029
2-30
Establishing a Community of Network Users
On the remote system, \LA
ADMIN.BOB is given a remote password for his system, \LA:
=ALTER USER 1,0, REMOTEPASSWORD \LA abc
On the local system, \NY
Give ADMIN.BOB a remote password for his system, \LA:
=ALTER USER 1,0, REMOTEPASSWORD \LA abc
Now the network user ADMIN.BOB has two-way access between \NY and \LA. The
difference between one-way access and two-way access for a network user can be
diagrammed as:
ONE-WAY ACCESS (from \LA to \NY):
System \NY System \LA
User Name : ADMIN.BOB User Name : ADMIN.BOB
User ID : 1,0 User ID : 1,0
Remote Password: \NY xyz Remote Password: \NY xyz
With these remote passwords, ADMIN.BOB can access objects on \NY from \LA.
ONE-WAY ACCESS (from \NY to \LA):
System \NY System \LA
User Name : ADMIN.BOB User Name : ADMIN.BOB
User ID : 1,0 User ID : 1,0
Remote password: \LA abc Remote password: \LA abc
With these remote passwords, ADMIN.BOB can access objects on \LA from \NY.
TWO-WAY ACCESS (between \NY and \LA):
System \NY System \LA
User Name : ADMIN.BOB User Name : ADMIN.BOB
User ID : 1,0 User ID : 1,0
Remote password: \NY xyz Remote password: \NY xyz
Remote password: \LA abc Remote password: \LA abc
With these remote passwords, ADMIN.BOB can access objects on \NY from \LA, and
he can access objects on \LA from \NY.
Establishing a Community of Network Users
Because network users must have the same user name and user ID on every node to
which they have access, the assignment of group names to group numbers must be
coordinated at each node. For example, a user at the node \LA named ADMIN.BOB
with a user ID of 1,0 cannot be granted access to any system where the group
number 1 is assigned to a group name other than ADMIN. Also, ADMIN.BOB cannot