Manualshelf

Safeguard Audit Service Manual (G06.29+, H06.08+, J06.03+)

ManualsBrandsHP ManualsServerHP NonStop G-Series
31323334353637383940
Specifying Auditing
Safeguard Audit Service Manual 520480-031
2 - 4
Auditing Automatic Logoffs
3. If the supplied password matches the password in the authentication record, the
Safeguard subsystem checks the values of these attributes in the authentication
record:
STATUS frozen/thawed
USER EXPIRES date, time
PASSWORD EXPIRES date, time
4. If the current status is frozen, the user authentication record has expired, or the
user's password has expired, the logon attempt fails. (See the note following this
list.) When a logon attempt fails for any of these reasons, the value of the
AUDIT-AUTHENTICATE-FAIL attribute is checked to determine whether to record
the failed logon attempt in the current audit file.
5. If a logon attempt passes these checks, the AUDIT-AUTHENTICATE-PASS
attribute for that user name is checked to determine whether to record the logon
attempt in the current audit file. Then the logon attempt is allowed to complete
successfully.
When a user attempts to perform a privlogon on a system protected by Safeguard
subsystem (by specifying the option bits 2 and 15 as 1 for a User_Authenticate_
procedure), the user's identity is authenticated without validation of the user's
password. The AUDIT-PRIV-LOGON in conjunction with the AUDIT-DISKFILE-
PRIV-LOGON attribute determines whether an audit is generated for a PRIVLOGON
request originating from this program file.
Auditing Automatic Logoffs
If you successfully log on at a terminal where a previous user is logged on, the
Safeguard subsystem automatically logs off the previous user. Auditing for this type of
logoff is controlled by the AUDIT-AUTHENTICATE-PASS attribute of the logged off
user.
Auditing TACL Logoff
If you issue a LOGOFF or an EXIT command at the TACL prompt to logoff from a
terminal, the Safeguard subsystem generates an audit with the operation set as
TACLLOGOFF. Auditing for this type of logoff is controlled by either of the following
Safeguard global configuration attributes or the user level attribute based on the
AUDIT-TACLLOGOFF global configuration:
AUDIT-PROCESS-ACCESS
AUDIT-AUTHENTICATE-PASS
Note. If the group manager or the super ID attempts to log on as another user and
PASSWORD-REQUIRED is OFF, the logon succeeds without a password. Auditing is
performed if specified.
Note. This information is supported only on systems
running H06.11 and later H-series RVUs.