Security Management Guide (G06.24+, H06.03+)
Guardian System Security
Security Management Guide—522283-008
2-3
Guardian User Security
Guardian User Security
Users on a NonStop system fall into one of these four classes. Each class is
determined by the user ID:
Identifying System Users
Each system user has a unique user name and user ID. A user name is in the form:
group-name.member-name
where group-name is the name of the administrative group to which the user belongs
and member-name identifies the individual user within the group.
A user ID is a pair of integers in the form:
group-number,member-number
where group-number identifies the user’s administrative group and member-number
identifies the user within the group. Each integer is in the range 0 through 255.
All user names and user IDs are kept in a system file. During a logon procedure, the
system checks this file to ensure that the user name in the LOGON command is valid
and that the correct password is supplied if required.
In addition to the user name and user ID, a user can also be assigned aliases. User
aliases can only be defined using the Safeguard software as described in Assigning
User Aliases on page 3-10.
Adding System Users
When a new system is initialized, only two users exist:
•
The super ID with the user name SUPER.SUPER and the user ID 255,255
•
A null user with the user name NULL.NULL and the user ID 0,0
General users Log on to a system to run one or more specific applications such
as a text editor or manufacturing application. (General users
are sometimes called application users.)
Group managers Are responsible for members of a specific administrative group
on the system. The user ID is n,255, where n is the number of
the group.
The super group Performs various system functions such as managing system
files, disks, and other devices. The user ID is 255,n, where n is
an integer from 1 through 254.
The super ID Can access files, processes, and devices for the entire system
with no restrictions. The user ID is 255,255.