Manualshelf

Security Management Guide (G06.24+, H06.03+)

ManualsBrandsHP ManualsServerHP NonStop G-Series
61626364656667686970
Safeguard System Security
Security Management Guide522283-008
3-10
Vacations and Other Absences
Ability to specify different command interpreters to be started automatically after
logon for different users (For example, you can specify SAFECOM as the initial
command interpreter for the security staff.)
Ability to specify that the user logged on at the terminal has exclusive access to it
To have Safeguard control the logon process at a particular terminal, use SAFECOM to
create a terminal definition with the ADD TERMINAL command. For more information
about creating terminal definitions, see the Safeguard Administrator’s Manual and the
Safeguard Reference Manual.
The Safeguard software also allows you to implement a security event-exit process to
enforce site-specific password requirements. An event exit process is a user-written
process that participates in security policy enforcement.
Vacations and Other Absences
Develop a procedure for freezing user IDs during vacations and other absences. Also
develop a procedure for thawing user IDs upon return. Be sure this procedure is
expedient and reliable so users can resume work as soon as possible.
When Employees Leave
Develop a procedure for eliminating user IDs of employees who leave the company. In
general, perform these tasks when removing a user from the system:
1. Delete any user aliases associated with the user ID with the SAFECOM DELETE
ALIAS command.
2. Delete the user ID with the SAFECOM DELETE USER command.
3. Determine the disposition of the user’s files. Reassign critical files to another user
and delete unimportant files.
4. Remove entries for the user ID from access control lists of critical system objects.
Inform other users to remove any entries for access control lists that they control.
5. If the user ID is a network ID, inform the administrators of all systems where the
user ID is valid. Be sure the preceding steps are followed for the user ID on these
other systems.
Assigning User Aliases
User aliases are defined using SAFECOM ALIAS commands. A user alias is an
alternate name that can be assigned to a user for purposes of logging on to the
system. An alias name has more flexible syntax than a user’s user name. An alias
name is case-sensitive and can be up to 32 characters long.
An alias authentication record contains the same set of attributes found in a user
authentication record. However, each alias assigned to a user can have a unique set of