Security Management Guide (G06.29+, H06.08+, J06.03+)

ManualsBrandsHP ManualsServerHP NonStop G-Series

121

122

123

124

125

126

127

128

129

130

Concerns for the User

Security Management Guide — 522283-021

7 - 6

Privileged User Classes

If you are a general user, you might have to call on a privileged user to handle certain

tasks. If you are a privileged user, you might have to handle some tasks for a general

user.

Privileges of the Super ID

The local super ID (255,255) has unrestricted access to the entire local system unless

Safeguard security mechanisms have been used to restrict the powers of the super ID.

A remote super ID has more restricted access to the local system. The remote super

ID has only the privileges associated with a remote member of the super group.

Privileges of the Super Group

Super-group IDs (255,n), also called system-operator IDs, have the privileges needed

to operate the system. For example, these operators can start and stop devices. The

detailed privileges available to members of the super group are described in the

Guardian manuals. File-sharing members of the super group do not automatically

receive the privileges associated with that group. For more information, see 

File-Sharing Groups on page 6-2.

Privileges of a Group Manager

Each administrative group can have a group manager, who is member number 255

within the group. A group-manager ID (n,255) operates much like the super ID, but

only for operations affecting members of that administrative group. For example, a

group manager ID might be able to add new members to the administrative group and

also log on as a group member without knowing the group member’s password.

If a group member forgets their password, the group manager might be able to log on

as that member at the manager’s terminal so that the member can change the

password.

To provide tighter security, some organizations do not define group-manager user IDs,

or they might alter Safeguard settings so that group managers are required to know a

user

’s password to use that ID.

To determine whether you have a group manager, you must first know your

administrative group number. If you do not know it, enter a USERS command (without

parameters). Your user ID appears under the heading I.D. #.

For example, if your user name were SALES.ROBIN, you would enter the USERS

command to get the following display. The display shows you to be member 36 of

SALES group 147.

2> USERS

GROUP . USER I.D. # SECURITY DEFAULT VOLUMEID



SALES .ROBIN 147,036 OOOO $SALES.ROBIN