XYGATE Access Control Reference Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series

151

152

153

154

155

156

157

158

159

160

XYGATE

Access Control Reference Manual

Appendix C: The ACACL File

XYPRO Technology Corporation 124 Proprietary and Confidential

NULLNULLSTOP !When the logoff happens, stop.

!Ensure that anyone using this command re-enters the user's

!password for userid validation.

VERIFYUSER $EVERYONE

!Replace the word that follows a PASSWORD command or subcommand

!with 8 pound signs in the audit.

BLANKPASSWORD

!If V or VOLUME is used to change volume, change XYGATE/AC's obey

!file default too.

TRACKVOLUME

FC !Use simple FC

!FC is valid at commands that end with this prompt.

FCPROMPT "> "

OPENSBYOBJECTS \*.$*.*.* !Allow any subordinate program to start.

COMMAND TACL-DYNAMIC-IP

!This command is designed to be used with a TELNET service.

!To alter the existing TACL service, use the command:

! ASSUME PROCESS $ZTNP2 (replace with the name of your TELNET service)

! ALTER SERVICE TACL,PROG $VIK.XAC575.XYGATEAC,

! PARAM "TACL-DYNAMIC-IP"

!To create a new service, use the command:

! ADD SERVICE AUD-TACL (or whatever you want it to be named at TELNET

! PROG $VIK.XAC575.XYGATEAC,TYPE CONV,SUBTYPE DYNAMIC,

! ACCESS ALL,PARAM "TACL-DYANMIC-IP",DISPLAY ON

DESCRIPTION "Keystroke audited TACL"

USER 255,255

ACL $EVERYONE

OBJECT $SYSTEM.SYSNN.TACL !TACL is the program

START_LOGGED_OFF !user must enter userid/alias/password

!Extend the ALIAS to all subordinate programs

ALIAS_ALL_PROCESSES

ALIAS "O " ">OBEY "

ALIAS "OBEY " ">OBEY "

ALIAS "O$" ">OBEY $"

ALIAS "O\" ">OBEY \"

NULLNULLSTOP

!If you get a HANGUP command for the application, then stop

EXECUTEHANGUP

!After 10 seconds of no communications line activity, wait for 2.5

!seconds for !recovery. If no recovery, stop.

CHECKCONNECTION 1000 250

!If one of these errors occurs, terminate the session.

STOPONERROR 60,66,140,190,191

DONOTSTOP $*.*.PATHTCP2

BLANKPASSWORD

TRACKVOLUME

TRACKUSERID

FCPROMPT "> "

OPENSBYOBJECTS \*.$*.*.*

TIMEOUT 1800

COMMAND TACL-255-WITH-REASON-LOG

!This command starts a TACL as SUPER.SUPER after the user

!has entered a reason for using this privileged session.

DESCRIPTION "SUPER TACL with Reason"

USER 255,255

OBJECT $SYSTEM.SYSNN.TACL

USER_SWITCH PRIVLOGON !Manage filesharing groups