Manualshelf

XYGATE Access Control Reference Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series
61626364656667686970
XYGATE
®
Access Control Reference Manual
Chapter 2. Configuring XAC
XYPRO Technology Corporation 37 Proprietary and Confidential
2.7 Configuring XAC Userids and Aliases
All XYGATE modules use standard Guardian userids and Safeguard aliases. No
XYGATE module requires that you create a new user database.
XAC allows you to enter userids as either user names or user numbers, but the two
are treated somewhat differently according to the following:
If a user number is entered, XAC will not check for the presence of the userid on
that node.
If userids are entered as user names, XAC will check for the presence of that user
name on the node where they are running. If the user name does not exist, XAC
generates a syntax error. Any rule (that is, XAC Command) that includes that
userid, either specifically or within an ACLGROUP, will be ignored. Use the
XAC_EDIT_ACL macro to see any syntax warnings or errors before you attempt to
put the file into production. For XYGATEAC refer to Appendix E12:
XAC_EDIT_ACL” on page 262 for more information. XYPRO Technology strongly
recommends that you always use this macro when updating the ACACL file.
Note: If you do not have the same userids on every node relevant to a particular
XAC command or a particular OSGROUP, for example, then you should
always enter users as user numbers.
Aliases are always treated as user names, so aliases must always exist on the node
where the product is running.
Use comments to include the user names if you wish:
ACLGROUP $BASE24 \*.30,* !\*.B24.*
NETUNDERLYING:\*.30,255 !\*.B24.MGR
\*.255,30 !\*.SUPER.B24
alias:"\*.b24-kim" ! Kim’s alias to SUPER.B24
Use the Node-Conditional syntax to include the correct userids and aliases for a given
node. Refer to Chapter 3, “Node-Conditional Processing in the ACACL Filefor more
information.
2.7.1 Userids
Users are specified as follows:
Syntax:
[\Node.]<Group Name>.<User Name> or [\Node.]<Group Number>,<User Number>
You can enter userids as user names or user numbers. Remember that if you enter a
user name, XAC will check for the userid’s existence on the node where it is running.