Manualshelf

XYGATE User Authentication Reference Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series
271272273274275276277278279280
XYGATE
®
User Authentication
Reference Manual
Appendix B: The UAACL File
XYPRO Technology Corporation 249 Proprietary and Confidential
UAGROUP ALLOW-CONSOLE-LOGON
PORT 10.1.1.17 $*.#* !SPECIFY THE RIGHT CONSOLE
! look for the TELSERV process dedicated to the console
PASSWORD_REQUIRED ON
RESULT_GRANTED
!Selection Criteria:
FROM_USER $EVERYONE
TO_USER XYPRO.TERRI
UAGROUP ALLOW-FTP-LOGON
DESCRIPTION "These users can logon to FTP"
PASSWORD_REQUIRED ON
RESULT_GRANTED
!Selection Criteria:
FROM_USER $EVERYONE
TO_USER $OK2FTP
REQUESTOR $SYSTEM.ZTCPIP.FTPSERV !default location
UAGROUP DENY-FTP-LOGON
DESCRIPTION "No one else can logon to FTP"
RESULT_DENIED
!Selection Criteria:
FROM_USER $EVERYONE
TO_USER $EVERYONE
REQUESTOR $SYSTEM.ZTCPIP.FTPSERV !CHECK IF REALLY THERE
! -------------------------------------------------------------------
!The following groups control the requesting program's behavior
!rather than authorizing user logons
! These groups only required if SFG global PASSWORD-REQUIRED = ON
! and running XHE, Direct Connect, or SSH
UAGROUP XYGATEHE
IGNORE_PASSWORD_REQUIRED ON !Ignore requesting program's PW request
PASSWORD_REQUIRED OFF !Override SFG global = PW-REQ set to ON
RESULT_GRANTED
!Selection Criteria:
FROM_USER $EVERYONE
TO_USER $EVERYONE
REQUESTOR $SYSTEM.XYGATEHE.XYGATEHE
!UAGROUP DIRECT-CONNECT
!IGNORE_PASSWORD_REQUIRED ON !Ignore requesting program's PW request
!PASSWORD_REQUIRED OFF !Override SFG global = PW-REQ set to ON
!RESULT_GRANTED
!!Selection Criteria:
!FROM_USER $EVERYONE
!TO_USER $EVERYONE
!REQUESTOR $<DIRECT CONNECT OBJECT>
! This group is required only when running SSH with Sfg global
! Password-Required ON
UAGROUP XYGATESH-LOGDOWN-ALLOWED
DESCRIPTION "Allows aliases to use ssh with SFG pass-req ON"
PASSWORD_REQUIRED OFF !Override SFG global = PW-REQ set to ON
!Selection Criteria:
FROM_USER $EVERYONE
TO_USER $EVERYONE
REQUESTOR /usr/local/sbin/sshd