Compaq ACMS for OpenVMS
Managing Applications


Previous Contents Index


SHOW Command (UDU>)

Displays UDU definitions.

Format

SHOW user-name

Command Qualifier Default
/BRIEF Full definition


Privileges Required

None

Parameters

user-name

The OpenVMS user name of the definition you are displaying. Use the wildcard character (*), $ALL, or DEFAULT as the user name. Use the wildcard character to represent a partial user name.

Qualifiers

/BRIEF

Displays only the user names in definitions. The default is to display full definitions.

Notes

To display all definitions, use the wildcard character (*) as the parameter.

Examples

#1

UDU> SHOW *
User Spec:      *
User Name:      DEFAULT            DISPLAY MENU       
Default Menu:
Default MDB:    ACMS$DIRECTORY:ACMS.MDB
Initial Task:
  Application:
  Task:
  Selection:
Final Task:
  Application:
  Task:
  Selection:
 
Language:
Printfile:
 
 
User Name:      $ALL                DISPLAY MENU
Default Menu:
Default MDB:    ACMS$DIRECTORY:ACMS.MDB
Initial Task:
  Application:
  Task:
  Selection:
Final Task:
  Application:
  Task:
  Selection:
 
Language:
Printfile:
 
      

The SHOW command with the wildcard character (*) displays all definitions in the user authorization file (ACMSUDF.DAT).

#2

UDU> SHOW * /BRIEF
User Spec:   * 
User Name:   $ALL        
User Name:   DEFAULT     
User Name:   CONNOR 
 
User Name:   WINSTON
 
      

The SHOW/BRIEF command with the wildcard character (*) displays all user names in UDU definitions.

#3

UDU> SHOW CONNOR
User Name:      CONNOR             DISPLAY MENU
Default Menu:   EMPLOYEE
Default MDB:    ACMS$DIRECTORY:ACMS.MDB
Initial Task:                      IGNORE ERROR
  Application:  EMP_ACCT
  Task:         REGISTERY
  Selection:    LOG_IN.DAT
Final Task:                        IGNORE ERROR
  Application:  EMP_ACCT
  Task:         DAILY_LOG
  Selection:    DAYS_WORK.DAT
 
Language:       ENGLISH
Printfile:      SPOOLDEV::TXA0:
 
      

The SHOW command displays the definition for CONNOR.


SHOW /PROXY Command (UDU>)

Displays one or more proxies in the ACMS proxy file (ACMSPROXY.DAT).

Format

SHOW /PROXY remote-node::remote-user


Parameters

remote-node

Specifies a remote node name (1 to 6 alphanumeric characters).

remote-user

Specifies the user name of a user at a remote node. A valid user name is a string of 1 to 12 alphanumeric characters and can contain underscores and dollar signs.

Notes

The SHOW /PROXY command interprets the asterisk as a wildcard character. To display the proxy access for all users in the proxy file, specify either a single asterisk (*) or *::* for <remote-node>::<remote-user>. If you use an asterisk for <remote-node>, all user proxies that match the <remote-user> specification are displayed. If you use an asterisk for <remote-user>, all proxies for users on the specified <remote-node> are displayed.

You can also use the wildcard character with the SHOW /PROXY command to represent a partial user proxy. You can use the asterisk as a prefix (for example, *FORD), as a suffix (for example, BICK*), or as both (for example, *CKFOR*).


Examples

#1

UDU> SHOW /PROXY *::*
Remote User: *::BICKFORD                 Local User: BICKFORD 
Remote User: COMET::BICKFORD             Local User: SUPERVISOR 
Remote User: COMET::BROWN                Local User: BROWN 
Remote User: COMET::PERSONNEL            Local User: PERS_USER 
Remote User: BRICK::*                    Local User: RENTAL_AGENT  
      

This command displays all proxies in the ACMS proxy file. Note that the command SHOW /PROXY * displays the same output.

#2

UDU> SHOW /PROXY COMET::PERSONNEL
Remote User: COMET::PERSONNEL            Local User: PERS_USER
      

This command displays a single proxy.

#3

UDU> SHOW /PROXY *::BICKFORD
Remote User: *::BICKFORD                 Local User: BICKFORD 
Remote User: COMET::BICKFORD             Local User: BICKFORD
      

This command displays proxies using a wildcard for the remote node.

#4

UDU> SHOW /PROXY COMET::*
Remote User: COMET::BICKFORD             Local User: SUPERVISOR 
Remote User: COMET::BROWN                Local User: BROWN 
Remote User: COMET::PERSONNEL            Local User: PERS_USER 
      

This command displays proxies using a wildcard for the remote user.

#5

UDU> SHOW /PROXY COMET::B*
Remote User: COMET::BICKFORD             Local User: SUPERVISOR 
Remote User: COMET::BROWN                Local User: BROWN
      

This command displays proxies using partial wildcarding for the remote user.


Chapter 19
AAU Commands

This chapter contains reference information and examples for the ACMS Application Authorization Utility (AAU) commands. See Chapter 4 for general information on AAU.


ADD Command (AAU>)

Authorizes one or more application names for installation in ACMS$DIRECTORY.

Format

ADD application-name

Command Qualifiers Default
/ACL=(access-control-list[,...]) From DEFAULT definition
/APPL_USERNAME=user-name From DEFAULT definition
/[NO]DYNAMIC_USERNAMES From DEFAULT definition
/SRV_USERNAMES[=(server-user-name[,...])] From DEFAULT definition
/[NO]WILD_SUFFIX From DEFAULT definition


Privileges Required

None

Parameters

application-name

The name of the application you want to authorize. The name can be $ALL or a valid RMS file name of up to 39 characters.

Qualifiers

/ACL=(access-control-list[,...])

The /ACL qualifier authorizes a user to install an application database file in ACMS$DIRECTORY. When a user enters the ACMS/INSTALL command, ACMS checks the AAU authorization to confirm that the Access Control List (ACL) entries used with the /ACL qualifier include that user name. If the user is not authorized, the ACMS/INSTALL command does not install the application.

The Access Control List identifies who can and who cannot install an application. The access control entries for the AAU follow the same format used for OpenVMS except for these restrictions:

With these restrictions in mind, the general format for specifying an Access Control List is as follows:

/ACL=((IDENTIFIER=identifier[...][,ACCESS=access-action])[,...])

For example:


AAU> ADD PERSONNEL EMPLOYEE /ACL=(IDENTIFIER=[PAYUP,JONES], -
_AAU> ACCESS=CONTROL)

Each time you specify an identifier and optionally an access action code, you describe one access control entry. You can, however, specify a string of access control entries, separated by commas, as indicated by the ellipsis [,...]. Together, access control entries constitute the Access Control List for a particular application.

Refer to OpenVMS DCL Dictionary for more information about Access Control Lists and entries.

/APPL_USERNAME=user-name

Identifies the user name of an application. The ACMS/INSTALL command does not install the application database file in ACMS$DIRECTORY unless the application user name in the application matches the one you specify with the /APPL_USERNAME qualifier. If you specify the wildcard character (*) instead of a user name, the wildcard user name automatically matches any user name specified in the application the user tries to install.

By default, AAU uses the setting assigned in the DEFAULT authorization. AAU assigns the default setting /APPL_USERNAME=* when the ACMSAAF.DAT file is first created.

/[NO]DYNAMIC_USERNAMES

Allows a user to install an application database file if the setting you assign with the /[NO]DYNAMIC_USERNAMES qualifier matches that in the application. For example, if you do not want an application installed that allows servers to use dynamic user names or "USERNAME OF SUBMITTER", use the /NODYNAMIC_USERNAMES qualifier. If you want an application installed that allows servers to use dynamic user names, use the /DYNAMIC_USERNAMES qualifier.

By default, AAU uses the setting assigned in the DEFAULT authorization. AAU assigns /NODYNAMIC_USERNAMES as the default setting when the ACMSAAF.DAT file is first created.

/SRV_USERNAMES[=(server-user-name[,...])]

Specifies one or more server user names that are associated with the application you are authorizing. The ACMS/INSTALL command installs an application if the server user names that you specify with the /SRV_USERNAMES qualifier match those in the application database file. If you specify the wildcard character (*) for a server user name, the wildcard user name automatically matches all server user names specified in the application.

If you do not want to authorize any server user names, include the /SRV_USERNAMES qualifier without any specifiers. For example:


AAU> ADD INVESTMENT /SRV_USERNAMES

By default, AAU uses the setting assigned in the DEFAULT authorization. AAU assigns the default setting /SRV_USERNAMES=* when the ACMSAAF.DAT file is first created.

/[NO]WILD_SUFFIX

Allows a user to install or prevents a user from installing any application whose name begins with the letters of the application name you are authorizing. For example, the following command allows the user with UIC [PERSONNEL,RICHARD] to install any application name that starts with the letters INVAPPL:


AAU> ADD INVAPPL /ACL=(IDENTIFIER=[PERSONNEL,RICHARD], -
_AAU> ACCESS=CONTROL) /WILD_SUFFIX

Once this command is in effect, user [PERSONNEL,RICHARD] can install applications with names such as INVAPPL, INVAPPL1, and INVAPPL2.

By default, AAU uses the setting assigned in the DEFAULT authorization. AAU assigns the default setting /NOWILD_SUFFIX when the ACMSAAF.DAT file is first created.


Notes

To create an authorization for a single application, use the RMS name of that application as the application name. To create an authorization for all applications, use the keyword $ALL as the application name.

AAU then stores the authorizations you create in the ACMSAAF.DAT file in your default directory. When a user enters the ACMS/INSTALL operator command to install an application database file, however, ACMS looks for the ACMSAAF.DAT file in SYS$SYSTEM. If you choose to locate ACMSAAF.DAT in a directory other than SYS$SYSTEM, you must define an EXEC mode logical, ACMSAAF, to point to that directory.


Examples

#1

AAU> ADD PERSONNEL
      

This command authorizes the application named PERSONNEL to be installed in ACMS$DIRECTORY. Because the command has no qualifiers, the new authorization receives information from the DEFAULT authorization.

#2

AAU> ADD $ALL
      

This command creates a $ALL authorization that lets any authorized user install any application. The $ALL authorization receives from the DEFAULT authorization any information you do not include with qualifiers.

#3

AAU> ADD EMPLOYEE /APPL_USERNAME=GORDON
      

This command authorizes the application named EMPLOYEE and includes the application user name GORDON. The application database file for EMPLOYEE cannot be installed unless it has the application user name of GORDON. The rest of the information for the authorization comes from the DEFAULT authorization.


COPY Command (AAU>)

Makes a copy of an existing authorization.

Format

COPY source-application-name new-application-name

Command Qualifiers Default
/ACL=(access-control-list[,...]) From source authorization
/APPL_USERNAME=user-name From source authorization
/[NO]DYNAMIC_USERNAMES From source authorization
/SRV_USERNAMES[=(server-user-name[,...])] From source authorization
/[NO]WILD_SUFFIX From source authorization


Privileges Required

None

Parameters

source-application-name

The name of the application whose authorization you want to copy. It can be a valid file name of up to 39 characters, $ALL, or DEFAULT.

new-application-name

The application name you give to the new version of the source authorization. It can be a valid RMS file name or $ALL.

Qualifiers

/ACL=(access-control-list[,...])

The /ACL qualifier authorizes a user to install an application database file in ACMS$DIRECTORY. The Access Control List identifies who can and who cannot install an application. See the description of the /ACL qualifier under the ADD command for more information about the /ACL qualifier and rules for specifying Access Control Lists.

/APPL_USERNAME=user-name

Identifies the user name of an application. The ACMS/INSTALL command does not install the application database file in ACMS$DIRECTORY unless the application user name in the application database file matches the one you specify with the /APPL_USERNAME qualifier. If you specify the wildcard character (*) instead of a user name, the wildcard user name automatically matches any user name specified in the application that a user tries to install.

By default, AAU uses the setting assigned in the DEFAULT authorization. AAU assigns the default setting /APPL_USERNAME=* when the ACMSAAF.DAT file is first created.

/[NO]DYNAMIC_USERNAMES

Allows a user to install an application database file if the setting you assign with the /[NO]DYNAMIC_USERNAMES qualifier matches that in the application. For example, if you do not want an application installed that allows servers to use dynamic user names or "USERNAME OF SUBMITTER", use the /NODYNAMIC_USERNAMES qualifier. If you want an application installed that allows servers to use dynamic user names, use the /DYNAMIC_USERNAMES qualifier.

By default, AAU uses the setting assigned in the DEFAULT authorization. AAU assigns /NODYNAMIC_USERNAMES as the default setting when the ACMSAAF.DAT file is first created.

/SRV_USERNAMES[=(server-user-name[,...])]

Specifies one or more server user names that are associated with the application you are authorizing. The ACMS/INSTALL command installs an application if the server user names that you specify with the /SRV_USERNAMES qualifier match those in the application database file. If you specify the wildcard character (*) for a server user name, the wildcard user name automatically matches all server user names specified in the application.

If you do not want to authorize any server user names, include the /SRV_USERNAMES qualifier without any specifiers. For example:


AAU> COPY INVESTMENT /SRV_USERNAMES

By default, AAU uses the setting assigned in the DEFAULT authorization. AAU assigns the default setting /SRV_USERNAMES=* when the ACMSAAF.DAT file is first created.

/[NO]WILD_SUFFIX

Allows a user to install or prevents a user from installing any application whose name begins with the letters of the application name you are authorizing. For example, the following command allows the user with UIC [PERSONNEL,RICHARD] to copy any application name that starts with the letters INVAPPL:


AAU> COPY INVAPPL /ACL=(IDENTIFIER=[PERSONNEL,RICHARD], -
_AAU> ACCESS=CONTROL)/WILD_SUFFIX

Once this command is in effect, user [PERSONNEL,RICHARD] can install applications with names such as INVAPPL, INVAPPL1, and INVAPPL2.

By default, AAU uses the setting assigned in the DEFAULT authorization. AAU assigns the default setting /NOWILD_SUFFIX when the ACMSAAF.DAT file is first created.


Notes

None

Examples

#1

AAU> COPY PERSONNEL EMPLOYEE
      

This command creates the EMPLOYEE authorization, copying all information from the PERSONNEL authorization.

#2

AAU> COPY PERSONNEL EMPLOYEE /SRV_USERNAMES=EMPLOYEE_SRV
      

This command creates the EMPLOYEE authorization, copying information from the PERSONNEL authorization. The /SRV_USERNAMES qualifier assigns the EMPLOYEE_SRV server user name to the EMPLOYEE application authorization.

#3

AAU> COPY PERSONNEL EMPLOYEE /APPL_USERNAME=ACCOUNT
      

This command creates a new authorization with the name EMPLOYEE, copying information from the authorization for PERSONNEL. The /APPL_USERNAME qualifier overrides the application user name from the source authorization, so the authorization for EMPLOYEE receives an application user name of ACCOUNT.

#4

AAU> COPY PERSONNEL EMPLOYEE-
AAU>_ /ACL=(IDENTIFIER=[PAYUP,JONES], ACCESS=CONTROL)
      

This command makes a copy of the PERSONNEL authorization and names it EMPLOYEE. The /ACL qualifier gives the new EMPLOYEE authorization a new access control entry.


DEFAULT Command (AAU>)

Changes information in the DEFAULT authorization.

Format

DEFAULT

Command Qualifiers Default
/ACL=(access-control-list[,...]) From existing authorization
/APPL_USERNAME=user-name From existing authorization
/[NO]DYNAMIC_USERNAMES From existing authorization
/SRV_USERNAMES[=(server-user-name[,...])] From existing authorization
/[NO]WILD_SUFFIX From existing authorization


Privileges Required

None

Qualifiers

/ACL=(access-control-list[,...])

The /ACL qualifier authorizes a user to install an application database file in ACMS$DIRECTORY. The Access Control List identifies who can and who cannot install an application. See the description of the /ACL qualifier under the ADD command for more information about the /ACL qualifier and rules for specifying Access Control Lists.

/APPL_USERNAME=user-name

Identifies the default user name of an application in the application authorization file. The ACMS/INSTALL command does not install the application database file in ACMS$DIRECTORY unless the application user name in the application database file matches the one you specify with the /APPL_USERNAME qualifier, either in the default definition, or through the AAU ADD or other commands.. If you specify the wildcard character (*) instead of a user name, the wildcard user name automatically matches any user name specified in the application that a user tries to install.

By default, AAU uses the setting assigned in the DEFAULT authorization. AAU assigns the default setting /APPL_USERNAME=* when the ACMSAAF.DAT file is first created.

/[NO]DYNAMIC_USERNAMES

Allows a user to install an application database file if the setting you assign with the /[NO]DYNAMIC_USERNAMES qualifier matches the setting in the application. For example, if you do not want an application installed that allows servers to use dynamic user names or "USERNAME OF SUBMITTER", use the /NODYNAMIC_USERNAMES qualifier. If you want an application installed that allows servers to use dynamic user names, use the /DYNAMIC_USERNAMES qualifier.

By default, AAU uses the setting assigned in the DEFAULT authorization. AAU assigns /NODYNAMIC_USERNAMES as the default setting when the ACMSAAF.DAT file is first created.

/SRV_USERNAMES[=(server-user-name[,...])]

Specifies one or more server user names that are associated with the default application authorization. The ACMS/INSTALL command installs an application using the default server user names unless otherwise specified in the specific application authorization with the /SRV_USERNAMES. The server names specified, whether by default or not, must match those in the application database file. If you specify the wildcard character (*) for a server user name, the wildcard user name automatically matches all server user names specified in the application.

If you do not want to authorize any default server user names, include the /SRV_USERNAMES qualifier without any specifiers. For example:


AAU> DEFAULT/SRV_USERNAMES

By default, AAU uses the setting assigned in the DEFAULT authorization. AAU assigns the default setting /SRV_USERNAMES=* when the ACMSAAF.DAT file is first created.

/[NO]WILD_SUFFIX

Sets the wildcard attribute for the default authorization record. The /[NO]WILD_SUFFIX allows a user to install or prevents a user from installing any application whose name begins with the letters of the application name you are authorizing. For example, the following command allows the user with UIC [PERSONNEL,RICHARD] to install by default any application with wildcards, unless otherwise specified by particular application authorizations.


AAU> DEFAULT/ACL=(IDENTIFIER=[PERSONNEL,RICHARD], -
_AAU> ACCESS=CONTROL)WILD_SUFFIX

Once this command is in effect, user [PERSONNEL,RICHARD] can install applications with names such as INVAPPL, INVAPPL1, and INVAPPL2.

By default, AAU uses the setting assigned in the DEFAULT authorization. AAU assigns the default setting /NOWILD_SUFFIX when the ACMSAAF.DAT file is first created.


Notes

The ADD command is the only command affected by the DEFAULT authorization. When you use the ADD command to create a new authorization, the new authorization takes the default information assigned in the DEFAULT authorization. Use qualifiers with the ADD command to override information from the DEFAULT authorization.

When you use the DEFAULT command, you do not need to include DEFAULT as the application name.

AAU creates the ACMSAAF.DAT file and a DEFAULT authorization when you first run AAU.

If you omit one or more qualifiers from the DEFAULT command, the new DEFAULT authorization retains the information that already exists.

Both the DEFAULT and the MODIFY commands let you modify the DEFAULT authorization. The DEFAULT command, however, lets you change the DEFAULT authorization only. The MODIFY command serves a more general use and lets you modify any authorization in the ACMSAAF.DAT database file.

The changes made with the DEFAULT command remain in effect until you modify the DEFAULT authorization again. The original settings assigned to the DEFAULT authorization are not restored at the end of the AAU session.


Examples

#1

AAU> DEFAULT /APPL_USERNAME=EMPLOYEE /WILD_SUFFIX
      

This DEFAULT command assigns the application user name EMPLOYEE and the wildcard characteristic to the DEFAULT authorization. Any time you add an authorization and do not specify either of these characteristics, the ADD command includes the application user name and the wildcard characteristics you have assigned in this DEFAULT authorization to the new authorization.

#2

AAU> DEFAULT/ACL=(IDENTIFIER=[PAYUP,*], ACCESS=CONTROL)
      


Previous Next Contents Index