|
|
Updated:
11 December 1998
|
OpenVMS System Management Utilities Reference
Manual
By default, a user has full access every day. See the DCL command SET
DAY in the OpenVMS DCL Dictionary for information about overriding the defaults
for primary and secondary day types.
All the list elements are optional. Unless you specify hours for a day
type, access is permitted for the entire day. By specifying an access
time, you prevent access at all other times. Adding NO to the qualifier
denies the user access to the system for the specified period of time.
See the following examples.
/ACCESS
|
Allows unrestricted access
|
/NOACCESS=SECONDARY
|
Allows access on primary days only
|
/ACCESS=(9-17)
|
Allows access from 9 A.M. to 5:59 P.M. on all days
|
/NOACCESS=(PRIMARY, 9-17, SECONDARY, 18-8)
|
Disallows access between 9 A.M. to 5:59 P.M. on primary days but allows
access during these hours on secondary days
|
To specify access hours for specific types of access, see the /BATCH,
/DIALUP, /INTERACTIVE, /LOCAL, /NETWORK, and /REMOTE qualifiers.
/ACCOUNT=account-name
Specifies the default name for the account (for example, a billing name or number). The name can be a string of 1 to 8 alphanumeric characters. By default, AUTHORIZE does not assign an account name.
/ADD_IDENTIFIER (default)
/NOADD_IDENTIFIER
Adds a user (user name and account name) to the rights database. The /NOADD_IDENTIFIER does not create a rights list identifier (user name and account name).
/ALGORITHM=keyword=type [=value]
Sets the password encryption algorithm for a user. The keyword VMS
refers to the algorithm used in the operating system version that is
running on your system, whereas a customer algorithm is one that is
added through the $HASH_PASSWORD system service by a customer site, by
a layered product, or by a third party. The customer algorithm is
identified in $HASH_PASSWORD by an integer in the range of 128 to 255.
It must correspond with the number used in the AUTHORIZE command
MODIFY/ALGORITHM. By default, passwords are encrypted with the VMS
algorithm for the current version of the operating system.
Keyword |
Function |
BOTH
|
Set the algorithm for primary and secondary passwords.
|
CURRENT
|
Set the algorithm for the primary, secondary, both, or no passwords,
depending on account status. CURRENT is the default value.
|
PRIMARY
|
Set the algorithm for the primary password only.
|
SECONDARY
|
Set the algorithm for the secondary password only.
|
The following table lists password encryption algorithms:
Type |
Definition |
VMS
|
The algorithm used in the version of the operating system that is
running on your system.
|
CUSTOMER
|
A numeric value in the range of 128 to 255 that identifies a customer
algorithm.
|
The following example selects the VMS algorithm for Sontag's primary
password:
UAF> MODIFY SONTAG/ALGORITHM=PRIMARY=VMS
|
If you select a site-specific algorithm, you must give a value to
identify the algorithm, as follows:
UAF> MODIFY SONTAG/ALGORITHM=CURRENT=CUSTOMER=128
|
/ASTLM=value
Specifies the AST queue limit, which is the total number of
asynchronous system trap (AST) operations and scheduled wake-up
requests that the user can have queued at one time. The default is 40
on VAX systems and 250 on Alpha systems.
/BATCH[=(range[,...])]
Specifies the hours of access permitted for batch jobs. For a
description of the range specification, see the /ACCESS qualifier. By
default, a user can submit batch jobs any time.
/BIOLM=value
Specifies a buffered I/O count limit for the BIOLM field of the UAF
record. The buffered I/O count limit is the maximum number of buffered
I/O operations, such as terminal I/O, that can be outstanding at one
time. The default is 40 on VAX systems and 150 on Alpha systems.
/BYTLM=value
Specifies the buffered I/O byte limit for the BYTLM field of the UAF
record. The buffered I/O byte limit is the maximum number of bytes of
nonpaged system dynamic memory that a user's job can consume at one
time. Nonpaged dynamic memory is used for operations such as I/O
buffering, mailboxes, and file-access windows. The default is 32768 on
VAX systems and 64000 on Alpha systems.
/CLI=cli-name
Specifies the name of the default command language interpreter (CLI)
for the CLI field of the UAF record. The cli-name is a string
of 1 to 31 alphanumeric characters and should be either DCL or MCR. The
default is DCL. This setting is ignored for network jobs.
/CLITABLES=filespec
Specifies user-defined CLI tables for the account. The
filespec can contain 1 to 31 characters. The default is
SYS$LIBRARY:DCLTABLES. Note that this setting is ignored for network
jobs to guarantee that the system-supplied command procedures used to
implement network objects function properly.
/CPUTIME=time
Specifies the maximum process CPU time for the CPU field of the UAF
record. The maximum process CPU time is the maximum amount of CPU time
a user's process can take per session. You must specify a delta time
value. For a discussion of delta time values, refer to the
OpenVMS User's Manual. The default is 0, which means an infinite amount of time.
/DEFPRIVILEGES=([NO]privname[,...])
Specifies default privileges for the user; that is, those enabled at
login time. A NO prefix removes a privilege from the user. By
specifying the keyword [NO]ALL with the /DEFPRIVILEGES qualifier, you
can disable or enable all user privileges. The default privileges are
TMPMBX and NETMBX. Privname is the name of the privilege.
/DEVICE=device-name
Specifies the name of the user's default device at login. The
device-name is a string of 1 to 31 alphanumeric characters. If
you omit the colon from the device-name value, AUTHORIZE
appends a colon. The default device is SYS$SYSDISK.
If you specify a logical name as the device-name (for example,
DISK1: for DUA1:), you must make an entry for the logical name in the
LNM$SYSTEM_TABLE in executive mode by using the DCL command
DEFINE/SYSTEM/EXEC.
/DIALUP[=(range[,...])]
Specifies hours of access permitted for dialup logins. For a
description of the range specification, see the /ACCESS qualifier. The
default is full access.
/DIOLM=value
Specifies the direct I/O count limit for the DIOLM field of the UAF
record. The direct I/O count limit is the maximum number of direct I/O
operations (usually disk) that can be outstanding at one time. The
default is 40 on VAX systems and 150 on Alpha systems.
/DIRECTORY=directory-name
Specifies the default directory name for the DIRECTORY field of the UAF
record. The directory-name can be 1 to 39 alphanumeric
characters. If you do not enclose the directory name in brackets,
AUTHORIZE adds the brackets for you. The default directory name is
[USER].
/ENQLM=value
Specifies the lock queue limit for the ENQLM field of the UAF record.
The lock queue limit is the maximum number of locks that can be queued
by the user at one time. The default is 200 on VAX systems and 2000 on
Alpha systems.
/EXPIRATION=time (default)
/NOEXPIRATION
Specifies the expiration date and time of the account. The
/NOEXPIRATION qualifier removes the expiration date on the account or
resets the expiration time for expired accounts. The default expiration
time period is 90 days for nonprivileged users.
/FILLM=value
Specifies the open file limit for the FILLM field of the UAF record.
The open file limit is the maximum number of files that can be open at
one time, including active network logical links. The default is 300 on
VAX systems and 100 on Alpha systems.
/FLAGS=([NO]option[,...])
Specifies login flags for the user. The prefix NO clears the flag. The
options are as follows:
AUDIT
|
Enables or disables mandatory security auditing for a specific user. By
default, the system does not audit the activities of specific users
(NOAUDIT).
|
AUTOLOGIN
|
Restricts the user to the automatic login mechanism when logging in to
an account. When set, the flag disables login by any terminal that
requires entry of a user name and password. The default is to require a
user name and password (NOAUTOLOGIN).
|
CAPTIVE
|
Prevents the user from changing any defaults at login, for example,
/CLI or /LGICMD. It prevents the user from escaping the captive login
command procedure specified by the /LGICMD qualifier and gaining access
to the DCL command level. Refer to "Guidelines for Captive Command
Procedures" in the OpenVMS Guide to System Security.
The CAPTIVE flag also establishes an environment where Ctrl/Y
interrupts are initially turned off; however, command procedures can
still turn on Ctrl/Y interrupts with the DCL command SET CONTROL=Y. By
default, an account is not captive (NOCAPTIVE).
|
DEFCLI
|
Restricts the user to the default command interpreter by prohibiting
the use of the /CLI qualifier at login; the MCR command can still be
used. By default, a user can choose a CLI (NODEFCLI).
|
DISCTLY
|
Establishes an environment where Ctrl/Y interrupts are initially turned
off and are invalid until a SET CONTROL=Y is encountered. This could
happen in SYLOGIN.COM or in a procedure called by SYLOGIN.COM. Once a
SET CONTROL=Y is executed (which requires no privilege), a user can
enter a Ctrl/Y and reach the DCL prompt ($). If the intent of DISCTLY
is to force execution of the login command files, then SYLOGIN.COM
should issue the DCL command SET CONTROL=Y to turn on Ctrl/Y interrupts
before exiting. By default, Ctrl/Y is enabled (NODISCTLY).
|
DISFORCE_PWD_CHANGE
|
Removes the requirement that a user must change an expired password at
login. By default, a person can use an expired password only once
(NODISFORCE_PWD_CHANGE) and then is forced to change the password after
logging in. If the user does not select a new password, the user is
locked out of the system.
To use this feature, set a password expiration date with the
/PWDLIFETIME qualifier.
|
DISIMAGE
|
Prevents the user from executing RUN, MCR, and foreign commands. By
default, a user can execute RUN, MCR, and foreign commands (NODISIMAGE).
|
DISMAIL
|
Disables mail delivery to the user. By default, mail delivery is
enabled (NODISMAIL).
|
DISNEWMAIL
|
Suppresses announcements of new mail at login. By default, the system
announces new mail (NODISNEWMAIL).
|
DISPWDDIC
|
Disables automatic screening of new passwords against a system
dictionary. By default, passwords are automatically screened
(NODISPWDDIC).
|
DISPWDHIS
|
Disables automatic checking of new passwords against a list of the
user's old passwords. By default, the system screens new passwords
(NODISPWDHIS).
|
DISRECONNECT
|
Disables automatic reconnection to an existing process when a terminal
connection has been interrupted. By default, automatic reconnection is
enabled (NODISRECONNECT).
|
DISREPORT
|
Suppresses reports of the last login time, login failures, and other
security reports. By default, login information is displayed
(NODISREPORT).
|
DISUSER
|
Disables the account so the user cannot log in. For example, the
DEFAULT account is disabled. By default, an account is enabled
(NODISUSER).
|
DISWELCOME
|
Suppresses the welcome message (an informational message displayed
during a local login). This message usually indicates the version
number of the operating system that is running and the name of the node
on which the user is logged in. By default, a system login message
appears (NODISWELCOME).
|
EXTAUTH
|
Considers user to be authenticated by an external user name and
password, not by the SYSUAF user name and password. (The system still
uses the SYSUAF record to check a user's login restrictions and quotas
and to create the user's process profile.)
|
GENPWD
|
Restricts the user to generated passwords. By default, users choose
their own passwords (NOGENPWD).
|
LOCKPWD
|
Prevents the user from changing the password for the account. By
default, users can change their passwords (NOLOCKPWD).
|
PWD_EXPIRED
|
Marks a password as expired. The user cannot log in if this flag is
set. The LOGINOUT.EXE image sets the flag when both of the following
conditions exist: a user logs in with the DISFORCE_PWD_CHANGE flag set,
and the user's password expires. A system manager can clear this flag.
By default, passwords are not expired after login (NOPWD_EXPIRED).
|
PWD2_EXPIRED
|
Marks a secondary password as expired. Users cannot log in if this flag
is set. The LOGINOUT.EXE image sets the flag when both of the following
conditions exist: a user logs in with the DISFORCE_PWD_CHANGE flag set,
and the user's password expires. A system manager can clear this flag.
By default, passwords are not set to expire after login
(NOPWD2_EXPIRED).
|
RESTRICTED
|
Prevents the user from changing any defaults at login (for example, by
specifying /LGICMD) and prohibits user specification of a CLI with the
/CLI qualifier. The RESTRICTED flag establishes an environment where
Ctrl/Y interrupts are initially turned off; however, command procedures
can still turn on Ctrl/Y interrupts with the DCL command SET CONTROL=Y.
Typically, this flag is used to prevent an applications user from
having unrestricted access to the CLI. By default, a user can change
defaults (NORESTRICTED).
|
/GENERATE_PASSWORD[=keyword]
/NOGENERATE_PASSWORD (default)
Invokes the password generator to create user passwords. Generated
passwords can consist of 1 to 10 characters. Specify one of the
following keywords:
BOTH
|
Generate primary and secondary passwords.
|
CURRENT
|
Do whatever the DEFAULT account does (for example, generate primary,
secondary, both, or no passwords). This is the default keyword.
|
PRIMARY
|
Generate primary password only.
|
SECONDARY
|
Generate secondary password only.
|
When you modify a password, the new password expires automatically; it
is valid only once (unless you specify /NOPWDEXPIRED). On login, users
are forced to change their passwords (unless you specify
/FLAGS=DISFORCE_PWD_CHANGE).
Note that the /GENERATE_PASSWORD and /PASSWORD qualifiers are mutually
exclusive.
/INTERACTIVE[ =(range[,...])]
/NOINTERACTIVE
Specifies the hours of access for interactive logins. For a description
of the range specification, see the /ACCESS qualifier. By default,
there are no access restrictions on interactive logins.
/JTQUOTA=value
Specifies the initial byte quota with which the jobwide logical name
table is to be created. By default, the value is 4096 on VAX systems
and 4096 on Alpha systems.
/LGICMD=filespec
Specifies the name of the default login command file. The file name
defaults to the device specified for /DEVICE, the directory specified
for /DIRECTORY, a file name of LOGIN, and a file type of .COM. If you
select the defaults for all these values, the file name is
SYS$SYSTEM:[USER]LOGIN.COM.
/LOCAL[=(range[,...])]
Specifies hours of access for interactive logins from local terminals.
For a description of the range specification, see the /ACCESS
qualifier. By default, there are no access restrictions on local logins.
/MAXACCTJOBS=value
Specifies the maximum number of batch, interactive, and detached
processes that can be active at one time for all users of the same
account. By default, a user has a maximum of 0, which represents an
unlimited number.
/MAXDETACH=value
Specifies the maximum number of detached processes with the cited user
name that can be active at one time. To prevent the user from creating
detached processes, specify the keyword NONE. By default, a user has a
value of 0, which represents an unlimited number.
/MAXJOBS=value
Specifies the maximum number of processes (interactive, batch,
detached, and network) with the cited user name that can be active
simultaneously. The first four network jobs are not counted. By
default, a user has a maximum value of 0, which represents an unlimited
number.
/NETWORK[=(range[,...])]
Specifies hours of access for network batch jobs. For a description of how to specify the range, see the /ACCESS qualifier. By default, network logins have no access restrictions.
/OWNER=owner-name
Specifies the name of the owner of the account. You can use this name for billing purposes or similar applications. The owner name is 1 to 31 characters. No default owner name exists.
/PASSWORD=(password1[,password2])
/NOPASSWORD
Specifies up to two passwords for login. Passwords can be from 0 to 32
characters in length and can include alphanumeric characters, dollar
signs, and underscores. Avoid using the word password as the
actual password. Use the /PASSWORD qualifier as follows:
- To set only the first password and clear the second, specify
/PASSWORD=password.
- To set both the first and second password, specify
/PASSWORD=(password1, password2).
- To change the first password without affecting the second, specify
/PASSWORD=(password, "").
- To change the second password without affecting the first, specify
/PASSWORD=("", password).
- To set both passwords to null, specify /NOPASSWORD.
When you modify a password, the new password expires automatically; it
is valid only once (unless you specify /NOPWDEXPIRED). On login, the
user is forced to change the password (unless you specify
/FLAGS=DISFORCE_PWD_CHANGE).
Note that the /GENERATE_PASSWORD and /PASSWORD qualifiers are mutually
exclusive.
By default, the ADD command assigns the password USER. When you create
a new UAF record with the COPY or RENAME command, you must specify a
password. Avoid using the word password as the actual password.
/PBYTLM
This flag is reserved for Compaq.
/PGFLQUOTA=value
Specifies the paging file limit. This is the maximum number of pages
that the person's process can use in the system paging file. By
default, the value is 32768 pages on VAX systems and 50000 pagelets on
Alpha systems.
If decompressing libraries, make sure to set PGFLQUOTA to twice the
size of the library.
/PRCLM=value
Specifies the subprocess creation limit. This is the maximum number of
subprocesses that can exist at one time for the specified user's
process. By default, the value is 2 on VAX systems and 8 on Alpha
systems.
/PRIMEDAYS=([NO]day[,...])
Defines the primary and secondary days of the week for logging in.
Specify the days as a list separated by commas, and enclose the list in
parentheses. To specify a secondary day, prefix the day with NO (for
example, NOFRIDAY). To specify a primary day, omit the NO prefix.
By default, primary days are Monday through Friday and secondary days
are Saturday and Sunday. If you omit a day from the list, AUTHORIZE
uses the default value. (For example, if you omit Monday from the list,
AUTHORIZE defines Monday as a primary day.)
Use the primary and secondary day definitions in conjunction with such
qualifiers as /ACCESS, /INTERACTIVE, and /BATCH.
/PRIORITY=value
Specifies the default base priority. The value is an integer in the
range of 0 to 31 on VAX systems and 0 to 63 on Alpha systems. By
default, the value is set to 4 for timesharing users.
/PRIVILEGES=([NO]privname[,...])
Specifies which privileges the user is authorized to hold, although
these privileges are not necessarily enabled at login. (The
/DEFPRIVILEGES qualifier determines which ones are enabled.) A NO
prefix removes the privilege from the user. The keyword NOALL disables
all user privileges. Many privileges have varying degrees of power and
potential system impact (see the OpenVMS Guide to System Security for a detailed
discussion). By default, a user holds TMPMBX and NETMBX privileges.
Privname is the name of the privilege.
/PWDEXPIRED (default)
/NOPWDEXPIRED
Specifies the password is valid for only one login. A user must change
a password immediately after login or be locked out of the system. The
system warns users of password expiration. A user can either specify a
new password, with the DCL command SET PASSWORD, or wait until
expiration and be forced to change. By default, a user must change a
password when first logging in to an account. The default is applied to
the account only when the password is being modified.
/PWDLIFETIME=time (default)
/NOPWDLIFETIME
Specifies the length of time a password is valid. Specify a delta time
value in the form [dddd-] [hh:mm:ss.cc]. For example, for a lifetime of
120 days, 0 hours, and 0 seconds, specify /PWDLIFETIME="120-". For a
lifetime of 120 days 12 hours, 30 minutes and 30 seconds, specify
/PWDLIFETIME="120-12:30:30". If a period longer than the specified time
elapses before the user logs in, the system displays a warning message.
The password is marked as expired.
To prevent a password from expiring, specify the time as NONE. By
default, a password expires in 90 days.
/PWDMINIMUM=value
Specifies the minimum password length in characters. Note that this
value is enforced only by the DCL command SET PASSWORD. It does not
prevent you from entering a password shorter than the minimum length
when you use AUTHORIZE to create or modify an account. By default, a
password must have at least 6 characters. The value specified by the
/PWDMINIMUM qualifier conflicts with the value used by the
/GENERATE_PASSWORD qualifier or the DCL command SET PASSWORD/GENERATE,
the operating system chooses the lesser value. The maximum value for
generated passwords is 10.
/QUEPRIO=value
Reserved for future use.
/REMOTE[=(range[,...])]
Specifies hours during which access is permitted for interactive logins
from network remote terminals (with the DCL command SET HOST). For a
description of the range specification, see the /ACCESS qualifier. By
default, remote logins have no access restrictions.
/SHRFILLM=value
Specifies the maximum number of shared files that the user can have
open at one time. By default, the system assigns a value of 0, which
represents an infinite number.
/TQELM
Specifies the total number of entries in the timer queue plus the
number of temporary common event flag clusters that the user can have
at one time. By default, a user can have 10.
/UIC=value
Specifies the user identification code (UIC). The UIC value is a group
number in the range from 1 to 37776 (octal) and a member number in the
range from 0 to 177776 (octal), which are separated by a comma and
enclosed in brackets. Compaq reserves group 1 and groups 300--377 for
its own use.
Each user must have a unique UIC. By default, the UIC value is
[200,200].
/WSDEFAULT=value
Specifies the default working set limit. This represents the initial
limit to the number of physical pages the process can use. (The user
can alter the default quantity up to WSQUOTA with the DCL command SET
WORKING_SET.) By default, a user has 256 pages on VAX systems and 2000
pagelets on Alpha systems.
The value cannot be greater than WSMAX. This quota value replaces
smaller values of PQL_MWSDEFAULT.
/WSEXTENT=value
Specifies the working set maximum. This represents the maximum amount
of physical memory allowed to the process. The system provides memory
to a process beyond its working set quota only when it has excess free
pages. The additional memory is recalled by the system if needed.
The value is an integer equal to or greater than WSQUOTA. By default,
the value is 1024 pages on VAX systems and 16384 pagelets on Alpha
systems. The value cannot be greater than WSMAX. This quota value
replaces smaller values of PQL_MWSEXTENT.
/WSQUOTA=value
Specifies the working set quota. This is the maximum amount of physical
memory a user process can lock into its working set. It also represents
the maximum amount of swap space that the system reserves for this
process and the maximum amount of physical memory that the system
allows the process to consume if the systemwide memory demand is
significant.
The value cannot be greater than the value of WSMAX and cannot exceed
64K pages. This quota value replaces smaller values of PQL_MWSQUOTA.
Description
When you do not specify a value for a field, AUTHORIZE uses values from
the DEFAULT record (excluding the default password, which is always
USER). The DEFAULT account serves as a template for creating user
records in the system user authorization file.
On Alpha systems, the DEFAULT account is as follows:
Username: DEFAULT Owner:
Account: UIC: [200,200] ([FIELD,USERP])
CLI: DCL Tables: DCLTABLES
Default: SYS$SYSDEVICE:[USER]
LGICMD: LOGIN
Flags: DisUser
Primary days: Mon Tue Wed Thu Fri
Secondary days: Sat Sun
No access restrictions
Expiration: (none) Pwdminimum: 6 Login Fails: 0
Pwdlifetime: 90 00:00 Pwdchange: (pre-expired)
Last Login: (none) (interactive), (none) (non-interactive)
Maxjobs: 0 Fillm: 100 Bytlm: 64000
Maxacctjobs: 0 Shrfillm: 0 Pbytlm: 0
Maxdetach: 0 BIOlm: 150 JTquota: 4096
Prclm: 8 DIOlm: 150 WSdef: 2000
Prio: 4 ASTlm: 250 WSquo: 4000
Queprio: 0 TQElm: 10 WSextent: 16384
CPU: (none) Enqlm: 2000 Pgflquo: 50000
Authorized Privileges:
TMPMBX NETMBX
Default Privileges:
TMPMBX NETMBX
|
On VAX systems, the DEFAULT account is as follows:
Username: DEFAULT Owner:
Account: UIC: [200,200] ([DEFAULT])
CLI: DCL Tables: DCLTABLES
Default: SYS$SYSDEVICE:[USER]
LGICMD: LOGIN
Flags: DisUser
Primary days: Mon Tue Wed Thu Fri
Secondary days: Sat Sun
No access restrictions
Expiration: (none) Pwdminimum: 6 Login Fails: 0
Pwdlifetime: 90 00:00 Pwdchange: (pre-expired)
Last Login: (none) (interactive) (none) (non-interactive)
Maxjobs: 0 Fillm: 300 Bytlm: 32768
Maxacctjobs: 0 Shrfillm: 0 Pbytlm: 0
Maxdetach: 0 BIOlm: 40 JTquota: 4096
Prclm: 2 DIOlm: 40 WSdef: 256
Prio: 4 ASTlm: 40 WSquo: 512
Queprio: 0 TQElm: 10 WSextent: 1024
CPU: (none) Enqlm: 200 Pgflquo: 32768
Authorized Privileges:
TMPMBX NETMBX
Default Privileges:
TMPMBX NETMBX
|
When you add a new account, specify values for fields that you want to
be different. Typically, changing the default values for
limits1, priority, privileges, or the command interpreter is
not necessary. As a result, you enter only the password, UIC,
directory, owner, account, and device.
Note
1 Note that limits are also set by
system parameters. To be effective, the limits you set through
AUTHORIZE must be within the minimum limits determined by the
corresponding system parameters (particularly those beginning with the
PQL prefix).
|