Previous | Contents | Index |
Displays UDU definitions.
SHOW user-name
Command Qualifier Default /BRIEF Full definition
None
user-name
The OpenVMS user name of the definition you are displaying. Use the wildcard character (*), $ALL, or DEFAULT as the user name. Use the wildcard character to represent a partial user name.
/BRIEF
Displays only the user names in definitions. The default is to display full definitions.
To display all definitions, use the wildcard character (*) as the parameter.
#1 |
---|
UDU> SHOW * User Spec: * User Name: DEFAULT DISPLAY MENU Default Menu: Default MDB: ACMS$DIRECTORY:ACMS.MDB Initial Task: Application: Task: Selection: Final Task: Application: Task: Selection: Language: Printfile: User Name: $ALL DISPLAY MENU Default Menu: Default MDB: ACMS$DIRECTORY:ACMS.MDB Initial Task: Application: Task: Selection: Final Task: Application: Task: Selection: Language: Printfile: |
The SHOW command with the wildcard character (*) displays all definitions in the user authorization file (ACMSUDF.DAT).
#2 |
---|
UDU> SHOW * /BRIEF User Spec: * User Name: $ALL User Name: DEFAULT User Name: CONNOR User Name: WINSTON |
The SHOW/BRIEF command with the wildcard character (*) displays all user names in UDU definitions.
#3 |
---|
UDU> SHOW CONNOR User Name: CONNOR DISPLAY MENU Default Menu: EMPLOYEE Default MDB: ACMS$DIRECTORY:ACMS.MDB Initial Task: IGNORE ERROR Application: EMP_ACCT Task: REGISTERY Selection: LOG_IN.DAT Final Task: IGNORE ERROR Application: EMP_ACCT Task: DAILY_LOG Selection: DAYS_WORK.DAT Language: ENGLISH Printfile: SPOOLDEV::TXA0: |
The SHOW command displays the definition for CONNOR.
Displays one or more proxies in the ACMS proxy file (ACMSPROXY.DAT).
SHOW /PROXY remote-node::remote-user
remote-node
Specifies a remote node name (1 to 6 alphanumeric characters).remote-user
Specifies the user name of a user at a remote node. A valid user name is a string of 1 to 12 alphanumeric characters and can contain underscores and dollar signs.
The SHOW /PROXY command interprets the asterisk as a wildcard character. To display the proxy access for all users in the proxy file, specify either a single asterisk (*) or *::* for <remote-node>::<remote-user>. If you use an asterisk for <remote-node>, all user proxies that match the <remote-user> specification are displayed. If you use an asterisk for <remote-user>, all proxies for users on the specified <remote-node> are displayed.You can also use the wildcard character with the SHOW /PROXY command to represent a partial user proxy. You can use the asterisk as a prefix (for example, *FORD), as a suffix (for example, BICK*), or as both (for example, *CKFOR*).
#1 |
---|
UDU> SHOW /PROXY *::* Remote User: *::BICKFORD Local User: BICKFORD Remote User: COMET::BICKFORD Local User: SUPERVISOR Remote User: COMET::BROWN Local User: BROWN Remote User: COMET::PERSONNEL Local User: PERS_USER Remote User: BRICK::* Local User: RENTAL_AGENT |
This command displays all proxies in the ACMS proxy file. Note that the command SHOW /PROXY * displays the same output.
#2 |
---|
UDU> SHOW /PROXY COMET::PERSONNEL Remote User: COMET::PERSONNEL Local User: PERS_USER |
This command displays a single proxy.
#3 |
---|
UDU> SHOW /PROXY *::BICKFORD Remote User: *::BICKFORD Local User: BICKFORD Remote User: COMET::BICKFORD Local User: BICKFORD |
This command displays proxies using a wildcard for the remote node.
#4 |
---|
UDU> SHOW /PROXY COMET::* Remote User: COMET::BICKFORD Local User: SUPERVISOR Remote User: COMET::BROWN Local User: BROWN Remote User: COMET::PERSONNEL Local User: PERS_USER |
This command displays proxies using a wildcard for the remote user.
#5 |
---|
UDU> SHOW /PROXY COMET::B* Remote User: COMET::BICKFORD Local User: SUPERVISOR Remote User: COMET::BROWN Local User: BROWN |
This command displays proxies using partial wildcarding for the remote user.
This chapter contains reference information and examples for the ACMS Application Authorization Utility (AAU) commands. See Chapter 4 for general information on AAU.
Authorizes one or more application names for installation in ACMS$DIRECTORY.
ADD application-name
Command Qualifiers Default /ACL=(access-control-list[,...]) From DEFAULT definition /APPL_USERNAME=user-name From DEFAULT definition /[NO]DYNAMIC_USERNAMES From DEFAULT definition /SRV_USERNAMES[=(server-user-name[,...])] From DEFAULT definition /[NO]WILD_SUFFIX From DEFAULT definition
None
application-name
The name of the application you want to authorize. The name can be $ALL or a valid RMS file name of up to 39 characters.
/ACL=(access-control-list[,...])
The /ACL qualifier authorizes a user to install an application database file in ACMS$DIRECTORY. When a user enters the ACMS/INSTALL command, ACMS checks the AAU authorization to confirm that the Access Control List (ACL) entries used with the /ACL qualifier include that user name. If the user is not authorized, the ACMS/INSTALL command does not install the application.The Access Control List identifies who can and who cannot install an application. The access control entries for the AAU follow the same format used for OpenVMS except for these restrictions:
- Only the keyword IDENTIFIER is valid.
- ACE options are not supported.
- Access-allowed-mask uses the ACCESS keyword followed by either the access action CONTROL or NONE.
- Protection masks are not supported.
With these restrictions in mind, the general format for specifying an Access Control List is as follows:
/ACL=((IDENTIFIER=identifier[...][,ACCESS=access-action])[,...])
For example:
AAU> ADD PERSONNEL EMPLOYEE /ACL=(IDENTIFIER=[PAYUP,JONES], - _AAU> ACCESS=CONTROL)Each time you specify an identifier and optionally an access action code, you describe one access control entry. You can, however, specify a string of access control entries, separated by commas, as indicated by the ellipsis [,...]. Together, access control entries constitute the Access Control List for a particular application.
Refer to OpenVMS DCL Dictionary for more information about Access Control Lists and entries.
/APPL_USERNAME=user-name
Identifies the user name of an application. The ACMS/INSTALL command does not install the application database file in ACMS$DIRECTORY unless the application user name in the application matches the one you specify with the /APPL_USERNAME qualifier. If you specify the wildcard character (*) instead of a user name, the wildcard user name automatically matches any user name specified in the application the user tries to install.By default, AAU uses the setting assigned in the DEFAULT authorization. AAU assigns the default setting /APPL_USERNAME=* when the ACMSAAF.DAT file is first created.
/[NO]DYNAMIC_USERNAMES
Allows a user to install an application database file if the setting you assign with the /[NO]DYNAMIC_USERNAMES qualifier matches that in the application. For example, if you do not want an application installed that allows servers to use dynamic user names or "USERNAME OF SUBMITTER", use the /NODYNAMIC_USERNAMES qualifier. If you want an application installed that allows servers to use dynamic user names, use the /DYNAMIC_USERNAMES qualifier.By default, AAU uses the setting assigned in the DEFAULT authorization. AAU assigns /NODYNAMIC_USERNAMES as the default setting when the ACMSAAF.DAT file is first created.
/SRV_USERNAMES[=(server-user-name[,...])]
Specifies one or more server user names that are associated with the application you are authorizing. The ACMS/INSTALL command installs an application if the server user names that you specify with the /SRV_USERNAMES qualifier match those in the application database file. If you specify the wildcard character (*) for a server user name, the wildcard user name automatically matches all server user names specified in the application.If you do not want to authorize any server user names, include the /SRV_USERNAMES qualifier without any specifiers. For example:
AAU> ADD INVESTMENT /SRV_USERNAMESBy default, AAU uses the setting assigned in the DEFAULT authorization. AAU assigns the default setting /SRV_USERNAMES=* when the ACMSAAF.DAT file is first created.
/[NO]WILD_SUFFIX
Allows a user to install or prevents a user from installing any application whose name begins with the letters of the application name you are authorizing. For example, the following command allows the user with UIC [PERSONNEL,RICHARD] to install any application name that starts with the letters INVAPPL:
AAU> ADD INVAPPL /ACL=(IDENTIFIER=[PERSONNEL,RICHARD], - _AAU> ACCESS=CONTROL) /WILD_SUFFIXOnce this command is in effect, user [PERSONNEL,RICHARD] can install applications with names such as INVAPPL, INVAPPL1, and INVAPPL2.
By default, AAU uses the setting assigned in the DEFAULT authorization. AAU assigns the default setting /NOWILD_SUFFIX when the ACMSAAF.DAT file is first created.
To create an authorization for a single application, use the RMS name of that application as the application name. To create an authorization for all applications, use the keyword $ALL as the application name.AAU then stores the authorizations you create in the ACMSAAF.DAT file in your default directory. When a user enters the ACMS/INSTALL operator command to install an application database file, however, ACMS looks for the ACMSAAF.DAT file in SYS$SYSTEM. If you choose to locate ACMSAAF.DAT in a directory other than SYS$SYSTEM, you must define an EXEC mode logical, ACMSAAF, to point to that directory.
#1 |
---|
AAU> ADD PERSONNEL |
This command authorizes the application named PERSONNEL to be installed in ACMS$DIRECTORY. Because the command has no qualifiers, the new authorization receives information from the DEFAULT authorization.
#2 |
---|
AAU> ADD $ALL |
This command creates a $ALL authorization that lets any authorized user install any application. The $ALL authorization receives from the DEFAULT authorization any information you do not include with qualifiers.
#3 |
---|
AAU> ADD EMPLOYEE /APPL_USERNAME=GORDON |
This command authorizes the application named EMPLOYEE and includes the application user name GORDON. The application database file for EMPLOYEE cannot be installed unless it has the application user name of GORDON. The rest of the information for the authorization comes from the DEFAULT authorization.
Makes a copy of an existing authorization.
COPY source-application-name new-application-name
Command Qualifiers Default /ACL=(access-control-list[,...]) From source authorization /APPL_USERNAME=user-name From source authorization /[NO]DYNAMIC_USERNAMES From source authorization /SRV_USERNAMES[=(server-user-name[,...])] From source authorization /[NO]WILD_SUFFIX From source authorization
None
source-application-name
The name of the application whose authorization you want to copy. It can be a valid file name of up to 39 characters, $ALL, or DEFAULT.new-application-name
The application name you give to the new version of the source authorization. It can be a valid RMS file name or $ALL.
/ACL=(access-control-list[,...])
The /ACL qualifier authorizes a user to install an application database file in ACMS$DIRECTORY. The Access Control List identifies who can and who cannot install an application. See the description of the /ACL qualifier under the ADD command for more information about the /ACL qualifier and rules for specifying Access Control Lists./APPL_USERNAME=user-name
Identifies the user name of an application. The ACMS/INSTALL command does not install the application database file in ACMS$DIRECTORY unless the application user name in the application database file matches the one you specify with the /APPL_USERNAME qualifier. If you specify the wildcard character (*) instead of a user name, the wildcard user name automatically matches any user name specified in the application that a user tries to install.By default, AAU uses the setting assigned in the DEFAULT authorization. AAU assigns the default setting /APPL_USERNAME=* when the ACMSAAF.DAT file is first created.
/[NO]DYNAMIC_USERNAMES
Allows a user to install an application database file if the setting you assign with the /[NO]DYNAMIC_USERNAMES qualifier matches that in the application. For example, if you do not want an application installed that allows servers to use dynamic user names or "USERNAME OF SUBMITTER", use the /NODYNAMIC_USERNAMES qualifier. If you want an application installed that allows servers to use dynamic user names, use the /DYNAMIC_USERNAMES qualifier.By default, AAU uses the setting assigned in the DEFAULT authorization. AAU assigns /NODYNAMIC_USERNAMES as the default setting when the ACMSAAF.DAT file is first created.
/SRV_USERNAMES[=(server-user-name[,...])]
Specifies one or more server user names that are associated with the application you are authorizing. The ACMS/INSTALL command installs an application if the server user names that you specify with the /SRV_USERNAMES qualifier match those in the application database file. If you specify the wildcard character (*) for a server user name, the wildcard user name automatically matches all server user names specified in the application.If you do not want to authorize any server user names, include the /SRV_USERNAMES qualifier without any specifiers. For example:
AAU> COPY INVESTMENT /SRV_USERNAMESBy default, AAU uses the setting assigned in the DEFAULT authorization. AAU assigns the default setting /SRV_USERNAMES=* when the ACMSAAF.DAT file is first created.
/[NO]WILD_SUFFIX
Allows a user to install or prevents a user from installing any application whose name begins with the letters of the application name you are authorizing. For example, the following command allows the user with UIC [PERSONNEL,RICHARD] to copy any application name that starts with the letters INVAPPL:
AAU> COPY INVAPPL /ACL=(IDENTIFIER=[PERSONNEL,RICHARD], - _AAU> ACCESS=CONTROL)/WILD_SUFFIXOnce this command is in effect, user [PERSONNEL,RICHARD] can install applications with names such as INVAPPL, INVAPPL1, and INVAPPL2.
By default, AAU uses the setting assigned in the DEFAULT authorization. AAU assigns the default setting /NOWILD_SUFFIX when the ACMSAAF.DAT file is first created.
None
#1 |
---|
AAU> COPY PERSONNEL EMPLOYEE |
This command creates the EMPLOYEE authorization, copying all information from the PERSONNEL authorization.
#2 |
---|
AAU> COPY PERSONNEL EMPLOYEE /SRV_USERNAMES=EMPLOYEE_SRV |
This command creates the EMPLOYEE authorization, copying information from the PERSONNEL authorization. The /SRV_USERNAMES qualifier assigns the EMPLOYEE_SRV server user name to the EMPLOYEE application authorization.
#3 |
---|
AAU> COPY PERSONNEL EMPLOYEE /APPL_USERNAME=ACCOUNT |
This command creates a new authorization with the name EMPLOYEE, copying information from the authorization for PERSONNEL. The /APPL_USERNAME qualifier overrides the application user name from the source authorization, so the authorization for EMPLOYEE receives an application user name of ACCOUNT.
#4 |
---|
AAU> COPY PERSONNEL EMPLOYEE- AAU>_ /ACL=(IDENTIFIER=[PAYUP,JONES], ACCESS=CONTROL) |
This command makes a copy of the PERSONNEL authorization and names it EMPLOYEE. The /ACL qualifier gives the new EMPLOYEE authorization a new access control entry.
Changes information in the DEFAULT authorization.
DEFAULT
Command Qualifiers Default /ACL=(access-control-list[,...]) From existing authorization /APPL_USERNAME=user-name From existing authorization /[NO]DYNAMIC_USERNAMES From existing authorization /SRV_USERNAMES[=(server-user-name[,...])] From existing authorization /[NO]WILD_SUFFIX From existing authorization
None
/ACL=(access-control-list[,...])
The /ACL qualifier authorizes a user to install an application database file in ACMS$DIRECTORY. The Access Control List identifies who can and who cannot install an application. See the description of the /ACL qualifier under the ADD command for more information about the /ACL qualifier and rules for specifying Access Control Lists./APPL_USERNAME=user-name
Identifies the default user name of an application in the application authorization file. The ACMS/INSTALL command does not install the application database file in ACMS$DIRECTORY unless the application user name in the application database file matches the one you specify with the /APPL_USERNAME qualifier, either in the default definition, or through the AAU ADD or other commands.. If you specify the wildcard character (*) instead of a user name, the wildcard user name automatically matches any user name specified in the application that a user tries to install.By default, AAU uses the setting assigned in the DEFAULT authorization. AAU assigns the default setting /APPL_USERNAME=* when the ACMSAAF.DAT file is first created.
/[NO]DYNAMIC_USERNAMES
Allows a user to install an application database file if the setting you assign with the /[NO]DYNAMIC_USERNAMES qualifier matches the setting in the application. For example, if you do not want an application installed that allows servers to use dynamic user names or "USERNAME OF SUBMITTER", use the /NODYNAMIC_USERNAMES qualifier. If you want an application installed that allows servers to use dynamic user names, use the /DYNAMIC_USERNAMES qualifier.By default, AAU uses the setting assigned in the DEFAULT authorization. AAU assigns /NODYNAMIC_USERNAMES as the default setting when the ACMSAAF.DAT file is first created.
/SRV_USERNAMES[=(server-user-name[,...])]
Specifies one or more server user names that are associated with the default application authorization. The ACMS/INSTALL command installs an application using the default server user names unless otherwise specified in the specific application authorization with the /SRV_USERNAMES. The server names specified, whether by default or not, must match those in the application database file. If you specify the wildcard character (*) for a server user name, the wildcard user name automatically matches all server user names specified in the application.If you do not want to authorize any default server user names, include the /SRV_USERNAMES qualifier without any specifiers. For example:
AAU> DEFAULT/SRV_USERNAMESBy default, AAU uses the setting assigned in the DEFAULT authorization. AAU assigns the default setting /SRV_USERNAMES=* when the ACMSAAF.DAT file is first created.
/[NO]WILD_SUFFIX
Sets the wildcard attribute for the default authorization record. The /[NO]WILD_SUFFIX allows a user to install or prevents a user from installing any application whose name begins with the letters of the application name you are authorizing. For example, the following command allows the user with UIC [PERSONNEL,RICHARD] to install by default any application with wildcards, unless otherwise specified by particular application authorizations.
AAU> DEFAULT/ACL=(IDENTIFIER=[PERSONNEL,RICHARD], - _AAU> ACCESS=CONTROL)WILD_SUFFIXOnce this command is in effect, user [PERSONNEL,RICHARD] can install applications with names such as INVAPPL, INVAPPL1, and INVAPPL2.
By default, AAU uses the setting assigned in the DEFAULT authorization. AAU assigns the default setting /NOWILD_SUFFIX when the ACMSAAF.DAT file is first created.
The ADD command is the only command affected by the DEFAULT authorization. When you use the ADD command to create a new authorization, the new authorization takes the default information assigned in the DEFAULT authorization. Use qualifiers with the ADD command to override information from the DEFAULT authorization.When you use the DEFAULT command, you do not need to include DEFAULT as the application name.
AAU creates the ACMSAAF.DAT file and a DEFAULT authorization when you first run AAU.
If you omit one or more qualifiers from the DEFAULT command, the new DEFAULT authorization retains the information that already exists.
Both the DEFAULT and the MODIFY commands let you modify the DEFAULT authorization. The DEFAULT command, however, lets you change the DEFAULT authorization only. The MODIFY command serves a more general use and lets you modify any authorization in the ACMSAAF.DAT database file.
The changes made with the DEFAULT command remain in effect until you modify the DEFAULT authorization again. The original settings assigned to the DEFAULT authorization are not restored at the end of the AAU session.
#1 |
---|
AAU> DEFAULT /APPL_USERNAME=EMPLOYEE /WILD_SUFFIX |
This DEFAULT command assigns the application user name EMPLOYEE and the wildcard characteristic to the DEFAULT authorization. Any time you add an authorization and do not specify either of these characteristics, the ADD command includes the application user name and the wildcard characteristics you have assigned in this DEFAULT authorization to the new authorization.
#2 |
---|
AAU> DEFAULT/ACL=(IDENTIFIER=[PAYUP,*], ACCESS=CONTROL) |
Previous Next Contents Index