This option allows you to create and update the user profile for a specified user-id.
On selecting Option 2 on the SSM screen, the following screen is displayed.
U S E R S F I L E M A I N T E N A N C E -------------------------------------------------------------------------------- User ID > 0 Description : 1 Password : 13 Status : 2 Expiration Date : 14 Type : 3 Validity Period : 15 Messages : 4 No of prior pswds : 16 Language : 5 Allowed Paths : 17 System Names : 6 Disallowed Paths : 18 Network IDs : 7 Default Account Name : 19 Network Pswds : 8 Default Logon Proc : 20 Ret. Locks : 9 Logon Retries : 21 Update Locks : 10 Log Failed Attempts : 22 Verb file path: 11 PLIDs : 23 Environment : 12 Profile IDs : Enter user id. (or 'CR' to exit, '?' for list, 'D' for default or '*' for current)
Refer to Profiles Screens for details of how to use this screen.
The following is an example of the screen displayed for the new user-id entry daveh. The parameters displayed are the default settings derived from the DEFAULT item in the USERS file.
U S E R S F I L E M A I N T E N A N C E -------------------------------------------------------------------------------- User ID >daveh *NEW ITEM* 0 Description : 1 Password :none 13 Status :D 2 Expiration Date :none 14 Type :I 3 Validity Period :0 15 Messages :YES 4 No of prior pswds :0 16 Language :0 5 Allowed Paths :none 17 System Names :none 6 Disallowed Paths :none 18 Network IDs :none 7 Default Account Name :none 19 Network Pswds :none 8 Default Logon Proc :none 20 Ret. Locks :none 9 Logon Retries :5 21 Update Locks :none 10 Log Failed Attempts :NO 22 Verb file path:NO 11 PLIDs :none 23 Environment :NO 12 Profile IDs :none Enter option# (0-23) to change; EX to exit; FI to file; FD to delete :
Notes:
Because a user-id is an item-id, you can make it quite long. However, keep the following points in mind when assigning user-ids:
You should decide the type of user-ids that will be used on your database. Some suggestions are:
If you issue user-ids to groups rather than individuals, you could use ids such as department name, department number, software application name, job function etc.
Describes the user.
Prompt:
Description of user:
Enter an alphanumeric string of up to 50 characters.
Assigns, changes or removes a user password.
Prompt:
Enter new password:
then a prompt to verify:
Please re-enter the new password
Enter an alphanumeric string of up to 30 characters (excluding spaces). It must not match any word in the user's description (Option 0) and must not contain three consecutive identical characters.
Note: For security purposes, the string entered at the password prompt is not echoed, and it is encrypted in the USERS file. Users can change their own passwords subsequently via the PASSWORD command, provided they can correctly enter their current password.
Specifies the date when the current password becomes invalid.
Prompt:
Password expiration date:
Enter a date in the form: dd mmm yy. See Note 2.
Specifies the number of days the current user password is valid.
Prompt:
Number of days that the current password is valid:
Enter a number in the range 0 to 366. See Note 2.
Specifies the number of new passwords required before the user can reuse a password. Each time the user changes his or her password, the new password is checked against a list of those previously used. If the new password is found in the list, an error message is displayed.
Prompt:
Number of prior passwords that may not be used (0=no limit) :
Enter the required number of previously used passwords.
Specifies the locations from which a user can access the database. Locations are specified using Physical Location Identifiers (PLIds).
Prompt:
Valid PLIds for access paths (separated by ','; A=Add; D=Delete)
Enter a PLId or PLIds. Multiple PLIds must be
separated by commas. If a path already exists, a message is displayed containing
the current PLId(s). To add or delete a PLId,
enter A or D, as appropriate, and type the PLId.
If there is no network profile with the PLId you have entered, you will be prompted:
'PLId' is not a PLID in the NETWORK file. Accept as is? (Y/N) :
Enter Y or
N as
required. Allowed locations with no associated network profile use the default
profile.
Specifies locations (PLIds) from which a user is denied access to the database.
Prompt:
Invalid PLIds for access paths (separated by ','; A=Add; D=Delete)
As for Option 5.
Specifies the name of the account to which the user logs on automatically.
Prompt:
Default account name to logon to :
Enter an account name.
Note: If the account specified does not currently exist, you are asked to confirm the entry before it is accepted. If a default account is specified here, the user is automatically logged-on to it after entering his or her user-id and password, provided that either the user-id has a password (which then overrides any account password) or the account has no password. In any other case the account, and account password, if any, are prompted for.
Specifies the User Logon Program. This runs when the user first logs on to the database and must exist in the initial account onto which the user is logged. It must normally be a Proc, but you can allow any valid TCL command can be used (see Introduction to the Terminal Control Language) by setting the LOGON.PROGS environment option.
If the User Logon Program is run, the Account Logon Program is normally not executed unless called by the User Logon Program (this behaviour can be changed by setting the ACCOUNT.LOGON environment option).
Prompt:
Default logon Proc to execute :
Enter the item-id of the User Logon Program to be executed.
Specifies the number of unsuccessful logon attempts before a user is locked out of the database. When a user is locked out, the Status field (Option 13) is set to F - the user-id must then be re-enabled by the system administrator.
Prompt:
Number of failed logon attempts before being locked out :
Enter a number in the range 0 to 32000. A value of 0 (zero) specifies infinite retries.
Specifies whether to log failed logon attempts for security purposes. If enabled, each failed logon attempt is logged in the file SECURITY.EVENTS in the SYSMAN account.
Prompt:
Log the failed logon attempts ? (Y/N) :
Enter:
Y Log failed logon attempts.
N Do not log failed logon attempts.
Specifies the location or locations (PLIds or partial PLIds) that correspond to security profile-id(s) entered at Option 12.
Prompt:
PLIds for security profiles (separated by ','; A=Add; D=Delete) :
Enter a PLId or PLIds. Multiple PLIds must be separated by commas. If a security profile already exists, a message is displayed containing the current PLId(s). To add or delete a PLId, enter A or D, as appropriate, and type the PLId.
Specifies security profile-ids. Each id is an item-id in the SECURITY file. Each id corresponds one for one to the PLIds in option 11. However, one more profile-id than the number of PLIds in option 11 can be entered. This extra id (the last one in the list) is assigned to any PLId that does not match the specified PLIds.
Prompt:
Security profiles for PLIds (separated by ','; A=Add; D=Delete) :
Enter a profile-id or profile-ids. Multiple ids must be separated by commas. If a security profile-id already exists, a message is displayed containing the current profile-id(s). To add or delete a profile-id, enter A or D, as appropriate, and type the id.
If the profile specified does not currently exist, you are asked to confirm the entry before it is accepted. Note that a user cannot log on if their security profile does not exist, but that if you do not specify a profile-id, the DEFAULT security profile is assigned.
Specifies whether the user is allowed to log on to the database.
Prompt:
User status (E=Enabled; D=Disabled) :
Enter:
E Enabled.
D Disabled.
Note: The default setting is D (Disabled). This must be changed to E (Enabled) before you can log on under the new user-id. Also, the software assigns status F automatically when the user's logon is disabled because of too many logon attempts (as specified in Option 9). The user just sees a message saying that the logon attempt has failed, whatever the reason for failure.
Specifies whether the user can operate in Interactive mode, Server mode, or both.
Prompt:
User type code (I=Interactive mode; S=Server mode; '*'=both) :
Enter:
I Interactive mode. Allows
connections for the purpose of terminal input/output only.
S Server mode. Allows connections for
inter-process communication only. With S mode defined, a user can be started by
a client user (for example, a DataBasic program or ODBC client), but not from a
terminal.
* Both interactive and server mode.
Allows you to suppress messages at the current cursor position. To display a message on line 25, see NETWORK File Maintenance Option 11.
Prompt:
Enable receipt of messages ? (Y/N) :
Enter:
Y Display messages at current cursor position.
N Suppress messages at current cursor position.
Specifies the language to be assigned to the user at logon. Languages are defined in the system language table.
Prompt:
Language number to use :
Enter a number in the range 0 to 255. The default (0) is for English.
Allows you to specify remote databases to which the user can connect using Remote Logon or Remote File Access.
Note: This option applies only to Reality on Windows hosts; see Setting Up Remote Database Details on Windows. On UNIX, such databases are specified in the USERS-FILE.
The database names that you enter at this option correspond, one for one, with the network user-ids and passwords that you enter at Options 18 and 19.
Each name must be a Reality/dbase entry in the registry.
Prompt:
System names (separated by ,: A=Add; D=Delete) : A backslash (\) will null the field.
A.
This displays the prompt System name to add. When you press
RETURN, you are prompted for the associated user-id on the remote
database and then for the
associated password. This is the recommended way of entering database
names.D. This
displays the prompt System name to delete. Now enter one or more database names,
separated by commas.The default is no database names specified.
Allows you to specify user-ids on remote databases which can be used by the local user. These are referred to as network ids.
Note: This option applies only to Reality on Windows hosts; see Setting Up Remote Database Details on Windows. On UNIX, such user-ids are specified in the USERS-FILE.
The network ids that you enter at this option correspond, one for one, with the remote database names and passwords that you enter with Options 17 and 19.
Prompt:
Network IDs (separated by ,: A=Add; D=Delete) : A backslash (\) will null the field.
Do one of the following:
Network ID to add.Network IDs to delete.The default is no network ids.
Allows you to specify passwords which can be used with the network ids, entered at option 18, on remote databases.
Note: This option applies only to Reality on Windows hosts; see Setting Up Remote Database Details on Windows. On UNIX, such passwords are specified in the USERS-FILE.
The network passwords that you enter at this option correspond, one for one, with the remote database names and network user-ids that you enter with Options 17 and 18.
Prompt:
Network passwords (separated by ,: A=Add; D=Delete) : A backslash (\) will null the field.
Restriction: A plus sign (+) must not be used as the first character of a password.
A. This
displays the prompt:
Network passwords to add.D. This
displays the prompt:
Network passwords to delete.The default is no network passwords.
Allows you to specify keys to access files protected with retrieval lock codes. If not specified, the account's keys are used to determine file access.
Prompt:
File Retrieval Keys (separated by ','; A=Add; D=Delete)
Enter a key or multiple keys separated by commas. To
add a key, enter A
then enter the key at the prompt. To delete a key, enter D then enter
the key at the prompt.
Allows you to specify keys to update files that are protected with update lock codes. If not specified, the account's keys are used to determine file update.
Prompt:
File Update Keys (separated by ','; A=Add; D=Delete)
As for Option 20.
Assigns an additional file containing commands executable by this user even when not included in account's MD.
Prompt:
Alternate verbs file path:
Enter a file-specifier as defined in the Conventions (if file-specifier is omitted, the MD is used).
Specifies the operating environment to be set at logon for this user. Environments are defined using SSM option 4 (Define Environment Settings) or the DEFINE-ENVIRONMENT command. If not set, the user uses the default environment.
Prompt:
Required environment:
Enter one of the following:
\ to clear this option. The user will use the default
environment.The user can change their operating environment with the SET-ENVIRONMENT TCL command.
? at
the information prompt. To leave a field unchanged press RETURN. To null a field enter a backslash
(\).These options allow you to specify remote databases to which the user can connect using Remote Logon or Remote File Access.
Notes:
To setup remote database details (options 17, 18 and 19) for a database user on a Windows host, proceed as follows:
2 to select the Define User Profiles option.17
to select the System Name option.This displays the prompt:
System names (separated by ,: A=Add; D=Delete) : A backslash (\) will null the field.Enter
A
to add a new database name.The following prompt is then displayed:
System name to add:Enter the name of the required remote database routing entry (this must be created with the netadmin utility).
When you press RETURN, you are prompted:
Enter the corresponding network id:Enter the database user-id to be used by the user to access the remote database.
When you press return, you are prompted:
Enter the corresponding network password:Enter the associated password for the network user-id.
When you press return, you are prompted to confirm the password you have just entered:
Please re-enter the new password to verify:Enter the same password again.