The USERS-FILE provides a way of securing outgoing connections. It contains network user- and group-ids, and these are used to ensure network security by mapping local user- and group-ids to remote user-ids. Entries in the USERS-FILE are only used if the user-id parameter is not explicitly supplied when using Reality, remlog, program to program communication, interactive file access, simple file transfer (sft), rush or SovereignX Background Processors.
The USERS-FILE can contain entries for both individual local user-ids and for UNIX group-ids. If a remote user-id is not supplied when using any of the above programs, the system attempts to obtain the network user-id from the USERS-FILE by looking up the local user-id. If the user does not have an entry in the USERS-FILE, or if the user has no entry for the required remote system, the system checks for a group-id entry.
Each local user- or group-id entry will have a sub-entry for each remote system that the user wishes to access. Similarly, for each remote system there will be a network user-id and password, which will be supplied to that remote system if the user-id is not supplied explicitly by the user.
It is the responsibility of the System Administrator to set up the USERS-FILE. However, users who have entries in the USERS-FILE can change the remote password using the RUFMUP command.
Note: In order for one SovereignX environment to communicate with another (for instance to use the background processing facility), local USERS-FILE entries must include a subrecord of the remote environment name with a destination user-id and associated password.
The USERS-FILE Management utility allows the system administrator to enter network user-ids and passwords that can be used by local users when accessing remote systems.
You run the USERS-FILE Management utility by choosing
userfile from
the Network Management menu. You will see the following menu:
USER FILE MANAGEMENT
1 addnewuserid
2 addsubrecord
3 changepwd
4 delsubrecord
5 deluserid
6 listuserid
7 verifyusers
number (or q)
To add a new user-id to the USERS-FILE, select
addnewuserid
from the Users File Management menu. You will see the following prompt:
Enter user id (or .groupid) [q] :
Enter either of the following:
When you press RETURN, the following prompt is displayed:
commit entry [y,(n),q] :
y.n.Note: If the user-id or group-id is not valid, an error message is displayed and you are prompted to try again.
A user- or group-id can be updated at any time to contain a network
user-id and password to be used when logging on to a remote system. To add
remote system details to a user- or group-id, select
addsubrecord
from the Users File Management menu.
user id to add
subrecord to
1. tom
2. dick
3. .comms
Enter a number [q] :
A dot preceding a user name indicates that this is a group-id rather than a user-id.
Enter the number corresponding to the user- or group-id for which details of a remote system are to be added.
Destination system name
[q] :
Enter the name of a remote system. This must be the
system name of a valid ROUTE-FILE entry or * (to
indicate any remote system not specifically listed in the USERS-FILE).
If the remote system cannot be found in the ROUTE-FILE, an error message is displayed and you are prompted to try again.
User id on destination
system [q] :
Enter the user-id to be used to log onto the remote system. The user-id entered here must be a valid user-id on the remote system.
Note that the validity of this user-id is not checked. If it is incorrect, the local user will be unable to log in to the remote system.
password [q] :
Enter the password for the remote user-id.
Note: Pressing RETURN allocates a password of RETURN. To allocate a null password, use the Change Password option to delete the password.
Note that the validity of the password is not checked. If it is incorrect, the local user will be unable to log in to the remote system.
re-enter
password [q] :
Confirm the new password by entering it a second time.
commit entry [y,(n),q]
:
y.n.Once a user-id and password have been defined, it is possible to change
the password by selecting
changepwd from
the Users File Management menu.
userid containing
password to alter
1. tom
2. dick
3. harry
4. .comms
Enter a number [q] :
Enter the number corresponding to the local user- or group-id for which a password is to be altered.
subrecord to alter
password in
1. Destination system -> HQ
Destination userid -> PROG1
2. Destination system -> LONDON
Destination userid -> SYSPROG
Enter a number [q] :
Enter the number corresponding to the remote system on which the password is to be altered.
Changing password for
user userid to destination system.
1. Change password
2. Delete password
Enter a number [q] :
To change
the current password enter 1. The
following prompt is displayed:
password [q] :
Enter the new password.
re-enter password [q] :
Confirm the new password by entering it a second time.
replacing old password. Press ENTER to continue
To delete
the current password, enter 2.
deleting password. Press ENTER to continue
An entry for a remote system can be removed from a user’s USERS-FILE
record at any time by selecting
delsubrecord
from the Users File Management menu.
user id to delete
subrecord from
1. tom
2. dick
3. harry
4. .comms
Enter a number [q] :
Enter the number corresponding to the local user- or group-id for which a remote system entry is to be deleted.
subrecord to delete
1. Destination system -> HQ
Destination userid -> PROG1
2. Destination system -> LONDON
Destination userid -> SYSPROG
Enter a number [q] :
Enter the number corresponding to the remote system for which details are to be removed.
Deleting subrecord from
userid tom, destination LONDON.
confirm [y,(n),q] :
y.n.To remove a user’s entry and all associated remote system entries from
the USERS-FILE, select deluserid from the Users File Management menu.
select entry to delete
1. tom
2. dick
3. harry
4. .comms
Enter a number [q] :
Enter the number corresponding to the local user- or group id to be removed.
userid -> tom
1. Destination system -> HQ
Destination userid -> PROG1
2. Destination system -> LONDON
Destination userid -> SYSPROG
confirm [y,(n),q] :
y.n.To display a user’s entry in the USERS-FILE, select
listuserid from
the Users File Management menu.
select entry to list
1. tom
2. dick
3. harry
4. .comms
Enter a number [q] :
Enter the number corresponding to the local user- or group-id for which details are to be displayed.
userid -> tom
1. Destination system -> HQ
Destination userid -> PROG1
2. Destination system -> LONDON
Destination userid -> SYSPROG
Press ENTER to continueIn order to verify the entries in the USERS-FILE, select
verifyusers from
the Users File Management menu.
The verify option carries out the following checks on the USERS-FILE:
As the file is checked, a series of messages is displayed on the screen. These messages are displayed a screen at a time. To see the next screen, press RETURN.
When the entire file has been checked the following message is displayed:
Press ENTER to continue
If you intend making incoming X.25 User Interface (XUI) connections to a server running on a Reality database, you will need a user-id entry called XUI in the USERS-FILE. This is created as follows:
addsubrecord
from the Users File Management menu. When prompted, enter the number of the XUI
user-id. You will then be prompted for the following information (the prompts
for the XUI user-id are different to those for a normal sub-record.):Entering XUI
format sub-record.
Xui destination name [q] :
Enter the name of the required Reality database; that is, the system name of the appropriate Reality ROUTE-FILE entry.
Account name [q] :
Enter the name of the account to which to connect. If you leave this field empty, the default account for the specified user-id will be used.
Server name [q] :
Enter the name of the required DataBasic server program. Note that this program must be accessible from the specified user-id and account.
Xui Userid on local
system [q] :
Enter the UNIX user-id to which connection will be made. Note that the database must have a Reality user-id with the same name.
Note: On most UNIX systems, user-ids can only be entered in lower case. Because of this, the Reality user-id must also be in lower-case.
password [q] :
Enter the password for the specified UNIX user-id.
Note: Pressing RETURN allocates a password of RETURN. To allocate a null password, use the Change Password option to delete the password.
re-enter
password [q] :
Confirm the new password by entering it a second time.
commit entry [y,(n),q]
:
y.n.Note that, although you can create additional sub-records for the XUI user-id, the second and subsequent sub-records are ignored.
You can change the password and delete sub-records in the same way as for normal USERS-FILE entries.