CREATE-ACCOUNT

Creates a new account, a remote account, or a synonym account.

Command class

Cataloged DataBasic program.

Syntax

CREATE-ACCOUNT{ ([U||W]}

Options

Restriction

SYSMAN and SYSPROG accounts only. Only the SYSMAN account allows you to use the PASSWORD command to specify an account password.

Operation

When you run CREATE-ACCOUNT from TCL, the following prompt is displayed:

Do you want to create a Local, Remote, or Q-pointered account(L/R/Q) ?

• Enter L to create a local account.

• Enter R to create a remote account.

• Enter Q to create a synonym (Q-pointer) account.

In each case, the cursor is positioned at the first prompt of the menu that appears.

Creating a local account

When you enter L  to create a local account (D-pointer), the following menu is displayed:

        CREATE-ACCOUNT
1.  ACCOUNT NAME        :
2.  RETRIEVAL CODE(S)
3.  UPDATE CODE(S)
4.  PASSWORD
5.  SYSTEM PRIVILEGE LEVEL
6.  ACCOUNT FILE UPDATE (Y/N)
7.  MODULO,SEPARATION
8.  RPL DEBUG LEVEL

Account name

An account name must be unique on the database. The account name entered is used as the item-id for the D-pointer created in SYSTEM.

The format of a valid account name is described in Rules for Account Names.

Retrieval code(s)

Enter any retrieval lock codes for this account. Just press RETURN if not required.

If you specify more than one code, separate with value marks (CTRL+]). The first code acts as a lock for the account's Master Dictionary (MD) and for any files defined from the MD, including all dictionaries and their data sections. All of the codes act as retrieval keys for users logged-on to this account, unless their user profile contains any keys, in which case the latter are effective instead.

Update code(s)

Enter any update lock codes for this account. Just press RETURN if not required.

If you specify more than one code, separate with value marks (CTRL+]). The first code acts as a lock for the account's MD. However, files defined from the account's MD are not protected against unauthorised update by this lock. Each dictionary and each data section must be individually protected against update via a lock in attribute 6 of its defining D-pointer, unless adequately protected by a retrieval lock at the same or at a higher level. Retrieval locks have the effect of also preventing update by those unauthorised for retrieval.

All codes also act as update keys for users logged-on to this account, unless their user profile contains any keys, in which case the latter are effective instead.

Password

A password can only be specified from the SYSMAN account. If you are creating an account from the SYSPROG account, the cursor skips the password prompt.

Every account uses the account password definition of the same name, unless there is none in which case the DEFAULT account password definition is used instead. (There is an obvious benefit, therefore, in creating the account password definition before creating the account.)

The password should meet the rules of this definition, although these can be overridden from the SYSMAN account. If the password does not meet the rules of the relevant password definition, the reason why is displayed followed by the specific error message defined in that definition.

When you enter the password, the characters are not echoed to the screen. The following message is displayed:

PLEASE RE-ENTER THE NEW PASSWORD TO VERIFY :

Re-enter the password - if it does not match, the cursor is repositioned at the PASSWORD  prompt and the following message is displayed:

THE PASSWORDS DO NOT VERIFY !

The password is encrypted and only the encrypted form is stored in the account definition item. To change or to specify a password after an account is created, use the PASSWORD command with the A option from the SYSMAN account.

Note that users logging-on to the database who have a passworded user-id and a default account are not prompted for any account password present - this is overridden. However, when attempting LOGTO, any password on the destination account must be entered.

System privilege level

Enter the privilege code for the new account or press RETURN for the default value of SYS0.

Valid privilege codes are SYS0, SYS1, and SYS2, where SYS0 has the fewest privileges and SYS2 the most.

The table below lists several functions and the lowest privilege level required to perform them.

Function	Lowest Privilege Level Required
Use of English commands such as LIST, SORT, SELECT, and SSELECT.	SYS0
Updating a Master Dictionary, using CREATE-FILE or DELETE-FILE, using FILE-SAVE, using the Magnetic Tape commands.	SYS1
Full use of System Debugger, using Restore Processor commands that use the magnetic tape devices.	SYS2

Account file update

If you want statistics for this account to be collected in the ACC file, enter Y. If statistics are not required, enter N  or press only RETURN. The default is N.

Modulo, Separation

The modulo is the number of groups allocated to the Master Dictionary for the new account. The default modulo is 29. The separation is always set to 1 on Reality. The default values should be accepted by just pressing RETURN, unless there is a reason for selecting a different modulo (such as the intention to create large number of MD items).

RPL Debug Level

If you are creating an RPL account, you will receive the RPL Debug Level  prompt.

Valid responses are 0, 1, and 2. The default value is 2.

For more information, refer to the RPL Programming Reference Manual.

Changing or saving

When you have answered all of the prompts, CREATE-ACCOUNT prompts:

ENTER NUMBER TO CHANGE, * TO CANCEL, RETURN TO CONTINUE :

• Enter the number of a prompt if you want to change the information shown.

• Enter *  to cancel the creation of a new account.

• Press RETURN to create the new local account with characteristics as shown. The following information is displayed:

  **** CREATE SYSTEM LEVEL FILE 'account-name'
  'account-name'
  **** COPY NEWAC ITEMS TO SYSTEM LEVEL FILE
  ~733 items copied.~
  **** ACCOUNT 'account-name' CREATED.

Local Account Creation: What the System Does

To create a new local account, the system:

• Creates a Master Dictionary (MD) for the new account.

• Copies the items in the default data section of file NEWAC into the MD.

• Customises the MD as specified in the USER data section of NEWAC.

• Creates an account definition item in the SYSTEM Dictionary with the new account's name as item-id.

• Puts the following into the account definition item:

  • Retrieval lock codes (optional).

  • Update lock codes (optional).

  • Encrypted password (optional).

  • Privilege level.

Creating a remote account

When you enter R  to create a remote account (R-pointer), the following menu is displayed:

             CREATE-ACCOUNT
1.  ACCOUNT NAME        :
2.  REMOTE SYSTEM NAME
3.  REMOTE SYSTEM ACCOUNT
4.  PASSWORD

Account name

A remote account name must be unique on the database, but can have the same name as the system or account that the remote account definition references. The account name entered is used as the item-id for the R-pointer created in SYSTEM.

There are rules for account names that define the format of a valid account name.

Remote system name

Enter the name of the remote database or proprietary REALITY system; this must be the name of a Q-type (UNIX) or Remote Database (Windows) entry in the ROUTE-FILE /etc/ROUTE-FILE is a file on a UNIX host containing items that control the routing a particular process will take through a network. Routing control includes destination system names, network addresses, etc. On Windows hosts, this information is held in the Registry. For Reality external components that use the PC Standard Network Interface for Windows (PCSNI), routing information is held in a file called winsni.ini in the Windows folder.  - see Networking. If the entry does not exist, you must create it before the remote account can be used.

Remote system account

Enter the name of the required account on the remote database or proprietary REALITY system. If you do not enter an account name (press just RETURN) it will be prompted for if required when attempting to logon to the remote system. An R-pointer that does not specify an account on the remote system cannot be used for remote file access or program-to-program communication.

Password

A password can only be specified from the SYSMAN account. If you are creating an account from SYSPROG, the cursor skips the password prompt. The requirements are the same as for a local account, as described above.

Changing or saving

When you have answered all of the prompts, CREATE-ACCOUNT prompts:

ENTER NUMBER TO CHANGE, * TO CANCEL, RETURN TO CONTINUE :

You can then:

• Enter the number of a prompt if you want to change the information shown.

• Enter *  to cancel creation of the remote account.

• Press RETURN to create the remote account definition item with characteristics as shown. The following information is displayed:

  **** ACCOUNT 'account-name' CREATED.

Remote account creation: What the system does

To create a remote account, the system:

• Creates a remote account definition item in the SYSTEM Dictionary using the new account's name as the item-id.

• Puts the following into the remote account definition item:

  • The remote system name. On a UNIX system, a Reality entry in /etc/ROUTE, or on Windows, a Remote Database entry in the Windows registry.

  • The name of the account on the remote system (if specified).

  • An optional encrypted password for the remote account.

Creating a synonym account

When you enter Q  to create a synonym account (Q-pointer), the following is displayed:

          CREATE-ACCOUNT
1.  ACCOUNT NAME        :
2.  RETRIEVAL CODE(S)
3.  UPDATE CODE(S)
4.  PASSWORD
5.  SYSTEM PRIVILEGE LEVEL
6.  ACCOUNT FILE UPDATE (Y/N)
7.  ACTUAL ACCOUNT NAME

Account name

The account name entered is used as the item-id for the Q-pointer created in SYSTEM.

There are rules for account names that define the format of a valid account name.

Retrieval code(s)

Enter any retrieval lock codes for this synonym account. These function similarly to retrieval lock codes set on a local (D-pointer) account for users gaining access via this synonym.

Update code(s)

Enter any update codes for this synonym account. These codes do not function as locks on the account. They are used as keys unless the user profile contains any retrieval or update keys, in which case they are ignored.

Password

A password can only be specified from the SYSMAN account. If you are creating an account from the SYSPROG account, the cursor skips the password prompt. The requirements are the same as for a local account, as described above.

System privilege level

Enter the privilege code for the new account or press RETURN for the default value of SYS0. Valid privilege codes are SYS0, SYS1, and SYS2, where SYS0 has the fewest privileges and SYS2 the most.

Account file update

If you want statistics for this account to be collected in the ACC file, enter Y. If statistics are not required, enter N  press only RETURN. The default is N.

Actual account name

This is the name of the local (D-pointer) account that the account synonym (Q-pointer) you are creating will point to.

Changing or saving

When you have answered all of the prompts, CREATE-ACCOUNT prompts:

ENTER NUMBER TO CHANGE, * TO CANCEL, RETURN TO CONTINUE :

You can then:

• Enter the number of a prompt if you want to change the information shown.

• Enter *  to cancel creation of the synonym account.

• Press RETURN to file the synonym account definition item. The following information is displayed:

  **** ACCOUNT 'account-name' CREATED.

Synonym account creation: What the system does

To create a synonym (Q-pointer) account, the system:

• Creates a synonym account definition item in the SYSTEM Dictionary using the synonym name as the item-id.

• Puts the following into the synonym account definition item:

  • The name of the local (D-pointer) account referenced by the synonym name.

  • Retrieval lock codes (optional).

  • Update lock codes (optional).

  • Encrypted password (optional).

  • Privilege level.