HP 3000 Manuals HP 3000 Manuals
Lesson 1 Managing Your AccountFigure 1-1. Account Manager Introduction Lesson 1 presents the following information about managing your account: * listing account information * meaning of access codes * passwords--usage and security In this and the following lessons, you learn more about account management, and how to become more effective in your interaction with the MPE/iX system. As an account manager for a particular account, you have the final responsibility for the management of that account. As a general user, your capability is limited by account management; however, you are still responsible for being able to manage your own interaction with the system within user limits. For the duration of this course, you have been given account manager (AM) capability for your account. By having this responsibility, you are to do a number of different tasks that are not permitted to users without this capability. Commands and capabilities reserved for account manager, as well as higher capabilities, are noted in this and the following lessons.
NOTE When you complete this course, you may want to check with your system manager about getting an account with AM capability, if warranted, for your processing requirements.
Listing Account Information If you haven't already done so, please log on to the account specified by your system manager or supervisor. What kind of capabilities are assigned to your account? What are the limits on your disk space? CPU time? User access? To access this information, use the LISTACCT command. Enter that now to get information on your own account. LISTACCT Return You should see a display similar to the following on your screen: ________________________________________________________________________ | | | ACCOUNT:ACCTx | | | | DISC SPACE: 1568(SECTORS) PASSWORD: ** CPU TIME: | | 63(SECONDS) LOC.ATTR. $000000000 CONNECT TIME: 01 | | MINUTES SECURITY--READ :AC DISC LIMIT: UNLIMITED | | WRITE :AC CPU LIMIT: UNLIMITED APPEND | | :AC CONNECT LIMIT: UNLIMITED LOCK :AC | | MAX PRI :150 Execute :AC GRP | | UFID: $05580000 $228970A9 $000C3360 $578210A2 $07949089 USER | | UFID:$05580002 $228790A9 $000FCCB0 $578210A2 $07949DC0 CAP: | | AM,AL,GL,ND,SF,BA,IA,PH | | | ________________________________________________________________________ Some of the information that you see is self-explanatory. Two things that may not seem so clear are the CAP information listed at the lower left and the SECURITY information listed in the right column. CAP stands for "capability," and the abbreviations that follow indicate the capabilities assigned to your account. Explanations for these abbreviations are found in the MPE/iX Commands Reference Manual Volumes 1 and 2 (32650-90003 and 32650-90364) and in the help facility under the NEWACCT command.
NOTE If your manual set does not include the MPE/iX Commands Reference Manual Volumes 1 and 2 (32650-90003 and 32650-90364) you may order it from your sales representative. It contains all of the command references that are found in the Commands Reference Manual. Simply type HELP at the system prompt, and press Return to start the help facility.
After you review this information, list the definitions of the account capabilities below: ------------------------------------------------------------------------------------------ | | | Q1-1 Account Capabilities: | | AM = | | | | | | AL = | | | | | | GL = | | | | | | *ND = | | | | | | *SF = | | | | | | *BA= | | | | | | *IA = | | | | | | PH = | | | ------------------------------------------------------------------------------------------
NOTE The capabilities noted with the asterisk in Q1-1 are default capabilities.
The default capability set, ND, SF, BA, and IA, is required in order to process, store, and print information from an MPE/iX system and peripheral devices such as printers, magnetic tape, and disk drives. Other capabilities, such as account librarian (AL) and group librarian (GL), allow you and other users with these capabilities to manage groups in the account. Remember this: no user or group within an account can have capabilities that exceed the capabilities assigned to that account.
NOTE Only system operations may change account capabilities.
-------------------------------------------------------------------------------------------- | | | Q1-2 Given your account capabilities listed above, could any of the users in your | | account have PM (privileged mode) capability? | | | | | -------------------------------------------------------------------------------------------- Access Codes The security access codes displayed on the right by the LISTACCT command regulate the access to files within your account. This access is defined by system management and may be changed only at that level. The five access codes are: R = Read W = Write A = Append L = Lock E = Execute Next to each access code is an abbreviation for the type of user who may have that kind of access. There are six different types of users: ANY = Any user (on the system) AC = Member of this account only GU = Member of this group only AL = Account librarian only GL = Group librarian only CR = Creating user only Check the NEWACCT command information for an explanation of the user code AC. -------------------------------------------------------------------------------------------- | | | Q1-3 Use of your account has been restricted to which user(s)? | | | | | -------------------------------------------------------------------------------------------- Logon Password Files belonging to the users of an account should be protected from unauthorized personnel trying to log on to that account. You, as the account manager, can establish this protection through the use of passwords. MPE/iX allows you to enter your user, account, and group passwords either as part of your logon or in reply to a password prompt. If you enter your passwords as part of your logon, there is a chance that their security may be compromised, as the passwords will be displayed on the screen; therefore, enter your passwords in response to the appropriate prompt. When done this way, the passwords are not displayed to the screen. Listing Account Passwords If you ever forget your account password while you are logged on to your account, you can list your password by using the LISTACCT command followed by the PASS parameter. Try that now. LISTACCT;PASS
NOTE Only users with at least AM capability may list their account passwords with the LISTACCT command.
Password Security System management is responsible for setting up your account password. As an account manager, you are responsible for setting up and monitoring user and group passwords for your account. To ensure continuing security on your account, limit access to your passwords. Do not make passwords accessible or available to unauthorized users. Better yet, have user and account passwords changed on a regular basis. Avoid using names or words that are easily associated with you, such as your first, last, or middle name; a nickname; the name of your husband or wife. Users who wish to change their own user password may do so by using the PASSWORD command. The change does not become effective until the user logs off and logs back on. (Refer to Module 4, Lesson 5, "Changing User Passwords" in Fundamendal Skills.) When you will be away from your terminal for a period of time, log off, ending your session. Logging off helps ensure the security of your account files and your passwords from unauthorized users. -------------------------------------------------------------------------------------------- | | | Q1-4 Which practices identify good account security? | | | | | | a. changing passwords regularly | | | | b. not using well-known names, such as a nickname, for passwords | | | | c. protecting passwords from unauthorized users | | | | d. not entering passwords in your logon | | | | e. all of the above | | | -------------------------------------------------------------------------------------------- Lesson Summary 1. Use the LISTACCT command to list information on your account. 2. Only system management may set and change session and job limits as well as account capabilities and account passwords. 3. Account security is every user's responsibility. 4. Account capabilities are assigned by system management and may only be modified at that level. 5. No user or group within an account may have capabilities exceeding those of the account. 6. The ALTSEC command allows users to add ACD protection to the files that they own. Exercise 1-1: Lesson 1 Review. Indicate who can perform the following tasks: ------------------------------------------------------------------------------------------------- | | | | | | Task | Account | User | System | | | Manager | | Operations | | | | | | ------------------------------------------------------------------------------------------------- | | | | | | 1. List information for a user. | | | | | | | | | | 2. Set account passwords. | | | | | | | | | | 3. Change user passwords. | | | | | | | | | | 4. List account capabilities. | | | | | | | | | | 5. Show jobs and sessions | | | | | currently running on the | | | | | system. | | | | | | | | | | 6. Change account capabilities. | | | | | | | | | | 7. Use the LISTACCT command to | | | | | list the account password. | | | | | | | | | | 8. Set session and job limits. | | | | | | | | | ------------------------------------------------------------------------------------------------- ********** End of Exercise 1-1 **********
![[]](../../pic3k/M012149/FFN23c50.gif)