HP 3000 Manuals

Displaying Security Information [ Manager's Guide to MPE/iX Security ] MPE/iX 5.0 Documentation

Manager's Guide to MPE/iX Security

Displaying Security Information 

The following command is used to display the status of account attributes
and security provisions for files and devices.

You can display account attributes by entering the MPE/iX command
:LISTACCT.

     >LISTACCT [acctset] [,listfile] [;PASS]

       where acctset specifies the name of an account, ,listfile 
       specifies a device that will receive the output listing, and ;PASS
       specifies that the password will be displayed.  If an unauthorized
       user enters ;PASS, asterisks (*) are displayed in place of
       sensitive information.  The listing will include information on
       the password aging values if appropriate and all of the relevant
       details.

To list all of the attributes, including the password, of an account
named MARKETS, enter:

     :LISTACCT MARKETS;PASS



NOTE  The MPE/iX commands that display passwords (:LISTUSER, :LISTGROUP,
      and :LISTACCT) will not display passwords when they are in
      encrypted form.



Discussion 

The three listing commands are:

   1.  :LISTACCT lists account attributes.

   2.  :LISTGROUP lists group attributes.

   3.  :LISTUSER lists user attributes.

   *   A System Manager (SM capability) can specify any account, group,
       and user on the system.

   *   An Account Manager (AM capability) can specify any group or user
       in his or her logon account.

   *   Information about passwords can be examined according to the
       following rules:

          *   The password is displayed when ;PASS is specified by the
              System or Account Man ager in the following way:

                   LISTUSER MGR;PASS

          *   The password state (*ENCRYPTED*, REQUIRED and EXPIRED) are
              displayed when ; PA SS and ;FORMAT=DETAIL are specified by
              the System or Account Manager in the foll owing way:

                   LISTUSER MGR;PASS;FORMAT=DETAIL

          *   The password aging value is displayed when ;FORMAT=DETAIL
              is specified by all users in the following way:

                   LISTUSER MGR;FORMAT=DETAIL

   *   Only System and Account Managers can use wildcard characters (#,
       ?, and @) when specifying group names.  Any user can use the
       character @ when specifying file names.

   *   Only System Managers can use wildcards when specifying account
       names.

MPE/iX 5.0 Documentation