HP 3000 Manuals HP 3000 Manuals
HP Desk System Level Security
This section describes the precautions which you can take to ensure
security within your HP Desk system.
Capability Groups
The security of your HP Desk system depends on what capabilities the
people who use it have. By assigning users to one or more capability
groups, you can define which script files, abbreviations, and so on they
can use and what, if any, administrative capabilities they have.
There are two classes of capability groups which exist in HP Desk. Those
which have been defined by Hewlett-Packard and those which you define
yourself. Defining capability groups and assigning users to either user
defined or Hewlett-Packard defined groups are covered in Chapter 9
and in Chapter 12 .
User defined groups do not exist in HP Desk until you specify them. You
can use them to reflect the existing structure of privileged groups
(Personnel and Payroll, for example) within your organization. These
groups do not have any predefined capabilities. These depend on which
script files, abbreviations, and Help screens you allow the group to use.
The groups defined by Hewlett-Packard, on the other hand, are only
meaningful within the context of HP Desk They already have capabilities
defined for them so you can assign those people within your organization
who have the necessary skills to use them. The capability groups only
deal with administration tasks which can be performed from the HP Desk
user interface. They do not relate to utilities such as Passedit.
These are the nine groups which are currently defined by Hewlett-Packard
together with examples of people you might assign to them:
Group 1 : The default group which all HP Desk users belong to.
ALL
Group 2 : The HP Desk Administrator for your site.
Systemadmin
Group 3 : Members of sensitive groups within your organization who
Localadmin are responsible for the day to day configuration of those
groups.
Group 4 : People who need to be able to install, remove and read
ScriptInstall script files.
Group 5 : The person who you delegate the task of updating your
Publiclists site's Public Distribution Lists to.
Group 6 : The person who you delegate the task of looking after
Noticeboard your site's Notice Board to.
Group 7 : A writer or trainer who you delegate the task of
HelpInstall customizing the on-line Help system to.
Group 8 : The data communications expert at your site.
Networkadmin
Group 9 : A user who can install and remove forms.
FormInstall
You can define the other groups yourself. These might be workgroups
using highly specialized script files (such as Research and Development)
or groups of people who have access to sensitive information (such as
Payroll or Personnel).
Using the Capability Groups
The user MGR.HPOFFICE in the MAILDB group is a member of all of the
capability groups defined by Hewlett-Packard. They are also a member of
any user groups subsequently defined for your organization, and have the
power to pass any of these capabilities onto other users. Given the
far-reaching powers of MGR.HPOFFICE, the number of people who can log on
as this user should be severely restricted, ideally to just the System
Manager.
As MGR.HPOFFICE you can assign whoever is to be your HP Desk
Administrator to the Systemadmin group. They implicitly become a member
of all of the capability groups defined by Hewlett-Packard but only a
member of those customer defined groups to which they are assigned by
MGR.HPOFFICE. Furthermore, they can only make another user a member of a
group, whether defined by Hewlett-Packard or by yourself, if they are
explicitly assigned to it themselves. However, under no circumstances
can a Systemadmin user pass on Systemadmin capabilities to other users,
or modify their own or any other Systemadmin user's capabilities. This
means that MGR.HPOFFICE can decide how powerful any Systemadmin user is
by specifying which user groups they belong to or which administration
capabilities they can pass onto other users.
Your organization might not want the HP Desk Administrator to belong to a
certain capability group because that would allow access to script files
which might contain passwords to confidential files. Instead you can
give a member of the department Localadmin capabilities. A Localadmin
user is responsible for the day to day configuration of their own group.
They can add or modify users and give them any of those user capabilities
which they have been given explicitly themselves. They cannot modify
their own or any other Localadmin user's capabilities, neither can they
create a user who has more access capabilities (MAIL, COPY, MPE and so
on) or higher disk space limits than they possess themselves.
Assigning an existing member of potentially sensitive groups such as
Payroll or Personnel as a Localadmin user to handle their day to day
configuration means that the HP Desk Administrator does not need to be
made a member of those groups.
If you make the Localadmin users members of the ScriptInstall group too,
the HP Desk Administrator will not need to be able to read, install or
delete script files used by these groups.
If your HP Desk system is part of a larger network, your organization may
have a datacomm expert who takes care of the links between the computers
in the HP Desk network. If so you can assign this person to the
Networkadmin group. They can then make changes to the routes to any of
the configured mailnodes.
The other three groups represent areas of responsibility which you might
want to delegate to other people in your organization. If you have a
training specialist you can make them members of the HelpInstall group.
They will then be able to customize the HP Desk on-line Help system.
Publiclists and Notice Board allow users to perform administrative tasks
in these areas. This means you can assign someone the job of looking
after the Notice Board and updating the Public Distribution Lists. As an
Administrator, you will also be able to delete from the Notice Board and
Public Distribution Lists, but you must log on to GENERAL DELIVERY for
the appropriate mailnode to do so.
If you make a user a member of the ScriptInstall group, they can read,
install and remove script files and abbreviations in any group which they
are a member of. Users do not need to be a member of this group to run
script files.
If you make a user a member of the FormInstall group, they can install
and remove forms in any group of which they are a member.
Consider the Pharaoh Company's manufacturing plant in Liverpool (MANF3).
Three departments are currently on HP Desk: Administration, Production
Control and Purchasing. As these departments use different script files
and perform different functions, a capability group has been defined for
each one. It was decided that the HP Desk Administrator, Angela Burgess,
should not be a member of the Administration group because they use
script files containing passwords to confidential files. Therefore, a
member of the Administration group capability group, Heather Callender,
was given Localadmin and ScriptInstall capabilities. Neither of
the other two departments use confidential information, so it
wasn't necessary to assign Localadmin users to replace the HP Desk
Administrator.
The following people are configured as HP Desk users:
Graham Dalton, System Manager (MGR.HPOFFICE)
Angela Burgess, HP Desk Administrator (Systemadmin)
Administration Production Control Purchasing
Sublocation (/AD) Sublocation (PH/) Sublocation (/PH)
---------------------------------------------------------------------------------------
Heather Callender Julia Seagrove David Coverdale
(Localadmin)
Colin Leech James Pemberton Emma Kendal
Sarah Wallace David Webb
---------------------------------------------------------------------------------------
They would be members of the following capability groups:
User MGR.HPOFFICESystemadmin Localadmin Scrip AD PH PH
tinstall
-----------------------------------------------------------------------------------------------
Dalton * * * * * * *
Burgess * * * * *
Callender * * *
Leech *
Wallace *
Seagrove *
Pemberton *
Webb *
Coverdale *
Kendal *
-----------------------------------------------------------------------------------------------
As Angela Burgess is not a member of the Administration capability group,
she can not perform administration tasks in that group. Heather
Callender can only use her Localadmin and ScriptInstall capabilities in
the Administration group of which she is a member.
The table below summarizes which capabilities users in the
Hewlett-Packard defined capability groups can pass on to other users:
User
MGR.HPOFFICE Systemadmin Localadmin Networkadmin Others
-----------------------------------------------------------------------------------------
Capabilities
Access (Mail
Read, etc) U C C - -
Disk Usage U C C - -
Limits
EVERYONE This capability is passed on by default
Systemadmin U N N - -
Localadmin U C N - -
Public Lists U C N - -
Noticeboard U C N - -
HelpInstall U C N - -
FormInstall U C N - -
User defined
groups U C C - -
Change U C C - -
Passwords
-----------------------------------------------------------------------------------------
U Means that the user can pass on this capability unconditionally.
C Means that this user can only pass on this capability if they
have been given it explicitly. Furthermore, they cannot give
another user a higher disk space limit than their own.
N Means that this capability cannot be passed on.
- Means that this user does not have this capability.
The table below summarizes which HP Desk utilities users can use:
User
MGR.HPOFFICE Systemadmin Localadmin Networkadmin
MAILDB
-----------------------------------------------------------------------------------------
Utility
Mailconfig Yes Yes Yes Yes
Mailutil Yes No No No
Mailedit Any user can use this utility
Passedit Yes No No No
Remote Directory
Update Yes Yes No No
-----------------------------------------------------------------------------------------
Only MGR.HPOFFICE,MAILDB has the power to run the Configurator from
outside HP Desk. A user who is a member of the Systemadmin capability
group can run the Configurator from inside HP Desk and has access to all
of the screens. A user who is a member of either the Localadmin or
Networkadmin capability groups can also run the Configurator from inside
HP Desk but only has access to a limited number of screens.
The table below summarizes what configuration tasks can be performed by
users in the Hewlett-Packard defined capability groups. Remember that
capability groups only relate to operations which can be performed from
the HP Desk user interface. For example, only MGR.HPOFFICE,MAILDB can
change passwords using the Passedit program.
User MGR.HPOFFICE Systemadmin Localadmin Networkadmin Others
-----------------------------------------------------------------------------------------
Function (Central) (Central) (Local) (Central)
-----------------------------------------------------------------------------------------
Operation
Local Users Yes Yes Yes No No
Remote Users Yes Yes No No No
Directory Menu Yes Yes No No No
Network Menu Yes Yes No Yes No
System Menu Yes Yes No No No
Resources/
Resource Yes Yes Yes No No
Classes
Remote Updates Yes Yes No No No
-----------------------------------------------------------------------------------------
Securing EFT andFSC Messages
Once messages leave the HP Desk database, they immediately become less
secure. If you decide to allow Private messages to pass through a
gateway, you may secure these messages by stipulating that they be stored
in a privileged file. This ensures that transient messages are as secure
as the contents of the database itself.
If you decide to use privileged files to store outgoing message and
content files, then the external applications which process them must
have privileged capabilities. See the manual MPE Intrinsics for details
of how privileged files are handled. The external application will also
need to specify the correct file code to open a privileged file. The
file codes for the files output from HP Desk are shown in HP DeskManager
Customization.
The EFT and FSC trucks have been written to handle both normal and
secured files so privileged message and content files can be received by
HP Desk.