Subject: | |
From: | |
Reply To: | |
Date: | Fri, 14 Sep 2001 04:45:26 -0600 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Raymond Familar wrote:
>
> Audit had a number of issues with the product. One issue was that the
> security group had set up SecMon to log the use of NEWUSER and ALTUSER.
> That seems reasonable, but that also means that the password is recorded in
> the log in plain text. Yes, the user should change their password once
> they use that initial login, but there is no way to ensure that happens.
I am sorry to hear you/the auditors are unhappy with our product.
I am also sorry to understand that maybe our product manuals are
not clear enough to help you understand that what you are trying
to achieve is indeed possible :
:newuser testsec.neumann;home=pub;pass=abcdefg;USERPASS=REQ,EXPIRED
:hello testsec.neumann
CPU=1. Connect=1. FRI, SEP 14, 2001, 10:53 AM.
ENTER ACCOUNT (NEUMANN) PASSWORD:
ENTER USER (TESTSEC) PASSWORD: <abcedfg>
USER PASSWORD HAS EXPIRED
ENTER NEW USER PASSWORD: <abcdefg> just to check it
works correctly :-)
New PASSWORD must be different from old password. (CIERR 2528)
ENTER NEW USER PASSWORD:
ENTER NEW USER PASSWORD AGAIN:
PASSWORD WAS CHANGED SUCCESSFULLY.
> HP wasn't much help with the SecMon. When we called to open an SR on that
> issue, the techs had no real knowledge of the product. I was told that
> they are using security/3000. Now we are moving to security/3000 after
> going PROD. Yes, lots of fun. My recommendation is to go with
> security/3000 and save yourself some headaches.
I am equally sorry to hear that HP was not much help.
Though it is true that SecurityMonitor/iX is probably
not as widespread used as some other vendors offerings,
I must say that I feel a bit embarassed that it took me
only 15 minutes to lookup the manuals and a few tests
to find the above working, and , if I understand you correctly,
the solution to your issue.
http://www.docs.hp.com/mpeix/onlinedocs/32650-90498/32650-90498.html
is where I looked in the
"Managing System Users with Passwords and Logon Restrictons" chapter.
I hope this helps,
Goetz.
* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
|
|
|