LISTSERV - HP3000-L Archives

HP3000-L Archives

July 2001, Week 1

HP3000-L@RAVEN.UTC.EDU

	LISTSERV Archives
	HP3000-L Home
	HP3000-L July 2001, Week 1

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Setup security within an account?
From:	Russ Smith <[log in to unmask]>
Reply To:	[log in to unmask][log in to unmask]
Date:	Thu, 5 Jul 2001 09:02:35 -0700
Content-Type:	text/plain
Parts/Attachments:	text/plain (66 lines)

Carl,

Here's a really ugly idea.  Maintenance would be a pain, but how about a
script that checks a file that lists the userid and the groups to which they
have access (or to which they are denied) and sets a variable determining
whether or not the group specified in a CHGROUP command is acceptable.  Set
a UDC to replace CHGROUP and apply the test before allowing the move.  Set
all your groups to ACCESS=(R,L,X,A,S,W=GU,AL).  You will have to add
something to your logon script to force people into specific groups at
logon.  It's not pretty, but it should work.

Hope this gives you some ideas,
Rs~




Russ Smith, Systems Consultant
Problem Solved, Credit Union Consulting Services
183 Butcher Road, Suite B
Vacaville, CA  95687
707.451.2611, voice
707.447.2918, fax
r s m i t h @ c u - h e l p . c o m
h p 3 k l @ e - 3 0 0 0 . n e t



-----Original Message-----
From: HP-3000 Systems Discussion [mailto:[log in to unmask]]On
Behalf Of Carl McNamee
Sent: Thursday, July 05, 2001 6:09 AM
To: [log in to unmask]
Subject: [HP3000-L] Setup security within an account?


Oh, boy.  I've been tasked to see if a particular setup for security within
an account is possible.  We are interested in restricting certain users to
certain groups within an account.

Here is an example.  The account PRODUCTION (I know it has more that 8
characters, go with me here.  I'm not in a really creative mood this
morning! ) has four users and five groups (users = OP, JOE, JANE, JERRY;
groups = PUB, PROG, JERRY, JOE and JANE).
OP - has access to all the groups on the account (the wonderfull AL
capability!).
JOE - has access to the groups PROG and JOE.
JANE - has access to the groups PROG, JOE and JANE.
JERRY - Only has access to the groups JOE and JERRY. (Jerry is a manager so
no one trusts him with the production stuff!).

Is this type of setup possible?  I've scratched my head and looked through
the manuals and have not figured out a way to do it.  Thoughts?  Comment?
Commentary?

Carl McNamee
Systems Administrator
Billing Concepts
(210) 949-7282

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *

ATOM RSS1 RSS2

RAVEN.UTC.EDU