Jeff Kell ([log in to unmask]) wrote:
> I just noticed something... on 5.0 you cannot remove a user's home group!
>
> I've used this traditional "feature" (no home group) to enhance security
> on critical accounts (if you password all groups, then a logon can
> require three passwords).  But you can't do this anymore.
>
 
SR# 5003158394 was submitted for this problem, first identified by our
friends at VESOFT.
 
Steve Elmer documented a possible workaround of assigning a
non-existent group as the HOME. While this seems to work (the ALTUSER
command does not complain and the homegroup is changed) it does not
seem to work as a workaround. If you try to logon as a user whose
homegroup does not exist you will get the following error:
 
    Account/user exist.  Group name doesn't. (CIERR 1436)
 
This will, however, just like having no homegroup, force the user to
supply a group name. I guess maybe, in retrospect, it does work as a
workaround.
 
I first tried this from a 9000 workstation to a 5.0 PRE-PUSH
machine and it dropped my connection entirely, which I found rather
unfriendly and so I hesitated in qualifying it as a workaround. When
I tried it via a serial connection and a VT from another 3K, it worked
as above; giving me the error and allowing me to issue another logon
command specifying a groupname.
 
Hope this helps.
 
--
                            --Pete Crosby
 
************************************************************************
* "Arguing with an Engineer is like mud-wrestling a pig. Pretty soon   *
*  you realize the pig likes it"  -author unknown                      *
*                                                                      *
*  Note: my comments are my own and do not reflect the views of my     *
*        employer or necessarily anyone else.     [log in to unmask]       *
************************************************************************