Hello Friends, RE: Creating an "FTP only" user ----------------------------------------Costas Anastassiades writes-- I wanted to set up a user just for FTP. The user will have a password but since all FTP clients will logon using this user, the password won't be the best kept one. So I didn't want the user to be able to access the system prompt or execute any other command should someone get clever and actually logon as a normal session. This is what I came up with. -create a new user with SF, IA and a specific HOME group -assign him a UDC which has OPTION LOGON and NOBREAK and which PAUSES for say 5 minutes (more than enough FTP time for my needs) and then issues a BYE ----------------------------------------Costas Anastassiades writes-- Yes, this works with out the pause... I never cease to be amazed by the creative solutions and tricks I learn out here on 3000-L //:+) --------------------------------------------------Tom Genute writes-- Note that I don't think this method will work with MPE/IX 6.0. FTP doesn't create a session under 6.0 and can't even be trapped by VESOFT's Security/3000. This has created a big security hole. The only way to find out who is logged on to the FTP server is: LISTFILE FTPSRVR.ARPA.SYS,8 (or ,9) --------------------------------------------------Tom Genute writes-- Yes, this "UDC OPTION LOGON / BYE" method does work on MPE/iX 6.0 & 6.5. You still have to have a valid MPE logon user.account for FTP/iX on 6.0 & 6.5. I tested and verified it works on my machines. Another note: VESOFT was relying on a invalid MPE logon syntax that supported their ability to "hook" into FTP on MPE/iX 5.5 and previous. This stopped working when FTP/iX on 6.0 performed greater syntax checking. The FTP/iX syntax checking has since been "relaxed" on MPE/iX 6.0 to once again allow VESOFT the ability to hook their security product into FTP. This change was the ability to specify a PASSWORD on the SESSION name in a logon. Example: Hello YOURNAME/password,MANAGER.SYS ********* This is invalid Syntax to MPE, but was the hook that VESOFT was using on MPE/iX 5.5 and prior to pass a password into their FTP security software. This "relaxed" syntax checking is available in patch: SR: 5003-458612 FROM: FTPFDH3 6.0 GENERAL RELEASE Enhancement to USER command to allow session passwords for VESOFT. I hope this helps. Regards, James Hofmeister Hewlett Packard Worldwide Technology Network Expert Center P.S. My Ideals are my own, not necessarily my employers.