FERRET and the user authorization file (SYSUAF.DAT)
This chapter discusses the SYSUAF.DAT and its relationship with FERRET.
The User Authorization File ( SYSUAF.DAT) is an OpenVMS system file containing important information on every user who is authorized to gain access to the system. Each SYSUAF.DAT record contains the username, password, UIC, privileges and additional information.
It is normally maintained by the OpenVMS utility AUTHORIZE.
It can be read in either user name or UIC sequence.
Typically, there is one record in the UAF for each user that can access the system. There is a record with the user name "DEFAULT" which contains default values used during the creation of new accounts. There are special accounts such as SYSTEST, SYSTEST_CLIG and FIELD for use by Digital personnel.
FERRET can list every item in the UAF except passwords and modify every item except the following:
the primary and secondary password encryption algorithms
the SALT value
the user name
SYSUAF.DAT access
For reporting including auditing and difference checking, FERRET needs read_only access to the file. For modifications and copying, it needs write access. FERRET opens the file shared. Only the current record (not the entire file) is locked during updates.
For more complete information about the User Authorization file refer to the OpenVMS AUTHORIZE manual.
Files you need to use FERRET
This chapter shows you how FERRET and OpenVMS files are used and the amount of disk space they require.
FERRET directory structure
The FERRET directory contains all executables, objects, documentation and command procedures. Here is its structure:
[FERRET
.CDU] Command Definition
.COM] DCL Command Procedures
.DAT] Data Files
.DEF] Include Files, SOURCE licenses only
.DOC] Documentation and HELP text
.EXE] Executables
.LIS] Compile Listing Files, SOURCE licenses only
.MAP] Compile Map Files, SOURCE licenses only
.MSG] Error Message text and object
.OBJ] Object Library
.SRC] FORTRAN Source, SOURCE licenses only
It requires 3500 blocks. If you have source, that directory requires an additional 3000 blocks.
SYSUAF.DAT
FERRET reads information from and writes information to the OpenVMS System User Authorization File. Refer to the chapter "FERRET and the OpenVMS user authorization file (SYSUAF.DAT)" for more information.
Logicals you need to use FERRET
This chapter shows you the logicals that FERRET uses and how to define them.
To use FERRET, you must define several logicals. Here is a description of each logical that may be defined on your system.
FERRET_CDU - This logical points to the [FERRET.CDU] directory. It is used to access the FERRET command definition table. FERRET_CDU is optional.
FERRET_COM - This logical points to the [FERRET.COM] directory. It is used to access FERRET DCL command procedures. FERRET_COM is optional.
FERRET_DAT - This logical points to the [FERRET.DAT] directory. It is used to access the data files and command procedures for mailing. It must be defined in the system logical table. FERRET_DAT is required.
FERRET_DOC - This logical points to the [FERRET.DOC] directory. It is used to access the screen interface help files. It must be defined in the system logical table. FERRET_DOC is required.
FERRET_EXE - This logical points to the [FERRET.EXE.VAX] or the [FERRET.EXE.AXP] directory. It is used to access the FERRET executables. It must be defined in the system logical table. FERRET_EXE is required.
FERRET_PASSWORD - This logical points to the FERRET_PASSWORD.DAT file in [FERRET.DAT] directory. It is used to access the list of poor passwords. It must be defined in the system logical table. FERRET_PASSWORD is required.
FERRET$NOHEADER - This logical suppresses headers on FERRET reports. It must be defined in the system logical table. FERRET$HEADER is optional.
SYS$LP_LINES - This logical controls how many lines FERRET reports on a single page. The default value, if this logical is not defined, is 60.
SYSUAF - This logical points to the UAF file. The default definition is "SYS$SYSTEM:SYSUAF.DAT". Note that this is a logical defined by OpenVMS rather than a FERRET logical.
FERRET_ELEVATED - This logical can be used to redirect FERRET to a different file and/or location for the list of privileges that should considered elevated.
You can define the basic logicals that FERRET requires by typing:
$ @SYS$MANAGER:FERRET_SYSTEM_LOGICALS.COM
Any additional logicals should be defined in the FERRET_SITE_LOGICALS.COM procedure.
This command procedure is new with V4 and allows you to place site specific logicals in a file that will not be replaced during future upgrades. It is executed by the FERRET_STARTUP.COM procedure.
Privileges you need to use FERRET
This chapter shows you the privileges you need to do various FERRET operations.
FERRET requires the following privileges to run:
 |
• SYSPRV |
|
• TMPMBX |
|
• NETMBX |
You can acquire all necessary privileges by typing:
$ @FERRET_COM: SET_PRV.COM