HPlogo Commands Reference HP 3000 Series 9X8LX Computer Systems > Chapter 2 MPE/iX Commands

NEWACCT
» 

Technical documentation

Complete book in PDF
» Feedback

 » Table of Contents

 » Index

spacerspacerspacer
spacer
spacer
  		 
 

The NEWACCT command enables a system administrator to create a new account and assign one person as the manager of the account.

Syntax



   NEWACCT acctname,mgrname

   [;PASS=[password]][;CAP=[capabilitylist]]

   [;ACCESS=[(fileaccess)]]  [;GID=[(gid)]]  [;UID=[(uid)]]

Parameters

acctname

Specifies the name to be assigned to the new account. This name must contain from one to eight alphanumeric characters, beginning with an alphabetic character.

mgrname

Specifies the name of the person to manage the account. This could be the same name as the system administrator or another user. To avoid assigning the wrong capabilities to general users, the system administrator should use this parameter for only one account manager. The system administrator should use the NEWUSER command to assign additional users to the account.

The default for this user is that no password is assigned, and capabilitylist is the same as the account capability.

The system administrator can later change the attributes of an account manager by using the ALTUSER command.

PASS

Specifies the account password, only used for verifying logon access. This password must contain from one to eight alphanumeric characters, beginning with an alphabetic character. The default is that no password is assigned.

CAP

Specifies the list of capabilities permitted for this account. Each capability is indicated by a two-letter mnemonic, separated by commas, as follows:



   SM  =  System manager

   AM  =  Account manager

   AL  =  Account librarian

   GL  =  Group librarian

   DI  =  Diagnostician

   OP  =  System supervisor

   NA  =  Network administrator

   NM  =  Node manager

   SF  =  Save files

   ND  =  Access to nonshareable I/O devices

   UV  =  Use volumes

   CV  =  Create volumes

   CS  =  Use communication subsystem

   PS  =  Programmatic sessions

   LG  =  User logging

   PH  =  Process handling

   DS  =  Extra data segments

   MR  =  Multiple RINS

   PM  =  Privileged mode

   IA  =  Interactive access

   BA  =  Batch access

The defaults are AM, AL, GL, SF, ND, IA, and BA.

ACCESS

Specifies the restriction on file access pertinent to this account. Valid syntax options are as follows:



   {R

    L

    A

    W

    X} [,...]: {ANY

                AC} [,...]

where R, L, A, W, X specify modes of access by types of users (ANY, AC, GU, AL, GL) and are defined as follows:



   R   =   Read

   L   =   Lock (exclusive file access)

   A   =   Append (implies L)

   W   =   Write (implies A and L)

   X   =   Execute

The user types are defined as follows:



   ANY =   Any user

   AC  =   Member of this account only

The default is no security restrictions at the account level. You can specify two or more user or access types if you separate them with commas.

Operation Notes

  • Usage

    You can enter this command from a session, a job, a program, or in break mode. Pressing Break does not affect this command.

    You must have system manager (SM) capability in order to use this command.

  • Creating the account structure

    The system administrator creates accounts and designates someone to manage the accounts, called the account manager. As an account manager, you can log on and redefine your own attributes and PUB groups. You can can also define new users and groups.

    The capabilities and attributes that the account manager assigns to groups and users cannot exceed those assigned to the account itself by the system administrator. For example, if the system administrator does not assign the account extra data segments (DS) capability, no users in the account have DS capability, which prohibits them from linking programs that use extra data segments.

  • PUB group

    The PUB group is initially assigned the same capability class attributes, permanent file space limit, CPU limit, and connect-time limit as the account, but without a password. Its initial security allows read (R) and execute (X) access to all users who successfully log on to the account, and append (A), write (W), lock (L), and save (S) access to the account librarian (AL) and group users (GU) only. These access provisions are as follows:

    

   R,X:ANY;A,W,L,S:AL,GU

  • Parameter omissions

    When you specify a parameter but omit its corresponding value (as in ACCESS= Return), the default value for the parameter is assigned (in this case, R,L,A,W,X:AC). The default is also assigned when you omit an entire parameter group (such as ACCESS=fileaccess).

Example

  • To create an account with the account name ACI, the account manager name MNGR, and read privileges for any user, enter:

    

   :NEWACCT ACI,MNGR;ACCESS=R:ANY

Related Commands



   ALTACCT

   ALTUSER

   LISTACCT

   NEWGROUP

   NEWUSER


LISTUSER
  		 


NEWDIR  
Feedback to webmaster