HP Sentry manual

Contents

Page Page USING THIS GUIDE Intro USING THE SCREENS INSTALLING SENTRY Page <RETURN <ESC " (quotes) TCL Page Repaint Backup Escape XEQ HELP Underscore/underline Field numbers Change a field Deleting a field pwd mv sentry sentry.old cpio -icvBdum < /dev/xxx ./install bin uniVerse /… /uv/bin UniData Figure 1 - Main Menu Figure 2 sentry udt piopen LOGTO sentry Figure 3 SENTRY is currently being run by user n “You must be a super-userto use SENTRY!” The SENTRY Main Menu Upload User and Group Profiles from UNIX Create Database from File System Validate the User Profile Database Page Figure 4 HELP <RETURN Reports Menu Page 1.Database Creation and Validation Menu 1.0 DATABASE CREATION AND VALUDATION MENU Page 1.1 UPLOAD USER AND GROUP PROFILES FROM UNIX SENTRY.DB.LOAD (BATCH) 1.2 CREATE DATABASE FROM FILE SYSTEM 1.3 VALIDATE THE USER PROFILE DATABASE Enter “OK” to start the validation or “<ESC>“ to exit Do you want to print missing password messages?(Y/N) or <ESC> to exit: FATAL! User “USER.ID” does not have a password in the SENTRY database “User XXXXX not on the SENTRY.USERS file.” “User XXXXX does not have a password in the SENTRY database.” “Password for User XXXXX is less than N characters.” “User XXXXX has no home directory.” “User XXXXX has an invalid home directory - /ZZZZZ.” “Group XXXXX is not on the SENTRY.GROUPS file.” “Group (GID) XXXXX on /ZZZZZ does not exist.” “Command /VVVVV does not have any groups or users assigned.” “User (UID) XXXXX on command /VVVVV does not exist.” “Group (GID) XXXXX on command /VVVVV does not exist.” Problems found during validation, See Validation Report for Details Page Page 2.Database Maintenance Menu 2.0 DATABASE MAINTENANCE File System Database Commands DELETE User Defined Items 2.1 SYSTEM PROFILE MAINTENANCE Null Passwords Allowed Minimum Password Length Maximum Password Length Enable Custom User Attributes: Password Format Mask passwd File Order group File Order User & Group Case LIT Minimum user ID Length Maximum GID Number Default Startup Command Maximum Command Length Maximum Startup Path Length wtmp Valid Days Old “<ESC HELP Custom User Default Maintenance – SUN Figure 13 Minimum password change (days): Maximum password change (days): Password change warning (days): Maximum inactive time (days): Expiration date (MM/DD/YY): 2.2 USER MAINTENANCE @long Department Telephone Password UID @long Home Directory Command Enter field number, “C”ustom, “F”ile, “DEL”ete or <ESC> to exit Figure 15 Page DEL Are you sure you want to delete the entire record(YES/NO) YES Figure 16 Figure 17 Change ownership of these files to another user Figure 18 Figure 19 Do not delete this user 2.3 GROUP MAINTENANCE Enter field number, “F”ile, “DIS”play users, “DEL”ete or <ESC> to exit Do you want to update the UNIX group file (Y/N) DIS Figure 21 Figure 22 Figure 23 Continue to delete the group/leave files as they are Change ownership of these files to another group Figure 24 Figure 25 Do not delete this group 2.4 FILE SYSTEM Figure 27 EXP Enter name for cross reference: Figure 28 Detailed File View Figure 29 Last Access: Last Modify: Last Change: Owner Enter the user to be the file owner Group Permissions r - read permission w - write permission x - execute permission ACLs Maintenance Page Page More File Manager Views Page Figure 31 Enter the group name or GID to view (@ for X-ref): 2.5 COMMAND MAINTENANCE 5. Database Commands Command Maintenance Account Name VOC Command Subroutine - Execute from inside a program only - Both use at database prompt and from within a program - Unlimited use - No use “@ name” Enter Field Number, "F"ile, "DEL"ete or <ESC> to Exit: Enter Line # of Groups (or Users) (1-N) "A"dd, "F"orward or "B"ack Page Enter line # of Group (or User) 2.6 USER ITEM PROTECTION MAINTENANCE 6. User Defined Items User Item Protection Maintenance ACCOUNT NAME SENTRY.USER.ITEMS User Item Name Rights @name Page "A"dd, "F"orward or "B"ack Page: 3.Reports Menu 3.0 REPORTS MENU Command Protection Access Violations 3.1 SYSTEM PROFILE REPORT Enable Password Aging Password Life Default Password Format Mask Page Page Page 3.2 USER PROFILES GID Name Supplementary Groups Login Shell or Command 3.3 GROUPS REPORT GID for Users 3.4 ACCOUNT PROTECTION REPORT Group Name & Rights User Name & Rights 3.5 COMMAND PROTECTION REPORT Page 3.6 ACCESS VIOLATIONS REPORT Violation Item 4.Utilities Menu 4.0 UTILITIES MENU Rebuild SENTRY Cross Reference Files Update Protected Commands to Account VOC Files 4.1 VOC PROTECTION SETUP 4.2 PUGING THE VIOLATIONS LOG Page 4.3 PASSWORD CREATION Page User Names “Enter field number, “OK” to begin ...” User Profiles Do you wish to update passwords immediately Enter “OK” when you are ready to begin generating new passwords 4.4 REBUILD CROSS REFERENCE FILES 4.5 UPDATE PROTECTED COMMANDS Page SENTRY INTERNAL SUBROUTINES Subroutine: SENTRY.ENCRYPT DATA ENCRYPTION Subroutine: SENTRY.USER.ITEM.CONTROL ERROR.TEXT = “””” USER.ITEM (Input) ITEM.FOUND (Output) ACCESS.RIGHTS (Output) ERROR.TEXT (Output) Page Subroutine: SENTRY.VIOLATION.STAMP Page Page SENTRY KEY BINDINGS NOTE : DO NOT