Notes

1. Any TAS user can create a password, but only the superuser root can delete passwords. When the superuser deletes a user's password for a realm, the user does not have access to that realm. Only the superuser can reinstate a deleted password for a realm.

2. Users can create or modify their own passwords. If a user has different passwords for different realms, an error message appears when the user tries to change the password across all realms simultaneously.

3. When a user changes a password, the system prompts for the old password, the new password, and re-entry of the new password. The system does not prompt for the existing password when the superuser modifies or deletes the password of a TAS user.

4. You can configure a null password by entering a carriage return at the password prompt.

5. When you set the client-encryption attribute to on, only users who have entries in the TAS password file can access TAS realms. When you set client-encryption to off, only users who have entries in the UNIX password file can access TAS realms.

6. When you delete a TAS password, you do NOT delete the corresponding DCE and UNIX passwords.

7. In Distributed Computing Environment (DCE), TAS regards DCE as a TotalNET realm, along with NB, NW, AT, and UNIX. This provides a way of synchronizing the passwords of all realms, including DCE if it exists on the server. When changing a DCE user's password, you should use one password for all supported realms--NB, NW, AT, UNIX, and DCE. To change a DCE password entry, you must use tnpasswd to define -r DCE. Defining -r DCE only changes the DCE password. If you do not define the DCE realm, the TAS system changes the password for all realms except DCE. You cannot create or delete DCE user names and passwords with this command. Use the DCE administration interface to administer DCE passwords externally.