Oracle® Communications EAGLE Database Administration - System Management User's Guide Release 46.6 E93319 Revision 1 |
|
![]() Previous |
![]() Next |
This procedure is used to add a user to the EAGLE using the ent-user
command. This procedure can only be performed if you have been assigned the command class “Security Administration.” If the user ID does not exist in the database, the user’s characteristics cannot be changed.
Note:
This procedure can be performed on all terminals (1 - 40) if the Eagle OA&M IP Security Enhancements feature is on. If this feature is on, the entryYES
is shown for terminals 17 through 40 in the SECURE
column in the rtrv-trm
output. The output of the rtrv-ctrl-feat
command also shows if this feature is on or off. If this feature is off, this procedure can be performed only on terminals 1 through 16. If you wish to use the Eagle OA&M IP Security Enhancements feature, and the feature is not on, performActivating the EAGLE OA&M IP Security Enhancement Controlled Feature to enable and turn on this feature.The ent-user
command uses these parameters.
:uid
– The user ID to be added to the database
:all
– The user has access to all commands in all non-configurable command classes (dbg
, link
, sys
, sa
, pu
, db
).
:dbg
– The user has access to all commands in the command class “Debug.”
:link
– The user has access to all commands in the command class “Link Maintenance.”
:sys
– The user has access to all commands in the command class “System Maintenance.”
:sa
– The user has access to all commands in the command class “Security Administration.”
:pu
– The user has access to all commands in the command class “Program Update.”
:db
– The user has access to all commands in the command class “Database Administration.”
:cc1
- :cc8
– Eight configurable command classes. These parameters specified whether or not the user has access to the commands in the specified configurable command class. The value of these parameters consist of the configurable command class name (1 alphabetic character followed by 2 alphanumeric characters), and either yes or no. The command class name and the yes or no values are separated by a dash. For example, to assign a user the permission to use the commands in configurable command class db1
, the cc1=db1-yes
parameter would be specified.
To specify any configurable command classes, the Command Class Management feature must be enabled and turned on. Enter the rtrv-ctrl-feat
command to verify whether or not the Command Class Management feature is enabled. If the Command Class Management feature is not enabled or turned on, perform Activating Controlled Features to enable and turn on the Command Class Management feature. Up to 32 configurable command classes can be assigned to users. When the Command Class Management feature is enabled and turned on, the configurable command class names are given the names u01
- u32
. These command class names, the descriptions of these command classes, and the commands assigned to these command classes can be changed using Configuring Command Classes.
The ent-user
command allows up to eight configurable command classes to be assigned to the user. Perform Changing User Information to assign the other 24 configurable command classes to the user, if desired.
:page
– The amount of time, in days, that the specified user’s password can be used before the user must change their password.
If the page
parameter is not specified with the ent-user
command, the EAGLE uses the value configured for the page
parameter specified by the chg-secu-dflt
command to determine the age of the user’s password.
:uout
– The number of consecutive days that a user ID can remain active in the EAGLE and not be used. When the user ID has not been used for the number of days specified by the uout
parameter, that user ID is no longer valid and the EAGLE rejects any attempt to log into the EAGLE with that user ID.
If the uout
parameter is not specified with the ent-user
command, the EAGLE uses the value configured for the uout
parameter specified by the chg-secu-dflt
command to determine the number of consecutive days that a user ID can remain active on the EAGLE and not be used
:revoke
– Is the specified user ID in service? Any login attempts using a revoked user ID are rejected by the EAGLE. The revoke=yes
parameter cannot be specified for a user ID assigned to the security administration command class.
The words seas
or none
cannot be used for user IDs to prevent any conflict with the use of these words in the UID field of the security log. The word none
in the UID field of the security log refers to any command that was logged that had no user ID associated with it. The word seas
refers to any command logged in the security log that entered the EAGLE on either of the SEAS terminals.
This example shows an rtrv-secu-user
command output when the Command Class Management feature is enabled and turned on. If the Command Class Management feature is not enabled and turned on, the 32 configurable command classes, shown in the following example as fields U01
- U32
, are not shown in the rtrv-secu-user
command output.
An asterisk (*) displayed after the value in the PAGE
or UOUT
fields indicates that the system-wide default page
or uout
parameter values, as configured on the chg-secu-dflt
command, is in effect for the user ID.
rlghncxa03w 09-03-01 08:33:48 GMT EAGLE5 40.1.0 USER ID AGE PAGE UOUT REV LINK SA SYS PU DB DBG frodo 750 0 0 NO YES YES YES YES YES YES U01 U02 U03 U04 U05 U06 U07 U08 U09 U10 U11 U12 U13 U14 U15 U16 YES YES YES YES YES YES YES YES YES YES YES YES YES YES YES NO U17 U18 U19 U20 U21 U22 U23 U24 U25 U26 U27 U28 U29 U30 U31 U32 YES YES YES YES YES YES YES YES YES YES YES NO NO NO NO YES USER ID AGE PAGE UOUT REV LINK SA SYS PU DB DBG manny 36 60 60 NO YES YES YES YES YES YES U01 U02 U03 U04 U05 U06 U07 U08 U09 U10 U11 U12 U13 U14 U15 U16 NO NO NO NO YES YES YES YES YES YES YES YES YES YES YES YES U17 U18 U19 U20 U21 U22 U23 U24 U25 U26 U27 U28 U29 U30 U31 U32 YES YES YES YES YES YES YES YES YES YES YES NO NO NO NO YES USER ID AGE PAGE UOUT REV LINK SA SYS PU DB DBG moe 100 30 60 YES YES YES YES YES YES YES U01 U02 U03 U04 U05 U06 U07 U08 U09 U10 U11 U12 U13 U14 U15 U16 YES YES YES YES YES YES YES YES YES YES YES YES YES YES YES NO U17 U18 U19 U20 U21 U22 U23 U24 U25 U26 U27 U28 U29 U30 U31 U32 YES YES YES YES YES YES YES YES YES YES YES YES YES NO NO NO USER ID AGE PAGE UOUT REV LINK SA SYS PU DB DBG jack 10 30 * 30 * NO YES YES YES YES YES YES U01 U02 U03 U04 U05 U06 U07 U08 U09 U10 U11 U12 U13 U14 U15 U16 YES YES YES YES YES YES YES YES YES YES YES YES YES YES YES YES U17 U18 U19 U20 U21 U22 U23 U24 U25 U26 U27 U28 U29 U30 U31 U32 YES YES YES YES YES YES NO NO NO NO YES YES YES YES YES NO
Canceling the RTRV-SECU-USER
Command
Because the rtrv-secu-user
command used in this procedure can output information for a long period of time, the rtrv-secu-user
command can be canceled and the output to the terminal stopped. There are three ways that the rtrv-secu-user
command can be canceled.
F9
function key on the keyboard at the terminal where the rtrv-secu-user
command was entered.canc-cmd
without the trm
parameter at the terminal where the rtrv-secu-user
command was entered.canc-cmd:trm=<xx>
, where <xx>
is the terminal where the rtrv-secu-user
command was entered, from another terminal other that the terminal where the rtrv-secu-user
command was entered. To enter the canc-cmd:trm=<xx>
command, the terminal must allow Security Administration commands to be entered from it and the user must be allowed to enter Security Administration commands. The terminal’s permissions can be verified with the rtrv-secu-trm
command. The user’s permissions can be verified with the rtrv-user
or rtrv-secu-user
commands.For more information about the canc-cmd
command, go to Commands User's Guide.
Figure 4-6 Adding a User to the System
Sheet 1 of 2
Sheet 2 of 2