4.361 ent-user

Use this command to add a user to the database. When you first enter the command, the system prompts you for the user’s password, which must follow the administered password guidelines. For security reasons, the password is not displayed. After successfully entering a user password, you are prompted to verify it by entering it again.

Parameters

Note:

Allcc(X)parameters consist of a configurable command class name (ayy), and indicator (-yesor-no) to specify whether the command class is allowed. A value ofayy-yesindicates that the value is allowed. A value ofayy-noindicates that the value is not allowed.
uid (mandatory)
User ID
Range:
azzzzzzzzzzzzzzz

1 alphabetic character followed by up to 15 alphanumeric characters (including asterisks, single quotes, and commas)

all (optional)
This parameter specifies whether the user ID is assigned all non-configurable command classes (LINK, SA, SYS, PU, DB, DBG, LNP).
Range:
yes
no
Default:
no
cc1 (optional)
Configurable command class name and an indicator to specify whether the User ID can enter commands assigned to the specified command class.
Range:
ayy-yes, ayy-no

ayy—Command class name of 1 alphabetic character followed by 2 alphanumeric characters

no —the command class is not allowed

yes —the command class is not allowed

cc2 (optional)
Configurable command class name and an indicator to specify whether the User ID can enter commands assigned to the specified command class.
Range:
ayy-yes, ayy-no

ayy—Command class name of 1 alphabetic character followed by 2 alphanumeric characters

no —the command class is not allowed

yes —the command class is not allowed

cc3 (optional)
Configurable command class name and an indicator to specify whether the User ID can enter commands assigned to the specified command class.
Range:
ayy-yes, ayy-no

ayy —Command class name of 1 alphabetic character followed by 2 alphanumeric characters

no —the command class is not allowed

yes —the command class is allowed

cc4 (optional)
Configurable command class name and an indicator to specify whether the User ID can enter commands assigned to the specified command class.
Range:
ayy-yes, ayy-no

ayy—Command class name of 1 alphabetic character followed by 2 alphanumeric characters

no —the command class is not allowed

yes —the command class is allowed

cc5 (optional)
Configurable command class name and an indicator to specify whether the User ID can enter commands assigned to the specified command class.
Range:
ayy-yes, ayy-no

ayy—Configurable command class name of 1 alphabetic character followed by 2 alphanumeric characters

no —the command class is not allowed

yes —the command class is allowed

cc6 (optional)
Configurable command class name and an indicator to specify whether the User ID can enter commands assigned to the specified command class.
Range:
ayy-yes, ayy-no

ayy—Configurable command class name of 1 alphabetic character followed by 2 alphanumeric characters

no —the command class is not allowed

yes —the command class is allowed

cc7 (optional)
Configurable command class name and an indicator to specify whether the User ID can enter commands assigned to the specified command class.
Range:
ayy-yes, ayy-no

ayy—Configurable command class name of 1 alphabetic character followed by 2 alphanumeric characters

no —the command class is not allowed

yes —the command class is allowed

cc8 (optional)
Configurable command class name and an indicator to specify whether the User ID can enter commands assigned to the specified command class.
Range:
ayy-yes, ayy-no

ayy—Configurable command class name of 1 alphabetic character followed by 2 alphanumeric characters

no —the command class is not allowed.

yes —the command class is allowed

db (optional)
Access to all commands in command class Database Administration.
Range:
yes
no
Default:
no
dbg (optional)
Access to all commands in command class Debug.
Range:
yes
no
Default:
no
link (optional)
Access to all commands in command class Link Maintenance.
Range:
yes
no
Default:
no
page (optional)
The maximum age of the password, in days. The STP automatically prompts the user for a new password at login if the user’s password is older than the value specified for this parameter.
Range:
0-999
Default:
The value specified for the page parameter in the chg-secu-dflt command
pu (optional)
Access to all commands in command class Program Update.
Range:
yes
no
Default:
no
revoke (optional)
Revoke the user ID. The system rejects login attempts for a revoked user ID.
Range:
yes
no
Default:
no
sa (optional)
Access to all commands in command class Security Administration.
Range:
yes
no
Default:
no
sys (optional)
Access to all commands in command class System Maintenance.
Range:
yes
no
Default:
no
uout (optional)
User ID aging interval. The number of successive days a user ID can go unused (no successful login) before the system denies login of that user ID.
Range:
0 - 999
Default:
The value specified for the uout parameter in the chg-secu-dflt command

Example

ent-user:uid=john:db=yes

ent-user:uid=john*mayer:db=yes

ent-user:uid=user123:cc5=u21-yes:cc8=u32-yes

Dependencies

Passwords cannot be created or modified from a telnet terminal (terminal IDs 17-40) without the OA&M IP Security Enhancements feature turned on.

The specified user ID cannot already exist.

The user IDs seas or none cannot be entered because they are reserved for system use. Up to 100 users can be entered.

The revoke=yes parameter cannot be specified for a user ID with system administration authorization.

The Command Class Management feature must be enabled before a configurable command class name can be specified in the cc1-cc8 parameters.

The CCCNAMES table must be accessible.

The UserID table must be accessible.

The Security Defaults table must be accessible.

The cc1-cc8 parameter values must have valid default or provisioned configurable command class names. Default names are u01-u32 .

Notes

To disable user ID aging, specify the uout=0 parameter.

The Database Administration Manual - System Management provides a list of all commands allowed within each command class.

Up to 8 configurable command class name parameters can be specified in one command. Additional commands can be entered to assign user access for more than 8 names. To assign user access for all 32 available configurable command class names, four commands could be entered with 8 names specified in each command.

A password must be entered for the newly-created userID. The system issues a separate prompt for this password and disables character echo at the terminal so that the entered password is not displayed on the screen.

After the password has been entered, the system issues a second prompt, and the password must be entered again. This ensures that no typing mistakes were made on the first entry.

Use the following rules for creating passwords:

  • A new password cannot contain more than 20 characters.
  • A new password must contain at least the number of characters that is specified in the minlen parameter of the chg-secu-dflt command.
  • A new password must contain at least the number of alphabetic ( alpha parameter), numeric ( num parameter), and punctuation ( punc parameter) characters that is specified in the chg-secu-dflt command.
  • A new password cannot contain the associated user ID.

As a default, the command class Basic is assigned to all users. If no other command class is assigned, the user still has access to commands in the Basic class.

Output

ent-user:uid=john*mayer:db=yes 

    rlghncxa03w 04-01-07 11:11:28 EST  EAGLE 31.3.0
    ENT-USER: MASP A - COMPLTD 
;
ent-user:uid=test 
    tklc1121003 21-06-24 15:03:15 EST  EAGLE 47.0.0.0.0
    New password must contain:
      - between 8 and 20 characters
      - at least 8 alphabetic character(s) ('a'-'z')
      - at least 1 numeric character(s) ('0'-'9')
      - at least 1 punctuation character(s) (e.g. $%@#)
    New password must:
      - be unique from the old password
      - be unique from the last 8 historical password(s)
      - not reuse more than 4 character(s) from the old password
;
    tklc1121003 21-06-24 15:03:26 EST  EAGLE 47.0.0.0.0
    ENT-USER: MASP A - COMPLTD
;

Related Topics