| T.R | Title | User | Personal
Name | Date | Lines |
|---|
| 3304.1 | Depends on VMS LM settings... | MS3100::SCHELL | Mark Schell, 910-996-3676, OpenVMS and NT Partner | Sun Sep 10 1995 20:52 | 35 |
| 3304.2 | | TOHOPE::TOHOPE::VORE_S | Raise The Standard | Mon Sep 11 1995 08:31 | 4 |
| 3304.3 | Future includes integrated VMS / NT logins ,, | OTOU01::MAIN | Systems Integration-Canada,633-3709 | Wed Sep 13 1995 19:23 | 9 |
| 3304.4 | | COOKIE::FROEHLIN | Let's RAID the Internet! | Mon Mar 10 1997 11:02 | 9 |
| re.3:
Anyone knows which versions of NT and VMS support the integrated
logins? I'm not talking about Pathworks involvement here...pure
NT and VMS. Kind of having the password authorization files either
mirrored or one common file.
Thanks
Guenther
|
| 3304.5 | | MPOS01::naiad.mpo.dec.com::mpos01::cerling | I'[email protected] | Tue Mar 11 1997 07:41 | 10 |
|
How do you expect VMS to recognize LANMAN without PATHWORKS? That
is the component that permits VMS to participate in the NT domain.
VMS V7.1 with PATHWORKS V6.0 and NT V4.0 provides the ability to
have a common logon. Changing the password or adding a user on
either system is reflected to the other system, as long as they are
both installed as some kind of domain controller. These versions on
VMS permit the VMS system to be the PDC, if desired.
tgc
|
| 3304.6 | | COOKIE::FROEHLIN | Let's RAID the Internet! | Tue Mar 11 1997 09:26 | 9 |
| .5> How do you expect VMS to recognize LANMAN without PATHWORKS? That
I'm not talking LAN-what-so-ever. Just account controll. I thought the
VMS Affinitiy project would provide the capability to share/synchronize
accounts without Pathworks. Maybe this question is more appropriate in
VMSland then?
Thanks
Guenther
|
| 3304.7 | you mean Single SignOn? | SUFRNG::VMSNET::S_VORE | Smile - Mickey's Watching! | Tue Mar 11 1997 11:11 | 189 |
| If you mean the new Single SignOn feature, here's a document that might
help you get started...
(ah, and while I was looking for that, I also came across some URL's as
well:
http://bachus.bro.dec.com/stn/text/EXTERNAL_AUTHENTIFICATION.TXT
http://kaler.zko.dec.com/nt/infrastructure/ss_main.htm
http://kaler.zko.dec.com/nt/infrastructure/ss_dev_guide.htm
)
[PW-VMS]V5 Single Signon OpenVMS 7.1 and PATHWORKS for OpenVMS 5.0E
Any party granted access to the following copyrighted information
(protected under Federal Copyright Laws), pursuant to a duly executed
Digital Service Agreement may, under the terms of such agreement copy
all or selected portions of this information for internal use and
distribution only. No other copying or distribution for any other
purpose is authorized.
Copyright (c) Digital Equipment Corporation 1995. All rights reserved.
PRODUCT: PATHWORKS for OpenVMS (LAN Manager), Version 5.0E
OP/SYS: OpenVMS, Version 7.1
SOURCE: Digital Equipment Corporation
INFORMATION:
This article contains the following information:
o What is external authorization?
o The steps to enable the System, Account, and Hostmap a user.
o Brief example of password synchronization.
Note: Synchronizing the Passwords may fail due to different sets of
valid characters permitted for use as passwords.
---------------------------------------------------------------------------
What is external authorization ?
External authorization will allow LAN Manager users to log in to
OpenVMS using the LAN Manager credentials. (Single signon)
Three steps are required to enable the single signon.
1. Setup the OpenVMS system
o Install, Configure, and Start the required network software.
o Put the following commands in SYS$STARTUP:SYSSTARTUP_VMS.COM
after the network is started.
$ @SYS$STARTUP:PWRK$STARTUP
$ DEFINE/SYS/EXEC SYS$ACME_MODULE PWRK$ACME_MODULE
$!
$!
$! The command below allows a non-priv user, ie NO sysprv
$! to use the /LOCAL_PASSWORD qualifier after their
$! OpenVMS Username at login and validate from the local
$! SYSUAF.DAT.
$!
$!
$!
$ define/sys/exec sys$single_signon 1
2. Enable a User account for External Authentication.
o Put the flag extauth on the users account.
* New Account:
$ MCR Authorize
UAF> add username /flag=(extauth,nodisuser) -
_UAF> /uic=[nnn,nnn]
UAF> exit
* Existing Account:
$ MCR Authorize
UAF> Mod username /flag=(extauth)
UAF> exit
3. Setup the Hostmapping LAN Manager account to OpenVMS account.
o PATHWORKS' Admin/PATHWORKS will be used for this step.
$ admin/path
Shortcut: In an X-Window terminal you can use the
Mouse.
* Logon as an admin user
* Choose Accounts Menu
* Select Users
* Select a user to setup
Shortcut:
- Highlight the first username.
- Type the first letter of the username
you would like to select.
- Notice it has jumped to the first
instance of that letter.
- Scroll down to the actual user.
* Choose Zoom
* Enter the OpenVMS username that you want this LAN
Manager account to be hostmapped to.
* Choose OK
Example of the Account Screen for the selected user:
___________________________________________________________________________
View the user account: Bogus
Full Name: Bill Bogus
Comment:
User Comment: Bill Bogus
Country Code: 0 Host Map: BBogus
Last Logon: Thu Sep 7 05:35:22 1995 Failed Logons: 0
Password: 0 Disable Account
Password Last Changed: Mon Dec 23 22:28:59 1996
Next Change Available: 00:00:00
Password Expires: Never
Privilege Level Operator Privileges
O Guest X User O Admin O 1.Server O 2.Accounts
O 3.Print O 4.Comm
OK Cancel Groups Logon Paths Hostname Help
___________________________________________________________________________
How Password Synchronizing works:
o Set Password command issued by OpenVMS user (setup for external
authentication).
- OpenVMS forwards the request to the LAN Manager server.
- LAN Manager server sets password.
- OpenVMS updates the OpenVMS users password.
The Synchronizing of the external authentication enabled users password
will automatically synchronize with the hostmapped LAN Manager account.
It doesn't matter what the role of the LAN Manager server in the domain is.
o OpenVMS will synchronize the LAN Manager password with the hostmapped
OpenVMS users password when the user logs in to the OpenVMS system.
---------------------------------------------------------------------------
SEARCH/QUERY WORDS: SINGLE SIGNON 5.0E
|