Conference ranger::pwosf

1797.0. "External LanMan authentication" by BIGUN::PHILLIPS () Wed Mar 26 1997 00:44

    My customer has a mix of VMS and Windows NT systems, and is preparing
    to add Digital UNIX to the mix.
    They like the idea of using LanMan domains for authentication for all
    their systems.
    The current username policy has names of the form surname_II i.e.
    surname followed by 2 initials.
    This originated on VMS with 12 character usernames, and is no problem
    on Windows NT with 14 character usernames.
    
    UNIX however is a problem with 8 character names. (Most existing usernames 
    have more than 8 characters.)
    
    I believe that we can map LanMan names to UNIX names.
    
    The question is, can we use the LanMan names when logging on
    interactively to UNIX, in the same way that VMS v7.1 allows?
    
    We can probably live with squashed names in the /etc/passwd file as
    most users won't get shell access and will only need their username for
    initial logon.
    
    The password assistant in PW32 won't help as we will have a significent
    number of terminal users for some time.
    
    Any other suggestions for attacking this problem?
    
    Thanks for any help.

Yes, you can map lanman names to Unix.

I don't understand this;

>The question is can we use the LanMan names when logging on
>interactively to UNIX, in the same way that VMS v7.1 allows?

What does VMS 7.1 allow?  You cannot log into Unix with a
LanMan user name.  You can do a net logon only.  

Julia

    >What does VMS 7.1 allow?
    
    The "Single Signon" feature of OpenVMS 7.1 allows an OpenVMS user to
    have it's password authenticated by an external source. This means that
    a user SET HOSTing or TELNETing to an OpenVMS system types their
    username & password, the pair is sent to an exernal source -- an NT
    server -- and validated there.