| .-1 is correct. The external authentication feature allows LAN Manager username
and password information to be used to grant access to OpenVMS via a logon.
PATHWORKS maps a LAN Manager username to a native SYSUAF-based username which is
then used to construct the normal OpenVMS process profile. SYSUAF information
does not flow out to LAN Manager.
External authentication is use dby LOGINOUT for interactive and network logins
and for password changes using SET PASSWORD.
In this context, external authentication means the following:
"For users that have the EXTAUTH flag set in their SYSUAF.DAT account
record, authentication will be based on an external policy (in this
case LAN Manager username and password) rather than the password
stored in the SYSUAF.DAT file. All other SYSUAF.DAT information
remains in effect (ie., modal restrictions, DISUSER, quotas, etc.)"
What does this accomplish?
For interactive and network logins, the user is able to use the same username
and password for logins to OpenVMS or LAN Manager (Windows 3.x, Windows 95,
Windows NT). The actual LAN Manager username and password is used - not
synchronized copies. For password changes from SET PASSWORD, the actual LAN
Manager password is updated.
External authentication is not a panacea. All existing OpenVMS
applications that need to perform some form of their own authentication will
continue to operate using the SYSUAF.DAT policy. This software will not know
about the LAN Manager policy. In order for this software to work correctly, the
SYSUAF.DAT password must be kept synchronized with the LAN Manager policy - this
is not always possible. There's plenty of room for confusion depending on the
application mix. Please refer to the release notes for more details.
|