| Title: | DECnet/OSI for OpenVMS |
| Moderator: | TUXEDO::FONSECA |
| Created: | Thu Feb 21 1991 |
| Last Modified: | Fri Jun 06 1997 |
| Last Successful Update: | Fri Jun 06 1997 |
| Number of topics: | 3990 |
| Total number of notes: | 19027 |
I recently upgraded my workstation to VMS Alpha 7.1 with DECnet Plus
7.1 (previousy this was a Phase IV node). Now I keep getting network
login failues such as the following -
03:06:30.99 Network login failure
User Account: CML$SERVER
Process Type: Network
Login Source: LOCAL:.CLYDES, User: ROOT
Local Node: GRUFFY
Final Status: you are not authorized to login today
04:06:17.01 Network login failure
User Account: CML$SERVER
Process Type: Network
Login Source: LOCAL:.CLYDES, User: ROOT
Local Node: GRUFFY
Final Status: you are not authorized to login today
These occur every hour. You also get similar failures if a phase IV
node tries doing a NCP TELL NODE ... command.
Anyone have any idea what needs to be done to clear this up?
| T.R | Title | User | Personal Name | Date | Lines |
|---|---|---|---|---|---|
| 3844.1 | MARVIN::CARLINI | Fri Jan 24 1997 10:03 | 10 | ||
Sounds like someone somewhere is doing is doing
$ MC NCL SHOW NODE GRUFFY something
but you have configured DECnet-Plus not to let them in by disabling
network access via CML$SERVER. If this is not what you meant to do,
then you can reconfigure the CML$SERVER account in AUTHORIZE. Or you
can track down the owner of CLYDES (start with VTX EASYNET) and ask
them why they are polling your node.
Antonio
| |||||
| 3844.2 | CML$SERVER settings | GRUFFY::ZAHORA | Rob Zahora | Fri Jan 24 1997 12:54 | 45 |
Thanks for the suggestions. I did send a message to CLYDES but have
not received a reply yet.
As for the CML$SERVER account, how is it supposed to be set? I haven't
delt with this one before although I do know that the security
compliance manager wants it to be deleted. Currently the account is
set as follows -
UAF> show/full cml$server
Username: CML$SERVER Owner: CML$SERVER Default
Account: DECNETV UIC: [376,366]
([DECNET,CML$SERVER])
CLI: DCL Tables: DCLTABLES
Default: SYS$SPECIFIC:[CML$SERVER]
LGICMD: NLA0:
Flags: Restricted GenPwd
Primary days: Mon Tue Wed Thu Fri
Secondary days: Sat Sun
Primary 000000000011111111112222 Secondary 000000000011111111112222
Day Hours 012345678901234567890123 Day Hours 012345678901234567890123
Network: ----- No access ------ ----- No access ------
Batch: ----- No access ------ ----- No access ------
Local: ----- No access ------ ----- No access ------
Dialup: ----- No access ------ ----- No access ------
Remote: ----- No access ------ ----- No access ------
Expiration: (none) Pwdminimum: 8 Login Fails: 79
Pwdlifetime: 90 00:00 Pwdchange: (pre-expired)
Last Login: (none) (interactive), (none)
(non-interactive)
Maxjobs: 0 Fillm: 100 Bytlm: 64000
Maxacctjobs: 0 Shrfillm: 0 Pbytlm: 0
Maxdetach: 0 BIOlm: 150 JTquota: 4096
Prclm: 8 DIOlm: 150 WSdef: 2000
Prio: 4 ASTlm: 250 WSquo: 4000
Queprio: 4 TQElm: 10 WSextent: 16384
CPU: (none) Enqlm: 2000 Pgflquo: 50000
Authorized Privileges:
NETMBX TMPMBX
Default Privileges:
NETMBX TMPMBX
Identifier Value Attributes
NET$EXAMINE %X91F50001
| |||||
| 3844.3 | MARVIN::CARLINI | Fri Jan 24 1997 15:40 | 11 | ||
You have no network access permitted to CML$SERVER. Inspect wants it
wiped because it has never been used.
If you want to let people from all over the network look at your system
(this is the default) you should do something like:
$ MC AUTHORIZE MOD CML$SERVER/NETWORK.
Once the account starts to be used, INSPECT will stop complaining.
Antonio
| |||||