[Search for users] [Overall Top Noters] [List of all Conferences] [Download this site]

Conference vaxaxp::vmsnotes

Title:	VAX and Alpha VMS
Notice:	This is a new VMSnotes, please read note 2.1
Moderator:	VAXAXP::BERNARDO

Created:	Wed Jan 22 1997
Last Modified:	Fri Jun 06 1997
Last Successful Update:	Fri Jun 06 1997
Number of topics:	703
Total number of notes:	3722

213.0. "UAF>mod user/priv=all NOT working" by TAV02::CHAIM (Semper ubi Sub ubi .....) Wed Feb 19 1997 01:14

I thought that I had posted this note on Sunday, February 16.

OpenVMS V6.2 VAX

A system manager has been attempting to do the following:

$mc authorize
UAF>mod user/privliges=all/defpriv=all
OR
$mc authorize
UAF>mod user/privliges=noall/defpriv=noall

She receives a message as if the user record has been updated, but a 
$mc authorize
UAF>sho user

does NOT show either all or no provileges.

I asked her to do this in such a way that all the output is recorded in a file,
and she FAXed me this output, and indeed what she describes is really
happening.

She has a define/system/exec sysuaf sys$system:sysuaf.dat

Now we tried the following. We made a copy of the current sysuaf.dat via
backup/ignore. Now she has two sysuaf.dat files; 1 and 2. She defined a process
sysuaf logical pointing to the ;2 and this still failed. She defined a process
sysuaf logical pointing to the ;1 and this still worked. 

So now she did the following. She defined a process sysuaf logical pointing to
the ;2 and this still failed. Now she made a third copy of sysuaf and without
changing the sysuaf logical (which is still pointing explicitly to ;2) it
worked.

In other words it fails ONLY when attempting to work on the latest version;
attempting to work on any lower versions apperas to work.

I have looked through COMET but I haven't found any problem which appears even
similar. 

Thanks,

Cb.

T.R	Title	User	Personal Name	Date	Lines
213.1	Please see .4 for correction	ALPHAZ::HARNEY	John A Harney	`Wed Feb 19 1997 08:56`	12
	re: .0 Please get her to MAIL the output of this problem so we can all see it. I'd suggest: a) Turn on AUDITS. No sense guessing what's happening when we can see for ourselves. b) Try the /PRIV and /DEVPRV (notice spelling, please!) commands on separate lines, and see if that helps. \john
213.2	Test Sequence	XDELTA::HOFFMAN	Steve, OpenVMS Engineering	`Wed Feb 19 1997 09:43`	54
	Get rid of all logicals and all other site-specific hackery for some tests -- reboot the system with the SYSGEN parameter STARTUP_P1 set to "MIN". Use the following command sequence on the system console terminal, having the customer mail the results to us: Username: SYSTEM/NOCOMMAND Password: <password> ... $ SET DEFAULT SYS$SYSTEM: $ SHOW LOGICAL SYSUAF/FULL $ ANALYZE/RMS SYS$SYSTEM:SYSUAF.DAT $ WRITE SYS$OUTPUT "''F$ENVIR(""MESSAGE"")'" $ RUN AUTHORIZE UAF> SHOW TEST_TARG UAF> CREATE TEST_TARG/PRIVILEGE=ALL/UIC=[555,1212]/PASS=BOGUS UAF> SHOW TEST_TARG UAF> <CTRL/Z> $ RUN AUTHORIZE UAF> SHOW TEST_TARG UAF> MODIFY TEST_TARG/PRIVILEGE=NOALL UAF> SHOW TEST_TARG UAF> <CTRL/Z> $ RUN AUTHORIZE UAF> SHOW TEST_TARG UAF> REMOVE TEST_TARG UAF> <CTRL/Z> If the above sequence works as expected, then reboot with STARTUP_P1 set back to the "" default value. Use the (same) command sequence: Username: SYSTEM/NOCOMMAND Password: <password> ... $ SET DEFAULT SYS$SYSTEM: $ SHOW LOGICAL SYSUAF/FULL $ ANALYZE/RMS SYS$SYSTEM:SYSUAF.DAT $ WRITE SYS$OUTPUT "''F$ENVIR(""MESSAGE"")'" $ RUN AUTHORIZE UAF> CREATE TEST_TARG/PRIVILEGE=ALL/UIC=[555,1212]/PASS=BOGUS UAF> SHOW TEST_TARG UAF> <CTRL/Z> $ RUN AUTHORIZE UAF> SHOW TEST_TARG UAF> MODIFY TEST_TARG/PRIVILEGE=NOALL UAF> SHOW TEST_TARG UAF> <CTRL/Z> $ RUN AUTHORIZE UAF> SHOW TEST_TARG UAF> REMOVE TEST_TARG UAF> <CTRL/Z> Have the customer send us the results of both command sequences.
213.3		AUSS::GARSON	DECcharity Program Office	`Wed Feb 19 1997 16:52`	6
	re .1 > b) Try the /PRIV and /DEVPRV (notice spelling, please!) commands ^^^^^^ Well, /DEFPRIVILEGES is closer to reality.
213.4		ALPHAZ::HARNEY	John A Harney	`Wed Feb 19 1997 19:32`	7
	re: .3, .0 Please disregard my DEVPRV comment in .1. Not only can't I type, but I was wrong on the spelling I thought I had right. Both DEFPRV and DEFPRIV are accepted by AUTHORIZE. \john
213.5	/DEFPRIV	TAV02::CHAIM	Semper ubi Sub ubi .....	`Thu Feb 20 1997 01:00`	32
	> >Please get her to MAIL the output of this problem so we can all see it. > This is a military installation so she won't be able to e-mail it to me, but I'll ask her to send me the file. I have a FAX which shows that she is correct. > b) Try the /PRIV and /DEVPRV (notice spelling, please!) commands > on separate lines, and see if that helps. > I beg your pardon, but I believe the CORRECT spelling is /DEFPRIV Parameter Qualifiers /ACCESS /ACCOUNT /ALGORITHM /ASTLM /BATCH /BIOLM /BYTLM /CLI /CLITABLES /CPUTIME /DEFPRIVILEGES /DEVICE /DIALUP /DIOLM /DIRECTORY /ENQLM /EXPIRATION /FILLM /FLAGS /GENERATE_PASSWORD /INTERACTIVE /JTQUOTA /LGICMD /LOCAL /MAXACCTJOBS /MAXDETACH /MAXJOBS /MODIFY_IDENTIFIER /NETWORK /OWNER /PASSWORD /PBYTLM /PGFLQUOTA /PRCLM /PRIMEDAYS /PRIORITY /PRIVILEGES /PWDEXPIRED /PWDLIFETIME /PWDMINIMUM /REMOTE /SHRFILLM /TQELM /UIC /WSDEFAULT /WSEXTENT /WSQUOTA Examples /IDENTIFIER /PROXY /SYSTEM_PASSWORD MODIFY Subtopic? Thanks, Cb.