[Search for users] [Overall Top Noters] [List of all Conferences] [Download this site]

Conference azur::mcc

Title:DECmcc user notes file. Does not replace IPMT.
Notice:Use IPMT for problems. Newsletter location in note 6187
Moderator:TAEC::BEROUD
Created:Mon Aug 21 1989
Last Modified:Wed Jun 04 1997
Last Successful Update:Fri Jun 06 1997
Number of topics:6497
Total number of notes:27359

2245.0. "MCC_DNA4_EVL.COM Internal error DECnet4 AM" by RDGENG::GARDEN () Fri Jan 31 1992 10:23

    When I ran the MCC_STARTUP_DNA4_EVL.COM file , I had the following 
    errors:-
    
    DELETE NODE4 MCCDUF OBJECT TASK
    
    No Privilege to Perform directive at Node.
    
    CREATE NODE4 MCCDUF OBJECT TASK NUMBER 0
    
    No Privilege to Perform directive at Node.
    
    To get around this problem , I have used by user=xxxxx , by
    password=xxxx
    
    The other Error has'nt been solved:-
    
    "Internal Error in DECnet Phase IV AM".
    
    Can anyone tell me when a fix for this error is likely to be out.
    
    Ian.
T.RTitleUserPersonal
Name		DateLines
2245.1use proxy, or by user and passwordTOOK::JEAN_LEEMon Feb 03 1992 09:2531
    Hi Ian,
    
>>    When I ran the MCC_STARTUP_DNA4_EVL.COM file , I had the following 
>>    errors:-
>>    DELETE NODE4 MCCDUF OBJECT TASK
>>    No Privilege to Perform directive at Node.
>>    CREATE NODE4 MCCDUF OBJECT TASK NUMBER 0
>>    No Privilege to Perform directive at Node.
>>    To get around this problem , I have used by user=xxxxx , by
>>    password=xxxx

	In general, DNA4 commands requires to

	1) be able to connect to its NML object over the network
	2) have privileges to perform modify or action commands to the
	   requested entity.

	If you do not wish to use "by user,by password" qualifier, you can
	use proxy to a privileged account to perform these commands. 
	
	For enabling local sink monitor, additional "default" privileges of 
	DETACH,SYSNAM,TMPMBX,NETMBX,SYSPRV are required.
	   
	
>>    The other Error has'nt been solved:-
>>    "Internal Error in DECnet Phase IV AM".

       Which command did you use to get this error?  If the command is 
       ENABLing local sink monitor, this is a known bug.  The problem has 
       been addressed and fixed.
2245.2MCC_STARTUP_DNA4_EVL.COMRDGENG::GARDENMon Feb 03 1992 11:478
    Jean-Lee,
    I was using the ENABLE LOCAL SINK MONITOR when I received the "Internal
    Error DECnet Phase IV AM".
    
    You say that the problem is fixed - but where can I get the fix from?
    
    Kind Regards
    Ian
2245.3Fix will be included in a future kitTOOK::MINTZErik Mintz, DECmcc DevelopmentMon Feb 03 1992 12:3813
>    You say that the problem is fixed - but where can I get the fix from?

At the moment, when someone posts an answer like "it has been fixed"
they mean the code has been corrected and tested in a private executable.
However, these executables are NOT compatable with the field test kit,
and unfortunately we can't take the time to support private distributions
without impacting our SSB date.

We are still considering when to distribute an internal field test update.

-- Erik
2245.4it will not work, or could involve Digital's liabilityVARDAF::BERBIGIEREuropean Information Security Operations GroupTue Jun 14 1994 09:0629
to .1
>>    CREATE NODE4 MCCDUF OBJECT TASK NUMBER 0

This assumes there is a default decnet access defined at executor level

NCP> set executor nonpriv user xxx nonpriv password yyy

Since VMS V5.3, netconfig.com asks you whether you want such a default access
and anyone a little conscious with security will answer NO to this question


>	If you do not wish to use "by user,by password" qualifier, you can
>	use proxy to a privileged account to perform these commands. 

Using by user and by password ... Does this imply to write  a username/password
combination in a command file ???? to a privileged account ??? Have you ever
heard of favourite weaknesses exploited by hackers to gain control over a 
system ?

As there is currently no node authentication whithin Decnet, proxy mechanism can
be very easily screwed up by node masquerading. Therefore any proxy to a
privileged account is at high risk and should never be allowed/recommended. 

I hope you will never recommend such a solution at a customer site.

Please provide an workable solution that would not involve Digital's liability.


Pierre