Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!mnetor!uunet!seismo!columbia!rutgers!ucla-cs!zen!ucbvax!VTVM2.BITNET!CVMMEB From: CVMMEB@VTVM2.BITNET ("Mary E. Bainter") Newsgroups: comp.os.vms Subject: RE: General ID to generate specific ID Message-ID: <8707242141.AA27263@ucbvax.Berkeley.EDU> Date: Fri, 24-Jul-87 14:36:42 EDT Article-I.D.: ucbvax.8707242141.AA27263 Posted: Fri Jul 24 14:36:42 1987 Date-Received: Sat, 25-Jul-87 15:35:29 EDT References:Sender: daemon@ucbvax.BERKELEY.EDU Distribution: world Organization: The ARPA Internet Lines: 36 I don't remember who asked, so I'll send this out -- and those of you that want to correct me, I'm always willing to learn (I'm a NEW sys. mgr.) In response to the one who wanted a general ID for the initial logon which would generate new and unique userids -- here's what I'd start with : First of all, as you said, the account would be captive via the login.com and all CTRL-Y's etc would be trapped and thrown to routines to handle them. I would set this ID up with the CMKRNL priv AUTHORIZED (NOT default). When they logged in, I would gather all the necessary info, create a brand new directory for them (not a subdirectory), and run some sort of batch file to actually set up their account in authorize. THEN, I'd do the following : $ SET PROC/PRIV=CMKRNL $ SET DEFAULT [new account dir] $ SET UIC [new uic] $ SET PROC/PRIV=NOCMKRNL Things you might want to look into/think about : - To run authorize, you must be SYSTEM -- do you REALLY want them to be SYSTEM -- this can be dangerous if there are any possible holes in the "captive" procedure. - Do you really want them to have CMKRNL at all?? I'm not sure, but you it might be a good idea to see whether or not they'd still be able to give themselves CMKRNL after begin moved to the new directory (applicable only to their first login). I THINK that, since you've changed their UIC, they won't be able. - I usually COPY account with some parameter (in AUTHORIZE) to add a user, most of our users are similar. So, the parameter list for ADDing a user might be a little more complex for a batch file (I doubt it, I really think it shouldn't be any trouble.) Like I said, I'm new at being a system manager, so I may have missed something important but maybe this will at least give you some ideas.