Re: Account creation

In article <slrng2ofc5.gs1.knatschke@xxxxxxxxxxxxxxxxxxxx>, JKB <knatschke@xxxxxxxxxxxxxx> writes:
Hello,

I suppose I have made a mistake... I'm trying to create a normal
account. Thus, I have made :

You have made several.


$ define/system/trans=(concealed)/exec disk$users dka0:[users.]
$ set default disk$users:[000000]
$ create /directory bertrand

That command should have failed, and would have left you the
owner instead of bertrand, the correct syntax is:
$ create/directory [bertrand]/owner=[new-uic-goes-here]

$ set default sys$system
$ run authorize
UAF> add bertrand/password=mypassword /device=disk$users -
_UAF> /directory=[bertrand] /owner="BERTRAND Joel" /nopwdexpired -
_UAF> /nopwdexpiration


Now bertran is the same UIC as default, you need to add a
/uic=[new-uic-goes-here], which you can still do via UAF> modify;
but be carefull you don't reassign the DEFAULT identifer.
If you do accidentally modify it, then put it back with
UAF> modify/identifier DEFAULT=uic=[200,200], then think about
adding one for bertrand so he doesn't have to look at numbers
UAF> add/identifer=bertrand=uic=[new-uic-goes-here]

UAF> show bertrand
Username: BERTRAND Owner: BERTRAND Joel
Account: UIC: [200,200] ([DEFAULT])
CLI: DCL Tables: DCLTABLES
Default: DISK$USERS:[BERTRAND]
LGICMD:
Flags: DisUser
^^^^^^^

The account is disabled, and can't be used until you
UAF> modify bertrand/flag=nodisuser


...
No access restrictions
...
Login fails : 13 !
...
Authorized privileges
NETMBX TMPMBX
...

I have tried to use this account, but I cannot perform any login
(CDE of remote login by SSH) :

cauchy:[~] > ssh -l bertrand dirac
bertrand@dirac's password:
Permission denied, please try again.
bertrand@dirac's password:
Permission denied, please try again.
bertrand@dirac's password:
Permission denied (publickey).
cauchy:[~] >


You'ld have made it all easier if you did the UAF work first, and
always include the /uic= stuff when adding a new user. Then
when you creat the directory you could simply use:

$ create/directory [bertran]/owner=bertrand

because the identifier would have automatically been made for you.
.

Relevant Pages

  • Account creation
    ... I suppose I have made a mistake... ... UAF> show bertrand ... I have tried to use this account, but I cannot perform any login ...
    (comp.os.vms)
  • Re: Account creation
    ... I suppose I have made a mistake... ... UAF> show bertrand ... I have tried to use this account, but I cannot perform any login ...
    (comp.os.vms)
  • Re: Account creation
    ... I suppose I have made a mistake... ... UAF> show bertrand ... I have tried to use this account, but I cannot perform any login ...
    (comp.os.vms)
  • Weakness introduced by denying remote logins on AIX, possibly others
    ... AIX 4.3.3 and AIX 5.1, ... is possible to remotely enumerate the passwords of a known AIX account. ... believed to be in the response from the login program after authentication ... Give accounts that have been restricted from remote logins strong passwords. ...
    (Security-Basics)
  • Re: Please! Doesnt anyone know a better way to do this?
    ... account, they need to automatically be directed to the page to enter data ... session variable on the Account page. ... I assume here that you're checking a database when the user attempts to ... When a new user attempts to login or clicks to register, ...
    (microsoft.public.dotnet.framework.aspnet)