SYSTEM Identifier not [1,4]

OpenVMS 8.4 Integrity, patches current to update 6, migrated from Alpha system disk. We have found the SYSTEM identifier is not [000001,000004] as expected, but [000202,000005].
The SYSTEM account does have UIC [1,4].

(Cross posted from HP Support Forum)

My questions are:

What impact does having the SYSTEM identifier not be [000001,000004]?

What should we look out for when we change it?





Further background.


On most systems, we have the account NDM_ADMIN that uses the same UIC as SYSTEM, namely [1,4].

Then we create an identifier, NDM_ADMIN (among other NDM identifiers), and grant it to SYSTEM, and the NDMADMIN account then also acquires the NDM_ADMIN identifier.

On one system, this fails. This is where the SYSTEM rights identifier is not [000001,000004] as expected, but [000202,000005]. There is an account with UIC [202,5], though there are no issues that we know of with that account.

On this system, after granting a rights identifier to SYSTEM, the NDMADMIN account does not acquire the identifier and cannot be used as it is on other systems.

We believe that this is caused by the fact the SYSTEM identifier is not the same as the SYSTEM account UIC, and that NDMADMIN also uses the SYSTEM UIC.. We tested this by deleting the NDMADMIN account using UIC [1,4], and copying the SYSTEM account to NDMADMIN using /UIC=[1,5], which was an unused UIC. We are then able to successfully grant the NDM_ADMIN identifier to the NDMADMIN account, and make use of the NDMADMIN account as expected.


Sean
.

Relevant Pages

  • Re: SYSTEM Identifier not [1,4]
    ... We have found the SYSTEM identifier is not as expected, but. ... On most systems, we have the account NDM_ADMIN that uses the same UIC as SYSTEM, namely. ... Then we create an identifier, NDM_ADMIN, and grant it to SYSTEM, and the NDMADMIN account then also acquires the NDM_ADMIN identifier. ... or through changing the setting directly and looking for any existing rogue settings. ...
    (comp.os.vms)
  • Re: SYSTEM Identifier not [1,4]
    ... What impact does having the SYSTEM identifier not be? ... we have the account NDM_ADMIN that uses the same UIC ... NDMADMIN account does not acquire the identifier and cannot be used ... Make a backup of your system disk. ...
    (comp.os.vms)
  • Re: ssh stack dumps on new V8.3 install
    ... the SYSTEM identifier for the SYSTEM account. ... I now need to discuss this with the client to find out why another account ... As there is no supported API for doing a sequential lookup of the SYSUAF database by UIC, the method that almost all software uses is to use the documented and supported lookup up of the rightslist identifier name for it, and then lookup the SYSUAF record for that name. ... Due to the way that the Authorize utility copies and changes UICs on accounts, it is very easy for a new system mangler to cause this problem. ...
    (comp.os.vms)
  • Re: update queries and forms
    ... identified by a primary key field called LOCID. ... > Each account is uniquely identified by ACCGRPID. ... > turn it into an appropriate update query, using the values that you provided ... >> ACCGRPID is a unique identifier for each seperate account. ...
    (microsoft.public.access.tablesdbdesign)
  • Re: SYSTEM Identifier not [1,4]
    ... Then we create an identifier, NDM_ADMIN, and grant it to SYSTEM, and the NDMADMIN account then also acquires the NDM_ADMIN identifier. ... I managed more than a few VMS systems from VMS V3.3 to V7.? ...
    (comp.os.vms)