Manualshelf

Technical data

ManualsBrandsAdaptec ManualsNetwork Card1742A
51525354555657585960
System Management Release Notes
5.3 External Authentication
5.3.5 Compaq DECnet-Plus Requirement
V7.2-1
Users with the EXTAUTH bit set in their SYSUAF account record cannot use
explicit access control strings with systems running Compaq DECnet-Plus unless
their externally authenticated password is all uppercase characters.
For example, if you enter the following command:
$ DIRECTORY nodename"username password"::
where nodename is a system running DECnet-Plus and username is an
EXTAUTH account, DECnet-Plus converts the string supplied in the password to
uppercase characters before it is passed to the external authentication agent (a
PATHWORKS or NT domain controller).
There are two workarounds:
If you are using DECnet-Plus and you want to use explicit access control
strings, define an uppercase NT password.
Set up a proxy account on your DECnet-Plus nodes so that you do not have to
use explicit access control strings to perform functions.
5.3.6 DECwindows Pause Screen Uses SYSUAF Password
V7.1
The DECwindows pause screen unlock mechanism does not use the external
authentication service for password validation. It continues to use the password
in the SYSUAF file, even if you have external authentication enabled on your
system.
Password synchronization is enabled by default. If you have disabled password
synchronization, be sure to keep the LAN Manager and SYSUAF passwords
synchronized manually.
5.3.7 DECnet-Plus and NET_CALLOUTS Parameter
V7.3
To run DECnet-Plus for OpenVMS with external authentication enabled, set the
system parameter NET_CALLOUTS to 255. This causes user verification and
proxy lookups to be done in LOGINOUT rather than DECnet.
5.3.8 Impact on Layered Products and Applications
V7.1
Certain layered products and applications that use an authentication mechanism
based on the traditional SYSUAF-based user name and password (for example,
software that calls $HASH_PASSWORD or $GETUAI/$SETUAI to alter, fetch,
or verify OpenVMS passwords) will encounter problems in either of the following
cases:
When external authentication is used in an environment where a given users
external user ID and OpenVMS user name are different
Where the users SYSUAF password is different from the external user
password
In such cases, the problem symptom is a user authentication failure from the
layered product or application.
System Management Release Notes 5–5