Technical data
Managing User Accounts
7.8 Restricting the Use of Accounts
semicolon (;)
vertical bar (|) and double vertical bar (| |)
• Use the DCL command READ/PROMPT in captive account login command
procedures because the INQUIRE command is not allowed.
• Set the subprocess limit to 0 to prevent the user from spawning out of
the account. Set both the /PRCLM qualifier and the SYSGEN parameter
PQL_MPRCLM.
Example
A simple login command procedure for a captive account used for an inventory
system might consist of the following commands:
$ DEFINE SYS$DISK DISK$INVENT
$ RUN INVENTORY
$ LOGOUT
The application program INVENTORY assumes control when the user logs in
to the account. Assign the CAPTIVE flag to the login flags field of the captive
account UAF record by specifying the AUTHORIZE qualifier /FLAGS=CAPTIVE.
Section 7.7.4 shows how to use AUTHORIZE to create a UAF record for a captive
account.
Example 7–4 is a command procedure for a highly secure captive account, which
restricts the user to a very limited set of commands. System managers must
be sure to deny the account owner any write access to the login command
procedure and its directory. Note also that the security manager would use
the AUTHORIZE qualifier /NOINTERACTIVE when establishing this account.
For more information about captive and restricted accounts, see the OpenVMS
Guide to System Security.
7–32 Managing User Accounts