Technical data
Managing User Accounts
7.9 Setting Up Special Accounts
• The process creating the file does not have system privileges.
See the OpenVMS System Management Utilities Reference Manual and the
OpenVMS Guide to System Security for more information about the Creator
ACE.
7.9.3 Understanding Network Proxy Accounts
A network proxy account allows users on a remote node in a network to access
data by way of a local account on your system. Proxy accounts are useful when
you want to grant one or more users on a remote node access to specific files,
but you do not want to give them a private account on your system. Very often,
system managers set up proxy accounts as restricted. You establish and control
proxy accounts with the Authorize utility (AUTHORIZE).
With proxy accounts, you can authorize one or more users on a remote node to
enter DCL commands that access data from a particular account on your system.
Proxy accounts allow remote users to access specific local data (for example, type
and print files) without having to log in to your system or use an access control
string. Remote users assume the same file access rights as the local account and
also receive the default privileges of the local account. The following sections
explain the procedures for setting up proxy accounts.
To properly maintain proxy database consistency across all members of a mixed-
version OpenVMS Cluster system, you must perform all proxy modifications from
either of the following systems:
• A VAX Version 6.1 (or later) system
• An Alpha Version 6.2 (or later) system
This restriction ensures that the NET$PROXY.DAT database is updated with
correct proxy information.
For more information about proxy accounts, see the OpenVMS Guide to System
Security.
7.9.4 Creating Network Proxy Authorization Files
Note
This section contains information for network proxies on DECnet
Phase IV and DECnet-Plus. For information about proxies and user
authentication when using TCP/IP Services, see Compaq TCP/IP Services
for OpenVMS Management.
A proxy account permits an authorized user from a remote node to log in to a
local node, as if the user owned an account on the local node. Proxy accounts
are created and maintained using the Authorize utility (AUTHORIZE). See the
OpenVMS System Management Utilities Reference Manual for more information
about the Authorize utility.
On OpenVMS systems, the following information is stored in two proxy
authorization files, NETPROXY.DAT and NET$PROXY.DAT:
• On systems running DECnet for OpenVMS, both NETPROXY.DAT and
NET$PROXY.DAT contain proxy information stored using DECnet VAX node
names.
Managing User Accounts 7–37