Neoview User Management and Security Administration Guide (R2.5)

ManualsBrandsHP ManualsSoftwareHP Neoview Release 2.5 Software

111

112

113

114

115

116

117

118

119

120

policy applies. If no default value is specified in the security policy, the password never

expires.

This parameter is invalid if you are defining a remotely authenticated database user.

• date is the date on which the password expires. If the configured grace period for password

changes is zero, then the ability for this username to log on is suspended on the specified

date. Otherwise, username can log on for the number of days specified by the platform

grace period but will receive a prompt to change the password. Both NCI and HPDM allow

a user to change the password when logging on.

If you do not specify a date in this command, the date is set to the default expiration date

specified in the security policy. If no such value is set in the security policy, the default date

is None (no expiration).

NOTE: HP recommends that you set the value to a date in the recent past but within the

grace period specified by the security policy. In this case, the user will receive a

password-expiry warning when logging on for the first time and will be forced to change

his or her password right away.

date is a double-quoted space-delimited string in the form of:

month-name day year

month-name

is the first three letters of the month name and is not case-sensitive. For example: JAN,

feb, Mar

day

is a one or two digit integer from 1 through 31, specifying the day of the month.

year

is a 4-digit integer to specify the year, or spaces to specify no expiration date.

Error Conditions

If the command is successful, a message is displayed indicating that the user was added. The

command returns an error in any of the following cases:

• The user executing the command is logged on in a role other than ROLE.SECMGR or

ROLE.MGR.

• The user executing the command is logged on in the role ROLE.SECMGR, but the command

assigns a database user some role other than ROLE.SECMGR.

• The command assigns a user the role ROLE.SECMGR, but the user executing the command

is not logged on in the ROLE.SECMGR role.

• The remotely authenticated user being registered does not exist on the external directory

server, or no such server is running.

• The role parameter does not specify an existing role.

• The user or role name is invalid.

• A command to register a remotely authenticated database user includes parameters related

to passwords or password expiration.

• The user is already defined on Neoview.

Examples

The following command registers a remotely authenticated user. The command is valid only if

an external directory server is configured and available and has maryjosephs already defined as

a user:

.sec create user maryjosephs, role ROLE.DBA;

116 User and Role Management