NIO CommKit Host Interface Installation and System Administration Manual

ManualsBrandsHP ManualsSoftwareHP-UX 11i v1 Networking Software

171

172

173

174

175

176

177

178

179

180

AUTHORIZE(1M) AUTHORIZE(1M)

E-19 CommKit Host Interface, Release 4.0

Locally Invoked

When invoked as a user-level command on the local host, authorize displays the remote user ID’s that have

been mapped to the local user ID. Several options are supported by authorize:

–l login The local user ID for which mapping information is desired. The default is the

user ID of the user executing the command. Only root may specify any login

other than its own. All other users may only specify their own login.

–u uidfile The dkuidtab(4) file which authorize should use to get the user ID mapping

information. The default file is /etc/opt/dk/dkuidtab.

EXAMPLES

The command

dk area1/exchange1/host2.authorize

will remotely invoke authorize on area1/exchange1/host2. The command

authorize -l abc

will locally invoke authorize. If we make the assumptions that

1. This command is executed by root or user abc on host xyz,

2. User ID 12 on area1/exchange1/host1 has been authorized/mapped to user abc on host xyz, but abc’s

password on xyz has been changed since the authorization,

3. User ID 345 on area1/exchange1/host2 has been authorized/mapped to user abc on host xyz

4. User ID 67 on area1/exchange1/host3 has been authorized/mapped to user abc on host xyz with

DKKEY=defg,

then the following information is displayed:

USER abc ON SYSTEM xyz HAS BEEN AUTHORIZED FROM:

area1/exchange1/host1 12 authorization expired

area1/exchange1/host2 345

area1/exchange1/host3 67/defg

Any display line followed by authorization expired means that authorization is no longer valid for one of

the following reasons:

1. the user no longer exists on the system

2. the password for the user has expired

3. the password for the user has been changed.

This is an indication that the user for whom the authorization check was done (user abc in the example) needs

to re-authorize to the local host (xyz) from the specified remote host (host2).

FILES

/opt/dk/sbin directory in which this command resides

/etc/opt/dk/dkuidtab default user ID mapping file

/etc/opt/dk/dkuidtab:o backup copy of the user ID mapping file

/etc/passwd password file

/etc/shadow encoded password file

/var/opt/dk/log/dkuidlog default log file