Multiple users sharing the same UIC

[georges.bert at Lafarge-Ciments.Lafarge.com]

Hello,
Thank you for all your replies.
Nevertheless I still continue not to understand why it's necessary for Samba to look inside the
RIGHTSLIST.DAT. I think that SYSUAF.DAT alone is sufficient to turn a Username into an UIC
(in fact, in earlier version of VMS, the RIGHTSLIST.DAT file did'nt even exist). After that,
given an UIC, one can launch a process without any other information about the user's account.

Example:
$ run/detached -
        /input=xxx -
        /output=yyy -
        /uic=[212,245] -
        /process_name=zzz -
        sys$system:loginout.exe
In this example, you could put "john" in place of [212,245] if your RIGHTSLIST.DAT own the right
identifier ("uaf> add /id john /val=uic:[212,245]"). BUT WHY DO THAT SINCE YOU ALREADY KNOW THAT
JOHN'S UIC IS [212,245] ?

History:

> Samba on OpenVMS requires that the UIC match a username, and that the
> username have a default directory that it has write access to.
Ok, there is no probleme with that.

> Rightslist.dat is what provides the mapping between the UIC and the
> USERNAME.  Because a UIC was logged, it means that the username in use
> by the client exists in that database.
I don't aggree with that. SYSUAF.DAT alone can give an UIC after a Username
(and that's how VMS launch your process when you log on).

Regards,                     Georges

"This e-mail is confidential and may contain legally privileged information.  If you are not the intended recipient, you should not copy, distribute,
disclose or use the information it contains.  Please e-mail the sender immediately and delete this message from your system.  E-mails are susceptible
to corruption, interception and unauthorised amendment; we do not accept liability for any such changes, or for their consequences. You should be
aware, that the company  may monitor your emails and their content"