Multiple users sharing the same UIC
georges.bert at Lafarge-Ciments.Lafarge.com
georges.bert at Lafarge-Ciments.Lafarge.com
Wed Nov 13 09:42:54 GMT 2002
Hello,
Thank you for all your replies.
Nevertheless I still continue not to understand why it's necessary for Samba to look inside the
RIGHTSLIST.DAT. I think that SYSUAF.DAT alone is sufficient to turn a Username into an UIC
(in fact, in earlier version of VMS, the RIGHTSLIST.DAT file did'nt even exist). After that,
given an UIC, one can launch a process without any other information about the user's account.
Example:
$ run/detached -
/input=xxx -
/output=yyy -
/uic=[212,245] -
/process_name=zzz -
sys$system:loginout.exe
In this example, you could put "john" in place of [212,245] if your RIGHTSLIST.DAT own the right
identifier ("uaf> add /id john /val=uic:[212,245]"). BUT WHY DO THAT SINCE YOU ALREADY KNOW THAT
JOHN'S UIC IS [212,245] ?
History:
> Samba on OpenVMS requires that the UIC match a username, and that the
> username have a default directory that it has write access to.
Ok, there is no probleme with that.
> Rightslist.dat is what provides the mapping between the UIC and the
> USERNAME. Because a UIC was logged, it means that the username in use
> by the client exists in that database.
I don't aggree with that. SYSUAF.DAT alone can give an UIC after a Username
(and that's how VMS launch your process when you log on).
Regards, Georges
"This e-mail is confidential and may contain legally privileged information. If you are not the intended recipient, you should not copy, distribute,
disclose or use the information it contains. Please e-mail the sender immediately and delete this message from your system. E-mails are susceptible
to corruption, interception and unauthorised amendment; we do not accept liability for any such changes, or for their consequences. You should be
aware, that the company may monitor your emails and their content"
More information about the samba-vms
mailing list