HP NonStop Server Security
This handbook provides readable advice on the key decisions in safeguarding the numerous components of the HP NonStop environment.
TABLE OF CONTENTS HP NonStop Server Security
Chapter 3: Authentication; User Administration
The joke goes that the only secure computer is the one without users. This section outlines the principles for securing the system, even with users! These principles include a good user schema based on the principles of Least Privilege, Separation of Duties and Individual Accountability.
User Administration
This chapter discusses administering userids and aliases on an HP NonStop server.
Userids
Users are defined by assigning a unique user name and number to each user:
.
,
The Group Name or Number identifies the user's administrative group. The Member Name or Number identifies the user within the group. The combination must be unique for a single system and unique over the network of systems if the user will have access to multiple nodes.
Groups
On the HP NonStop server, there are two types of user groups:
Administrative
File-sharing
Administrative Groups
Administrative Groups exist primarily for user management but can also be used for file-sharing in Safeguard software . Administrative Groups are used in both the Guardian and Safeguard environments.
Administrative Group Names are made up of 1 to 8 alphanumeric characters. The first character must be a letter. Groups with numbers ranging from 0 to 255 may be used as Administrative Groups.
Administrative Groups can be thought of as Job Function Groups because they are the primary unit that categorizes a given user's job function. Users with similar job descriptions and tasks require the same access to system resources. They should be given userids in the same Administrative Group.
File-sharing Groups
Copyright XYPRO Technology Corporation 2004 under license agreement with Books24x7
