Guardian security allows only local Group Managers and SUPER.SUPER to add, delete or alter userids. SUPER.SUPER can add members to any GROUP whether it already exists or not. Group Managers are restricted to managing userids in their own GROUP.
If Safeguard software is not in use on the system, then the ADDUSER program is used to create userids and DELUSER is used to delete them.
How the ADDUSER and DELUSER programs are secured depends on who is allowed to perform this function as defined by the Corporate Security Policy. See ADDUSER and DELUSER sections in the Gazette for a detailed discussion on securing these programs.
If Safeguard software is not in use on the system, then the RPASSWRD program is used to create remote passwords for userids.
How this program is secured depends on the Corporate Security Policy and whether or not Safeguard software is in use on the systems. See the RPASSWRD section in the Gazette for a detailed discussion on securing the program.
The DEFAULT program is used to set the default subvolume and default file security vector for each userid .
How the DEFAULT program is secured depends on the Corporate Security Policy and Standards. See the DEFAULT section in the Gazette for a detailed discussion on securing the program.
The USERS program is used to view information about userids.
How the USERS program is secured depends on the Corporate Security Policy and Standards. See the USERS section in the Gazette for a detailed discussion on securing the program.