1 MODIFY
Changes values in a SYSUAF user record. Qualifiers not specified
in the command remain unchanged.
Format
MODIFY username /qualifier[,...]
2 Parameter
username
Specifies the name of a user in the SYSUAF. The asterisk (*) and
percent sign (%) wildcard characters are permitted in the user
name. When you specify a single asterisk for the user name, you
modify the records of all users.
2 Qualifiers
/ACCESS
/ACCESS[=(range[,...])]
Specifies hours of access for all modes of access. The syntax for
specifying the range is:
/[NO]ACCESS=([PRIMARY], [n-m], [n], [,...],[SECONDARY], [n-m], [n], [,...])
Specify hours as integers from 0 to 23, inclusive. You can
specify single hours (n) or ranges of hours (n-m). If the ending
hour of a range is earlier than the starting hour, the range
extends from the starting hour through midnight to the ending
hour. The first set of hours after the keyword PRIMARY specifies
hours on primary days; the second set of hours after the keyword
SECONDARY specifies hours on secondary days. Note that hours
are inclusive; that is, if you grant access during a given hour,
access extends to the end of that hour.
By default, a user has full access every day. See the DCL
command SET DAY in the OpenVMS DCL Dictionary for information
on overriding the defaults for primary and secondary day types.
All the list elements are optional. Unless you specify hours for
a day type, access is permitted for the entire day. By specifying
an access time, you prevent access at all other times. Adding
NO to the qualifier denies the user access to the system for the
specified period of time.
Examples:
/ACCESS Allows unrestricted access
/NOACCESS=SECONDARY Allows access on primary days only
/ACCESS=(9-17) Allows access from 9 A.M. to 5:59 P.M. on
all days
/NOACCESS=(PRIMARY, Disallows access between 9 A.M. to 5:59
9-17, SECONDARY, P.M. on primary days but allows access
18-8) during these hours on secondary days
To specify access hours for specific types of access, see the
/BATCH, /DIALUP, /INTERACTIVE, /LOCAL, /NETWORK, and /REMOTE
qualifiers.
/ACCOUNT
/ACCOUNT=account-name
Specifies the default name for the account (for example, a
billing name or number). The name can be a string of 1 to 8
alphanumeric characters. By default, AUTHORIZE does not assign
an account name.
/ALGORITHM
/ALGORITHM=keyword=type [=value]
Sets the password encryption algorithm for a user. The keyword
VMS refers to the algorithm used in the operating system version
that is running on your system, whereas a customer algorithm is
one that is added through the $HASH_PASSWORD system service by
a customer site, by a layered product, or by a third party. The
customer algorithm is identified in $HASH_PASSWORD by an integer
in the range of 128 to 255. It must correspond with the number
used in the AUTHORIZE command MODIFY/ALGORITHM. By default,
passwords are encrypted with the VMS algorithm for the current
version of the operating system.
Keyword Function
BOTH Set the algorithm for primary and secondary
passwords.
CURRENT Set the algorithm for the primary, secondary, both,
or no passwords, depending on account status. CURRENT
is the default value.
PRIMARY Set the algorithm for the primary password only.
SECONDARY Set the algorithm for the secondary password only.
The following table lists password encryption algorithms:
Type Definition
VMS The algorithm used in the version of the operating
system that is running on your system.
CUSTOMER A numeric value in the range of 128 to 255 that
identifies a customer algorithm.
The following example selects the VMS algorithm for Sontag's
primary password:
UAF> MODIFY SONTAG/ALGORITHM=PRIMARY=VMS
If you select a site-specific algorithm, you must give a value to
identify the algorithm, as follows:
UAF> MODIFY SONTAG/ALGORITHM=CURRENT=CUSTOMER=128
/ASTLM
/ASTLM=value
Specifies the AST queue limit, which is the total number of
asynchronous system trap (AST) operations and scheduled wake-up
requests that the user can have queued at one time. The default
is 40 on VAX systems and 250 on Alpha systems.
/BATCH
/BATCH[=(range[,...])]
Specifies the hours of access permitted for batch jobs. For
a description of the range specification, see the /ACCESS
qualifier. By default, a user can submit batch jobs any time.
/BIOLM
/BIOLM=value
Specifies a buffered I/O count limit for the BIOLM field of the
UAF record. The buffered I/O count limit is the maximum number
of buffered I/O operations, such as terminal I/O, that can be
outstanding at one time. The default is 40 on VAX systems and 150
on Alpha systems.
/BYTLM
/BYTLM=value
Specifies the buffered I/O byte limit for the BYTLM field of the
UAF record. The buffered I/O byte limit is the maximum number
of bytes of nonpaged system dynamic memory that a user's job
can consume at one time. Nonpaged dynamic memory is used for
operations such as I/O buffering, mailboxes, and file-access
windows. The default is 32768 on VAX systems and 64000 on Alpha
systems.
/CLI
/CLI=cli-name
Specifies the name of the default command language interpreter
(CLI) for the CLI field of the UAF record. The cli-name is a
string of 1 to 31 alphanumeric characters and should be either
DCL or MCR. The default is DCL. This setting is ignored for
network jobs.
/CLITABLES
/CLITABLES=filespec
Specifies user-defined CLI tables for the account. The
filespec can contain 1 to 31 characters. The default is
SYS$LIBRARY:DCLTABLES. Note that this setting is ignored for
network jobs to guarantee that the system-supplied command
procedures used to implement network objects function properly.
/CPUTIME
/CPUTIME=time
Specifies the maximum process CPU time for the CPU field of the
UAF record. The maximum process CPU time is the maximum amount of
CPU time a user's process can take per session. You must specify
a delta time value. For a discussion of delta time values, see
the OpenVMS User's Manual. The default is 0, which means an
infinite amount of time.
/DEFPRIVILEGES
/DEFPRIVILEGES=([NO]privname[,...])
Specifies default privileges for the user; that is, those enabled
at login time. A NO prefix removes a privilege from the user. By
specifying the keyword [NO]ALL with the /DEFPRIVILEGES qualifier,
you can disable or enable all user privileges. The default
privileges are TMPMBX and NETMBX. Privname is the name of the
privilege.
/DEVICE
/DEVICE=device-name
Specifies the name of the user's default device at login. The
device-name is a string of 1 to 31 alphanumeric characters. If
you omit the colon from the device-name value, AUTHORIZE appends
a colon. The default device is SYS$SYSDISK.
If you specify a logical name as the device-name (for example,
DISK1: for DUA1:), you must make an entry for the logical name in
the LNM$SYSTEM_TABLE in executive mode by using the DCL command
DEFINE/SYSTEM/EXEC.
/DIALUP
/DIALUP[=(range[,...])]
Specifies hours of access permitted for dialup logins. For
a description of the range specification, see the /ACCESS
qualifier. The default is full access.
/DIOLM
/DIOLM=value
Specifies the direct I/O count limit for the DIOLM field of the
UAF record. The direct I/O count limit is the maximum number
of direct I/O operations (usually disk) that can be outstanding
at one time. The default is 40 on VAX systems and 150 on Alpha
systems.
/DIRECTORY
/DIRECTORY=directory-name
Specifies the default directory name for the DIRECTORY field of
the UAF record. The directory-name can be 1 to 39 alphanumeric
characters. If you do not enclose the directory name in brackets,
AUTHORIZE adds the brackets for you. The default directory name
is [USER].
/ENQLM
/ENQLM=value
Specifies the lock queue limit for the ENQLM field of the UAF
record. The lock queue limit is the maximum number of locks that
can be queued by the user at one time. The default is 200 on VAX
systems and 2000 on Alpha systems.
/EXPIRATION
/EXPIRATION=time (default)
/NOEXPIRATION
Specifies the expiration date and time of the account. The
/NOEXPIRATION qualifier removes the expiration date on the
account or resets the expiration time for expired accounts.
The default expiration time period is 90 days for nonprivileged
users.
/FILLM
/FILLM=value
Specifies the open file limit for the FILLM field of the UAF
record. The open file limit is the maximum number of files that
can be open at one time, including active network logical links.
The default is 300 on VAX systems and 100 on Alpha systems.
/FLAGS
/FLAGS=([NO]option[,...])
Specifies login flags for the user. The prefix NO clears the
flag. The options are as follows:
AUDIT Enables or disables mandatory security
auditing for a specific user. By default,
the system does not audit the activities of
specific users (NOAUDIT).
AUTOLOGIN Restricts the user to the automatic login
mechanism when logging in to an account.
When set, the flag disables login by any
terminal that requires entry of a user name
and password. The default is to require a user
name and password (NOAUTOLOGIN).
CAPTIVE Prevents the user from changing any defaults
at login, for example, /CLI or /LGICMD. It
prevents the user from escaping the captive
login command procedure specified by the
/LGICMD qualifier and gaining access to the
DCL command level. See Guidelines for Captive
Command Procedures in the OpenVMS Guide to
System Security.
The CAPTIVE flag also establishes an
environment where Ctrl/Y interrupts are
initially turned off; however, command
procedures can still turn on Ctrl/Y
interrupts with the DCL command SET CONTROL=Y.
By default, an account is not captive
(NOCAPTIVE).
DEFCLI Restricts the user to the default command
interpreter by prohibiting the use of the /CLI
qualifier at login; the MCR command can still
be used. By default, a user can choose a CLI
(NODEFCLI).
DISCTLY Establishes an environment where Ctrl/Y
interrupts are initially turned off and are
invalid until a SET CONTROL=Y is encountered.
This could happen in SYLOGIN.COM or in a
procedure called by SYLOGIN.COM. Once a SET
CONTROL=Y is executed (which requires no
privilege), a user can enter a Ctrl/Y and
reach the DCL prompt ($). If the intent of
DISCTLY is to force execution of the login
command files, then SYLOGIN.COM should issue
the DCL command SET CONTROL=Y to turn on Ctrl
/Y interrupts before exiting. By default, Ctrl
/Y is enabled (NODISCTLY).
DISFORCE_PWD_ Removes the requirement that a user must
CHANGE change an expired password at login. By
default, a person can use an expired password
only once (NODISFORCE_PWD_CHANGE) and then
is forced to change the password after
logging in. If the user does not select a
new password, the user is locked out of the
system.
To use this feature, set a password expiration
date with the /PWDLIFETIME qualifier.
DISIMAGE Prevents the user from executing RUN, MCR,
and foreign commands. By default, a user
can execute RUN, MCR, and foreign commands
(NODISIMAGE).
DISMAIL Disables mail delivery to the user. By
default, mail delivery is enabled (NODISMAIL).
DISNEWMAIL Suppresses announcements of new mail at login.
By default, the system announces new mail
(NODISNEWMAIL).
DISPWDDIC Disables automatic screening of new passwords
against a system dictionary. By default,
passwords are automatically screened
(NODISPWDDIC).
DISPWDHIS Disables automatic checking of new passwords
against a list of the user's old passwords.
By default, the system screens new passwords
(NODISPWDHIS).
DISRECONNECT Disables automatic reconnection to an existing
process when a terminal connection has
been interrupted. By default, automatic
reconnection is enabled (NODISRECONNECT).
DISREPORT Suppresses reports of the last login time,
login failures, and other security reports.
By default, login information is displayed
(NODISREPORT).
DISUSER Disables the account so the user cannot log
in. For example, the DEFAULT account is
disabled. By default, an account is enabled
(NODISUSER).
DISWELCOME Suppresses the welcome message (an
informational message displayed during a local
login). This message usually indicates the
version number of the operating system that is
running and the name of the node on which the
user is logged in. By default, a system login
message appears (NODISWELCOME).
EXTAUTH Considers user to be authenticated by an
external user name and password, not by the
SYSUAF user name and password. (The system
still uses the SYSUAF record to check a user's
login restrictions and quotas and to create
the user's process profile.)
GENPWD Restricts the user to generated passwords.
By default, users choose their own passwords
(NOGENPWD).
LOCKPWD Prevents the user from changing the password
for the account. By default, users can change
their passwords (NOLOCKPWD).
PWD_EXPIRED Marks a password as expired. The user cannot
log in if this flag is set. The LOGINOUT.EXE
image sets the flag when both of the following
conditions exist: a user logs in with the
DISFORCE_PWD_CHANGE flag set, and the user's
password expires. A system manager can clear
this flag. By default, passwords are not
expired after login (NOPWD_EXPIRED).
PWD2_EXPIRED Marks a secondary password as expired. Users
cannot log in if this flag is set. The
LOGINOUT.EXE image sets the flag when both
of the following conditions exist: a user logs
in with the DISFORCE_PWD_CHANGE flag set, and
the user's password expires. A system manager
can clear this flag. By default, passwords
are not set to expire after login (NOPWD2_
EXPIRED).
RESTRICTED Prevents the user from changing any defaults
at login (for example, by specifying /LGICMD)
and prohibits user specification of a CLI
with the /CLI qualifier. The RESTRICTED
flag establishes an environment where Ctrl/Y
interrupts are initially turned off; however,
command procedures can still turn on Ctrl/Y
interrupts with the DCL command SET CONTROL=Y.
Typically, this flag is used to prevent an
applications user from having unrestricted
access to the CLI. By default, a user can
change defaults (NORESTRICTED).
/GENERATE_PASSWORD
/GENERATE_PASSWORD[=keyword]
/NOGENERATE_PASSWORD (default)
Invokes the password generator to create user passwords.
Generated passwords can consist of 1 to 10 characters. Specify
one of the following keywords:
BOTH Generate primary and secondary passwords.
CURRENT Do whatever the DEFAULT account does (for example,
generate primary, secondary, both, or no passwords).
This is the default keyword.
PRIMARY Generate primary password only.
SECONDARY Generate secondary password only.
When you modify a password, the new password expires
automatically; it is valid only once (unless you specify
/NOPWDEXPIRED). On login, users are forced to change their
passwords (unless you specify /FLAGS=DISFORCE_PWD_CHANGE).
Note that the /GENERATE_PASSWORD and /PASSWORD qualifiers are
mutually exclusive.
/INTERACTIVE
/INTERACTIVE[ =(range[,...])]
/NOINTERACTIVE
Specifies the hours of access for interactive logins. For
a description of the range specification, see the /ACCESS
qualifier. By default, there are no access restrictions on
interactive logins.
/JTQUOTA
/JTQUOTA=value
Specifies the initial byte quota with which the jobwide logical
name table is to be created. By default, the value is 4096 on VAX
systems and 4096 on Alpha systems.
/LGICMD
/LGICMD=filespec
Specifies the name of the default login command file. The file
name defaults to the device specified for /DEVICE, the directory
specified for /DIRECTORY, a file name of LOGIN, and a file type
of .COM. If you select the defaults for all these values, the
file name is SYS$SYSTEM:[USER]LOGIN.COM.
/LOCAL
/LOCAL[=(range[,...])]
Specifies hours of access for interactive logins from local
terminals. For a description of the range specification, see the
/ACCESS qualifier. By default, there are no access restrictions
on local logins.
/MAXACCTJOBS
/MAXACCTJOBS=value
Specifies the maximum number of batch, interactive, and detached
processes that can be active at one time for all users of the
same account. By default, a user has a maximum of 0, which
represents an unlimited number.
/MAXDETACH
/MAXDETACH=value
Specifies the maximum number of detached processes with the cited
user name that can be active at one time. To prevent the user
from creating detached processes, specify the keyword NONE. By
default, a user has a value of 0, which represents an unlimited
number.
/MAXJOBS
/MAXJOBS=value
Specifies the maximum number of processes (interactive, batch,
detached, and network) with the cited user name that can be
active simultaneously. The first four network jobs are not
counted. By default, a user has a maximum value of 0, which
represents an unlimited number.
/MODIFY_IDENTIFIER
/MODIFY_IDENTIFIER (default)
/NOMODIFY_IDENTIFIER
Specifies whether the identifier associated with the user is
to be modified in the rights database. This qualifier applies
only when you modify the UIC or user name in the UAF record. By
default, the associated identifiers are modified.
/NETWORK
/NETWORK[=(range[,...])]
Specifies hours of access for network batch jobs. For a
description of how to specify the range, see the /ACCESS
qualifier. By default, network logins have no access
restrictions.
/OWNER
/OWNER=owner-name
Specifies the name of the owner of the account. You can use this
name for billing purposes or similar applications. The owner name
is 1 to 31 characters. No default owner name exists.
/PASSWORD
/PASSWORD=(password1[,password2])
/NOPASSWORD
Specifies up to two passwords for login. Passwords can be
from 0 to 32 characters in length and can include alphanumeric
characters, dollar signs, and underscores. Avoid using the word
password as the actual password. Use the /PASSWORD qualifier as
follows:
o To set only the first password and clear the second, specify
/PASSWORD=password.
o To set both the first and second password, specify
/PASSWORD=(password1, password2).
o To change the first password without affecting the second,
specify /PASSWORD=(password, "").
o To change the second password without affecting the first,
specify /PASSWORD=("", password).
o To set both passwords to null, specify /NOPASSWORD.
When you modify a password, the new password expires
automatically; it is valid only once (unless you specify
/NOPWDEXPIRED). On login, the user is forced to change the
password (unless you specify /FLAGS=DISFORCE_PWD_CHANGE).
Note that the /GENERATE_PASSWORD and /PASSWORD qualifiers are
mutually exclusive.
/PBYTLM
This flag is reserved for Digital.
/PGFLQUOTA
/PGFLQUOTA=value
Specifies the paging file limit. This is the maximum number of
pages that the person's process can use in the system paging
file. By default, the value is 32768 pages on VAX systems and
50000 pagelets on Alpha systems.
If decompressing libraries, make sure to set PGFLQUOTA to twice
the size of the library.
/PRCLM
/PRCLM=value
Specifies the subprocess creation limit. This is the maximum
number of subprocesses that can exist at one time for the
specified user's process. By default, the value is 2 on VAX
systems and 8 on Alpha systems.
/PRIMEDAYS
/PRIMEDAYS=([NO]day[,...])
Defines the primary and secondary days of the week for logging
in. Specify the days as a list separated by commas, and enclose
the list in parentheses. To specify a secondary day, prefix the
day with NO (for example, NOFRIDAY). To specify a primary day,
omit the NO prefix.
By default, primary days are Monday through Friday and secondary
days are Saturday and Sunday. If you omit a day from the list,
AUTHORIZE uses the default value. (For example, if you omit
Monday from the list, AUTHORIZE defines Monday as a primary day.)
Use the primary and secondary day definitions in conjunction with
such qualifiers as /ACCESS, /INTERACTIVE, and /BATCH.
/PRIORITY
/PRIORITY=value
Specifies the default base priority. The value is an integer in
the range of 0 to 31 on VAX systems and 0 to 63 on Alpha systems.
By default, the value is set to 4 for timesharing users.
/PRIVILEGES
/PRIVILEGES=([NO]privname[,...])
Specifies which privileges the user is authorized to hold,
although these privileges are not necessarily enabled at login.
(The /DEFPRIVILEGES qualifier determines which ones are enabled.)
A NO prefix removes the privilege from the user. The keyword
NOALL disables all user privileges. Many privileges have varying
degrees of power and potential system impact (see the OpenVMS
Guide to System Security for a detailed discussion). By default,
a user holds TMPMBX and NETMBX privileges. Privname is the name
of the privilege.
/PWDEXPIRED
/PWDEXPIRED (default)
/NOPWDEXPIRED
Specifies the password is valid for only one login. A user must
change a password immediately after login or be locked out of the
system. The system warns users of password expiration. A user can
either specify a new password, with the DCL command SET PASSWORD,
or wait until expiration and be forced to change. By default, a
user must change a password when first logging in to an account.
The default is applied to the account only when the password is
being modified.
/PWDLIFETIME
/PWDLIFETIME=time (default)
/NOPWDLIFETIME
Specifies the length of time a password is valid. Specify a
delta time value in the form [dddd-] [hh:mm:ss.cc]. For example,
for a lifetime of 120 days, 0 hours, and 0 seconds, specify
/PWDLIFETIME="120-". For a lifetime of 120 days 12 hours, 30
minutes and 30 seconds, specify /PWDLIFETIME="120-12:30:30". If
a period longer than the specified time elapses before the user
logs in, the system displays a warning message. The password is
marked as expired.
To prevent a password from expiring, specify the time as NONE. By
default, a password expires in 90 days.
/PWDMINIMUM
/PWDMINIMUM=value
Specifies the minimum password length in characters. Note that
this value is enforced only by the DCL command SET PASSWORD. It
does not prevent you from entering a password shorter than the
minimum length when you use AUTHORIZE to create or modify an
account. By default, a password must have at least 6 characters.
The value specified by the /PWDMINIMUM qualifier conflicts with
the value used by the /GENERATE_PASSWORD qualifier or the DCL
command SET PASSWORD/GENERATE, the operating system chooses the
lesser value. The maximum value for generated passwords is 10.
/QUEPRIO
/QUEPRIO=value
Reserved for future use.
/REMOTE
/REMOTE[=(range[,...])]
Specifies hours during which access is permitted for interactive
logins from network remote terminals (with the DCL command SET
HOST). For a description of the range specification, see the
/ACCESS qualifier. By default, remote logins have no access
restrictions.
/SHRFILLM
/SHRFILLM=value
Specifies the maximum number of shared files that the user can
have open at one time. By default, the system assigns a value of
0, which represents an infinite number.
/TQELM
Specifies the total number of entries in the timer queue plus the
number of temporary common event flag clusters that the user can
have at one time. By default, a user can have 10.
/UIC
/UIC=value
Specifies the user identification code (UIC). The UIC value is
a group number in the range from 1 to 37776 (octal) and a member
number in the range from 0 to 177776 (octal), which are separated
by a comma and enclosed in brackets. Digital reserves group 1 and
groups 300-377 for its own use.
Each user must have a unique UIC. By default, the UIC value is
[200,200].
/WSDEFAULT
/WSDEFAULT=value
Specifies the default working set limit. This represents the
initial limit to the number of physical pages the process can
use. (The user can alter the default quantity up to WSQUOTA with
the DCL command SET WORKING_SET.) By default, a user has 256
pages on VAX systems and 2000 pagelets on Alpha systems.
The value cannot be greater than WSMAX. This quota value replaces
smaller values of PQL_MWSDEFAULT.
/WSEXTENT
/WSEXTENT=value
Specifies the working set maximum. This represents the maximum
amount of physical memory allowed to the process. The system
provides memory to a process beyond its working set quota only
when it has excess free pages. The additional memory is recalled
by the system if needed.
The value is an integer equal to or greater than WSQUOTA. By
default, the value is 1024 pages on VAX systems and 16384
pagelets on Alpha systems. The value cannot be greater than
WSMAX. This quota value replaces smaller values of PQL_MWSEXTENT.
/WSQUOTA
/WSQUOTA=value
Specifies the working set quota. This is the maximum amount of
physical memory a user process can lock into its working set. It
also represents the maximum amount of swap space that the system
reserves for this process and the maximum amount of physical
memory that the system allows the process to consume if the
systemwide memory demand is significant.
The value cannot be greater than the value of WSMAX and cannot
exceed 64K pages. This quota value replaces smaller values of
PQL_MWSQUOTA.
2 Examples
1.UAF> MODIFY ROBIN /PASSWORD=SP0172
%UAF-I-MDFYMSG, user record(s) updated
The command in this example changes the password for user ROBIN
without altering any other values in the record.
2.UAF> MODIFY ROBIN/FLAGS=RESTRICTED
%UAF-I-MDFYMSG, user record(s) updated
The command in this example modifies the UAF record for user
ROBIN by adding the login flag RESTRICTED.
2 /IDENTIFIER
Modifies an identifier name, its associated value, or its
attributes in the rights database.
Format
MODIFY/IDENTIFIER id-name
3 Parameter
id-name
Specifies the name of an identifier to be modified.
3 Qualifiers
/ATTRIBUTES
/ATTRIBUTES=(keyword[,...])
Specifies attributes to be associated with the modified
identifier. The following are valid keywords:
DYNAMIC Allows unprivileged holders of the identifier
to remove and to restore the identifier from
the process rights list by using the DCL
command SET RIGHTS_LIST.
HOLDER_HIDDEN Prevents people from getting a list of users
who hold an identifier, unless they own the
identifier themselves.
NAME_HIDDEN Allows holders of an identifier to have it
translated, either from binary to ASCII
or from ASCII to binary, but prevents
unauthorized users from translating the
identifier.
NOACCESS Makes any access rights of the identifier null
and void. If a user is granted an identifier
with the No Access attribute, that identifier
has no effect on the user's access rights
to objects. This attribute is a modifier for
an identifier with the Resource or Subsystem
attribute.
RESOURCE Allows holders of an identifier to charge disk
space to the identifier. Used only for file
objects.
SUBSYSTEM Allows holders of the identifier to create and
maintain protected subsystems by assigning the
Subsystem ACE to the application images in the
subsystem. Used only for file objects.
To remove an attribute from the identifier, add a NO prefix
to the attribute keyword. For example, to remove the Resource
attribute, specify /ATTRIBUTES=NORESOURCE.
NOTE
If you specify the NORESOURCE keyword without naming any
holder with the /HOLDER qualifier, all holders lose the
right to charge resources.
/HOLDER
/HOLDER=username
Specifies the holder of an identifier whose attributes are to be
modified. The /HOLDER qualifier is used only in conjunction with
the /ATTRIBUTES qualifier.
If you specify /HOLDER, the /NAME and /VALUE qualifiers are
ignored.
/NAME
/NAME=new-id-name
Specifies a new identifier name to be associated with the
identifier.
/VALUE
/VALUE=value-specifier
Specifies a new identifier value. Note that an identifier value
cannot be modified from a UIC to a non-UIC format or vice versa.
The following are valid formats for the value-specifier:
IDENTIFIER:n An integer value in the range of 65,536 to
268,435,455. You can also specify the value
in hexadecimal (precede the value with %X) or
octal (precede the value with %O).
To differentiate general identifiers from UIC
identifiers, %X80000000 is added to the value
you specify.
UIC:uic A UIC value in the standard UIC format.
3 Examples
1.UAF> MODIFY/IDENTIFIER OLD_ID /NAME=NEW_ID
%UAF-I-RDBMDFYMSG, identifier OLD_ID modified
The command in this example changes the name of the OLD_ID
identifier to NEW_ID.
2.UAF> MODIFY/IDENTIFIER/VALUE=UIC:[300,21] ACCOUNTING
%UAF-I-RDBMDFYMSG, identifier ACCOUNTING modified
The command in this example changes the old UIC value of the
identifier ACCOUNTING to a new value.
3.UAF> MODIFY/IDENTIFIER/ATTRIBUTES=NORESOURCE-
_UAF> /HOLDER=CRAMER ACCOUNTING
%UAF-I-RDBMDFYMSG, identifier ACCOUNTING modified
The command in this example associates the attribute NORESOURCE
with the identifier ACCOUNTING in CRAMER's holder record. The
identifier ACCOUNTING is not changed.
2 /PROXY
Modifies an entry in the network proxy authorization file to
specify a different local account as the default proxy account
for the remote user or to specify no default proxy account for
the remote user.
The command modifies an entry in the network proxy authorization
file NET$PROXY.DAT and, to maintain compatibility with other
systems, modifies an entry in NETPROXY.DAT.
NOTE
You must modify the proxy database from a system running the
current OpenVMS system.
Format
MODIFY/PROXY node::remote-user
3 Parameters
node
Specifies a node name. If you specify an asterisk wildcard
character (*), the specified remote user on all nodes is served
by the local user.
remote-user
Specifies the user name of a user at a remote node. If you
specify an asterisk wildcard character, all users at the
specified node are served by the local user.
For systems that are not OpenVMS systems that implement DECnet,
specifies the UIC of a user at a remote node. You can specify an
asterisk wildcard in the group and member fields of the UIC.
3 Qualifier
/DEFAULT
/DEFAULT[=local-user]
/NODEFAULT
Designates the default user name on the local node through which
proxy access from the remote user is directed. If /NODEFAULT is
specified, removes the default designation.
3 Example
UAF> MODIFY/PROXY MISHA::MARCO /DEFAULT=JOHNSON
%UAF-I-NAFADDMSG, record successfully modified in NETPROXY.DAT
The command in this example changes the default proxy account
for user MARCO on the remote node MISHA to the JOHNSON account.
2 /SYSTEM_PASSWORD
Changes the systemwide password (which, however, is different
from the password for the SYSTEM username). This command operates
similarly to the DCL command SET PASSWORD/SYSTEM.
Format
MODIFY/SYSTEM_PASSWORD=system-password
3 Parameter
system-password
Specifies the new systemwide password.
3 Example
UAF> MODIFY/SYSTEM_PASSWORD=ABRACADABRA
UAF>
This command changes the systemwide password to ABRACADABRA.