Australia - Updated: 24-SEP-2003
hp.com home products and services support and drivers solutions how to buy
» contact hp
hp.com home hp OpenVMS ECOs

IMPORTANT NOTICE

The online distribution of OpenVMS and related product patches is being migrated to the HP ITRC (Information Technology Resource Center) patch distribution site. The new ITRC patch server will allow OpenVMS customers to take advantage of many enhanced features for patch searching and distribution.

Beginning August 1, 2003, OpenVMS and related Layered Product, publicly available patches will be available from the HP ITRC web site at

http://itrc.hp.com/service/patch/mainPage.do

The same patches will still be available from the existing patch server in Colorado Springs (http://www.support.compaq.com/patches/) through the end of October 2003, to give customers sufficient time to update their bookmarks and make the transition to the HP ITRC web site.

ECO kits will also be available by raw FTP from (ftp://ftp.itrc.hp.com/).

PLEASE UPDATE YOUR BOOKMARKS AND REGISTER ON THE NEW SITE NOW

Note: if you're having trouble connecting to the ITRC site, please delete any cookies for "itrc.hp.com" from your browser and try again. Report any difficulties with or suggestions to MrVMS

» Sydney CSC home page

Navigation
» ECOinfo main index
» Search ECOs
» Search FTP site
» Browse FTP site

ECO Indexes
» Chronological Index
» Indexed by Version
» Indexed by Rating
» Alpha Indexed by Name
» VAX Indexed by Name
» On Hold List

Associated Links
» OpenVMS Home Page
» OpenVMS News
» DIA/WIS Web Service

Feedback
» mail to CSC
.
Sydney Customer Support Centre
Contact Numbers
Australia: 13 11 47 
New Zealand 0800 449 552 
Sydney Customer Support Centre OpenVMS ECO information
    Updated: 24-SEP-2003 (Use your browsers' Reload button to ensure you're viewing the most recent version)

VAXLOGI06_071 OpenVMS VAX V7.1 LOGINOUT ECO Summary

To obtain this kit please call the Customer Support Centre or use the FTP site

Search for this ECO kit and dependencies
Search the Compaq FTP web site this kit (exact match)
Search the Compaq FTP web site this or related ECOs 

    

Copyright (c) Compaq Computer Corporation 1998.  All rights reserved.

Modification Date:  04-AUG-98
Modification Type:  Updated Kit:  Supersedes VAXLOGI05_071

PRODUCT:    DIGITAL OpenVMS VAX

COMPONENT:  LOGINOUT

SOURCE:     Compaq Computer Corporation

ECO INFORMATION:

     ECO Kit Name:  VAXLOGI06_071
     ECO Kits Superseded by This ECO Kit: VAXLOGI05_071
                                          VAXLOGI04_071
                                          VAXLOGI03_071
                                          VAXLOGI02_071
                                          VAXLOGI01_071
     ECO Kit Approximate Size:  504 Blocks
     Kit Applies To:  OpenVMS VAX V7.1
     System/Cluster Reboot Necessary:  No
     Installation Rating:   1 - To be installed on all systems running
                                the listed version(s) of OpenVMS.

     Kit Dependencies:

       The following remedial kit(s) must be installed BEFORE
       installation of this kit:

         None

       In order to receive all the corrections listed in this
       kit, the following remedial kits should also be installed:

         None


ECO KIT SUMMARY:

An ECO kit exists for LOGINOUT.EXE on OpenVMS VAX V7.1.  This kit
addresses the following problems:

Problems Addressed in VAXLOGI06_071:

  o  Blanks must be stripped from a password prior to OpenVMS
     password validation, which requires a conditioned password
     string (i.e., one that has blanks and control characters
     removed and alphabetic characters uppercased).  The
     blank-stripping feature was broken in OpenVMS V7.1.

     The problem occurred for interactive login (character cell and
     DECwindows), OpenVMS and external authentication logins, and
     network logins.


Problems Addressed in VAXLOGI05_071:

  o  SYS$OUTPUT logical name  for  network  logins  using  external
     authentication was not protected.


Problems Addressed in VAXLOGI04_071:

  o  Previous to  this  change,  when  external  authentication  was
     enabled   and   the   external   authentication   service   was
     unavailable, logins at the console (OPA0) would  succeed  using
     any  combination  of  username  and password, regardless of the
     state of the UAF flag EXTAUTH, just as if the  SYSUAF.DAT  file
     was unavailable or corrupt.

     With this change, if external authentication is enabled and the
     external  authentication  service is unavailable, logins at the
     console will fall-back to SYSUAF-based authentication.  In this
     situation,  logins  will  be  allowed  to any valid VMS account
     whether or  not  tagged  EXTAUTH.   (Allowing  local  emergency
     logins  to  EXTAUTH accounts satisfies those sites who may have
     tagged the SYSTEM or operator's account EXTAUTH.)


Problems Addressed in VAXLOGI03_071:

  o  Unless explicitly permitted by the system manager, a  user  who
     is  flagged for "external authentication" should not be able to
     perform  a  network  login  when  the  external  authentication
     returns SS$_INVUSER.

  o  Uppercasing the username and  password  breaks  DCE  integrated
     login.   External  authentication  allows username and password
     fields to to be case-sensitive.  In the case  of  LAN  Manager,
     usernames  are  case-insensitive, passwords are case-sensitive.
     These fields must have their case preserved throughout LOGINOUT
     except when being used to lookup records in the SYSUAF file for
     standard OpenVMS username/password validation.


Problems addressed in VAXLOGI02_071:

  o  Incorrect User Authorization failures when trying to log on to
     a system.


Problems Addressed in VAXLOGI01_071 KIT

  o  User account gets DISUSER flag set when no intrusions are present.


RELATED ARTICLES:

Detailed articles describing the problems listed above may exist in
the OPENVMS database.  To view these articles, open the appropriate
product database and perform a query using either of the following
search strings: 'VAXLOGI06_071' or 'VAXLOGI'.


ECO KIT ORDERING INSTRUCTIONS:

If after an evaluation you wish to obtain this kit, request it
electronically using the appropriate Advanced Electronic Services
(AES) Service Tool.  If you are not familiar with how to request
kits electronically, open the DIA, WIS or DSNLINK database and
review the article entitled:

     [AES] How To Electronically Request ECO Kits Using Service Tools


INSTALLATION NOTES:

No reboot is necessary after successful installation of this kit.

If you have other nodes in your VMScluster, they should be rebooted
or this kit should be installed on each of them in order to make use
of the new image.
  
  ==========================================================================
  |                     Table of Kit Image Information                     |
  +----------------------------+----------+-----------------+--------------+
  |                            | Overall  | Image File      | Image Link   |
  | Image Name                 | Checksum | Identification  | Date/Time    |
  +----------------------------+----------+-----------------+--------------+
  | LOGINOUT.EXE               |%XE52CDEFD| X-39A1          | 22-JUL-1998  |
  |                                       |                 | 08:45:16.08  |
  +----------------------------+----------+-----------------+--------------+
privacy statement using this site means you accept its terms feedback to the webmaster
© 1994-2003 Hewlett-Packard Company
VMS rules VMS rocks OpenVMS rules OpenVMS rocks