SEARCH CONTACT US SUPPORT SERVICES PRODUCTS STORE
United States    
COMPAQ STORE | PRODUCTS | SERVICES | SUPPORT | CONTACT US | SEARCH
gears
compaq support options
support home
software & drivers
ask Compaq
reference library
support forum
frequently asked questions
support tools
warranty information
service centers
contact support
product resources
parts for your system
give us feedback
associated links
.
} what's new
.
} contract access
.
} browse patch tree
.
} search patches
.
} join mailing list
.
} feedback
.
patches by topic
.
} DOS
.
} OpenVMS
.
} Security
.
} Tru64 Unix
.
} Ultrix 32
.
} Windows
.
} Windows NT
.
connection tools
.
} nameserver lookup
.
} traceroute
.
} ping 

OpenVMS VAXLOGI06_071 OpenVMS VAX V7.1 LOGINOUT ECO Summary


TITLE: OpenVMS VAXLOGI06_071 OpenVMS VAX V7.1 LOGINOUT ECO Summary
 
Modification Date:  04-AUG-98
Modification Type:  Updated Kit:  Supersedes VAXLOGI05_071

NOTE:  An OpenVMS saveset or PCSI installation file is stored
       on the Internet in a self-expanding compressed file.
       The name of the compressed file will be kit_name-dcx_vaxexe
       for OpenVMS VAX or kit_name-dcx_axpexe for OpenVMS Alpha.
 
       Once the file is copied to your system, it can be expanded
       by typing RUN compressed_file.  The resultant file will
       be the OpenVMS saveset or PCSI installation file which
       can be used to install the ECO.
 
Copyright (c) Compaq Computer Corporation 1998.  All rights reserved.

PRODUCT:    DIGITAL OpenVMS VAX

COMPONENT:  LOGINOUT

SOURCE:     Compaq Computer Corporation

ECO INFORMATION:

     ECO Kit Name:  VAXLOGI06_071
     ECO Kits Superseded by This ECO Kit: VAXLOGI05_071
                                          VAXLOGI04_071
                                          VAXLOGI03_071 
                                          VAXLOGI02_071
                                          VAXLOGI01_071
     ECO Kit Approximate Size:  504 Blocks
     Kit Applies To:  OpenVMS VAX V7.1
     System/Cluster Reboot Necessary:  No
     Installation Rating:   1 - To be installed on all systems running
                                the listed version(s) of OpenVMS.

     Kit Dependencies:

       The following remedial kit(s) must be installed BEFORE
       installation of this kit:

         None 

       In order to receive all the corrections listed in this
       kit, the following remedial kits should also be installed:

         None 


ECO KIT SUMMARY:

An ECO kit exists for LOGINOUT.EXE on OpenVMS VAX V7.1.  This kit 
addresses the following problems:

Problems Addressed in VAXLOGI06_071:

  o  Blanks must be stripped from a password prior to OpenVMS
     password validation, which requires a conditioned password
     string (i.e., one that has blanks and control characters
     removed and alphabetic characters uppercased).  The
     blank-stripping feature was broken in OpenVMS V7.1.

     The problem occurred for interactive login (character cell and
     DECwindows), OpenVMS and external authentication logins, and
     network logins.


Problems Addressed in VAXLOGI05_071:

  o  SYS$OUTPUT logical name  for  network  logins  using  external
     authentication was not protected.


Problems Addressed in VAXLOGI04_071:

  o  Previous to  this  change,  when  external  authentication  was
     enabled   and   the   external   authentication   service   was     
     unavailable, logins at the console (OPA0) would  succeed  using    
     any  combination  of  username  and password, regardless of the    
     state of the UAF flag EXTAUTH, just as if the  SYSUAF.DAT  file    
     was unavailable or corrupt.                                        
                                                                    
     With this change, if external authentication is enabled and the    
     external  authentication  service is unavailable, logins at the    
     console will fall-back to SYSUAF-based authentication.  In this    
     situation,  logins  will  be  allowed  to any valid VMS account    
     whether or  not  tagged  EXTAUTH.   (Allowing  local  emergency    
     logins  to  EXTAUTH accounts satisfies those sites who may have    
     tagged the SYSTEM or operator's account EXTAUTH.)                  


Problems Addressed in VAXLOGI03_071:

  o  Unless explicitly permitted by the system manager, a  user  who
     is  flagged for "external authentication" should not be able to
     perform  a  network  login  when  the  external  authentication
     returns SS$_INVUSER.

  o  Uppercasing the username and  password  breaks  DCE  integrated
     login.   External  authentication  allows username and password
     fields to to be case-sensitive.  In the case  of  LAN  Manager,
     usernames  are  case-insensitive, passwords are case-sensitive.
     These fields must have their case preserved throughout LOGINOUT
     except when being used to lookup records in the SYSUAF file for
     standard OpenVMS username/password validation.


Problems addressed in VAXLOGI02_071:

  o  Incorrect User Authorization failures when trying to log on to
     a system.


Problems Addressed in VAXLOGI01_071 KIT

  o  User account gets DISUSER flag set when no intrusions are present.


INSTALLATION NOTES:
                                                                   
No reboot is necessary after successful installation of this kit.       
                                                                   
If you have other nodes in your VMScluster, they should be rebooted     
or this kit should be installed on each of them in order to make use 
of the new image.

This patch can be found at any of these sites:

Colorado Site
Georgia Site


Files on this server are as follows:

vaxlogi06_071.README
vaxlogi06_071.CHKSUM
vaxlogi06_071.CVRLET_TXT
vaxlogi06_071.a-dcx_vaxexe

privacy and legal statement