Bay Networks 6300 Supplement Manual page 294
Supplement to the remote annex administrator’s guide for unix
Hide thumbs
Also See for 6300:
- Hardware installation manual (138 pages) ,
- Quick start manual (60 pages) ,
- Ordering manual (2 pages)
Table of Contents
Advertisement
Chapter 15
Using RA 6300 Security
Remote Annex 6300 Supplement to the Remote Annex Administrator's Guide for UNIX
A-266
Following are sample acp_userinfo entries, including nve_filter
information, for two users. User frick is allowed access only to the
resources of her office Macintosh named Frick CPU. User frack cannot
access frick's machine, nor is she allowed access to any sales resources.
user username=frick
at_passwd klot
at_nve_filter include Frick\CPU:*@eng end
end
user username=frack
at_passwd curly
at_nve_filter exclude Frick*:*@ *:*@sales end
end
Like all other acp_userinfo entries, nve_filter information is syntax-
checked by erpcd. Any errors cause the entire filter to be discarded, and
an error message is generated.
This method of limiting NBP traffic is not secure, and can be
circumvented by a person willing to write code to probe the network
without using NBP. Also, this feature has no local RA 6300 security
equivalent.
at_passwd
Each registered AppleTalk user (as opposed to a guest) must have a
password defined in the acp_userinfo file. The definition can be for a
single user or for conditions that meet profile criteria (e.g., membership
in a group).
Table A-34
the acp_userinfo file. The syntax is:
at_passwd string
defines the argument for the at_passwd entry in
Book A
Advertisement
Table of Contents
