OpenTP1 Version 7 User's Guide

[Contents][Index][Back][Next]

2.3 Permission control facility

In Windows, many permissions are granted by default to a user with Administrators group permissions. However, granting too many permissions might have adverse effects on the security of user servers.

OpenTP1 for Windows enables you to control the Windows permissions assigned to a user server. This function is called the permission control facility. You can use this facility to enhance the security of user servers.

If a user server is used to perform operations that require Windows permissions, you can also set permissions individually. For example, if you use the dc_adm_call_command function within a user server, and the process to be executed requires permissions, you must grant the permissions individually to that user server.

The following subsection explains the environment settings required in order to use the permission control facility.

Organization of this section
(1) Environment settings

(1) Environment settings

To use the permission control facility, you must specify the following system definition:

User service definition
  • process_privilege_restrict operand
    Specifies whether the Windows permissions are to be restricted for the user server.
  • process_privilege_name operand
    Specifies the name of the Windows permissions to be granted to the user server.

For details about these operands, see User service definition in 5.3 Details of system definitions.

[Contents][Back][Next]

[Trademarks]

All Rights Reserved. Copyright (C) 2012, Hitachi, Ltd.