8.2.2 Setting JP1 users (linked users)
This subsection describes how to set JP1 users (linked users) to whom login authentication is performed from the directory server. To set JP1 users, you can use the GUI or commands to register and delete JP1 users who use JP1/IM or JP1/AJS. The JP1 users you register here will be used for login from JP1/IM - View or JP1/AJS - View. Unless otherwise specified, JP1 user means JP1 user (linked user) in this subsection.
JP1 users must be set only from a host that is an authentication server (a primary authentication server). For JP1/Base version 8 or earlier, you cannot set a linked user. Use JP1/Base 9 or later to set JP1 users.
The JP1/Base service must be running before you set JP1 users. If the JP1/Base service is inactive, start the service before attempting to set JP1 users.
The setup procedure is shown below for JP1 users when performed both from the GUI and by using commands.
- Organization of this subsection
(1) Using the GUI to set JP1 users
You can set JP1 users in the JP1 user area in the Authentication Server page of the JP1/Base Environment Settings dialog box.
To set information in the JP1 user area, you must activate it first. To do this, select (highlight) an authentication server in the Authentication Server field in the Order of authentication server area. Note, however, that the JP1 user area remains dimmed if:
-
You change an authentication server in the Order of authentication server area and the Apply button is active
-
The selected (highlighted) authentication server is blocked
If the Apply button is active, click the button. If the selected authentication server is blocked, clear that status as described in 8.4 Setup for handling the blocked status (using a secondary authentication server).
Click the Add button to display the JP1 User dialog box.
|
|
![[Figure]](GRAPHICS/ZU061100.GIF)
In this dialog box, specify a JP1 user. Enter the JP1 user name to be registered, and select the Link to the directory server check box. You do not need to enter a password. Make sure that the JP1 user name to be registered is different from the standard user name. You must use lower-case alphanumeric characters to specify a JP1 user name. If you use upper-case characters, they are automatically converted into lower-case characters.
The following table lists the limit on the number of characters that can be specified for the JP1 user name.
|
Item |
Number of bytes |
Prohibited characters |
|---|---|---|
|
JP1 user name |
1 to 31 bytes |
* / \ " ' ^ [ ] { } ( ) : ; | = , + ? < > spaces and tabs |
When you click the OK or Cancel button, the Authentication Server page comes to the front.
The registered JP1 user name appears in the User field. For a linked user, DS is displayed in the Linkage field.
To delete a JP1 user name listed in the User field, select the user name and click the Delete button. The selected JP1 user is deleted.
(2) Using commands to set JP1 users
You can use commands to register and delete JP1 users. JP1/Base also supports a command that lists the registered JP1 users. For details on the commands, see 15. Commands.
- Registering a JP1 user:
-
To register a JP1 user on the authentication server, execute the following command:
jbsadduser -ds JP1-user-name
For JP1-user-name, use lower-case characters. Table 8-4 lists the specifiable characters for the JP1 user name.
- Changing the password of a JP1 user:
-
You cannot change the password of a linked user in JP1/Base. Change the password from the directory server.
- Deleting a JP1 user:
-
To delete a registered JP1 user, execute the following command:
jbsrmuser JP1-user-name
- Listing registered JP1 users:
-
To list the registered JP1 users (standard users and linked users), execute the following command:
jbslistuser
To list only the registered linked users, execute the following command:
jbslistuser -ds
(3) Password for a linked user
Passwords for linked users are managed on the directory server, the specifiable characters are the same as those for standard users. The passwords are case-sensitive. The specifiable characters for a password are shown below:
-
Byte string (6 to 32 bytes)
-
Prohibited characters: \ " : and spaces and tabs
If the number of bytes of a password registered on the directory server in not within the predefined range, or a prohibited character is used in the password, user authentication will fail.