8.3.2 Setting JP1 users
This section describes the JP1 users (standard users) for whom user authentication is performed from the authentication server. JP1 users must be set only from the hosts that are authentication servers (the primary authentication servers).
When an attempt is made to register a JP1 user or to change a JP1 user's password, the authentication server uses the password policy definitions to check the specified password. If the specified password is not compliant with the password policy, the authentication server outputs a warning message to the integrated trace log. By referring to the integrated trace log, you can identify the reason for non-compliance.
An error is output unless the specified password satisfies all the policy conditions set in the password policy definitions.
- Important
-
When a password check based on the password policy definitions is enabled, entering a non-compliant password upon the execution of a command causes the KAVA5908-E message to be output.
You can use commands supported by JP1/Base to register or delete JP1 users or change their passwords. JP1/Base also supports a command that lists the registered JP1 users. For details on the commands, see 15. Commands.
- Organization of this subsection
(1) Registering a JP1 user
To register a JP1 user on the authentication server, execute the following command:
jbsadduser JP1-user-name
For JP1-user-name, use lower-case characters. This command prompts you to enter a password. The password is case-sensitive. The following table lists the limit on the number of characters that can be specified for the JP1 user name and password.
When a password check based on the password policy definitions is enabled, a check is performed to verify if a password set upon the registration of a JP1 user is compliant with the password policy.
Item |
Number of bytes |
Prohibited characters |
---|---|---|
JP1 user name |
1 to 31 bytes |
* / \ " ' ^ [ ] { } ( ) : ; | = , + ? < > spaces and tabs |
Password# |
6 to 32 bytes |
|
(2) Changing a JP1 user's password:
To change the password of a registered JP1 user, execute the following command:
jbschgpasswd JP1-user-name
When a password check based on the password policy definitions is enabled, a check is performed to verify if a password set during the process of changing a JP1 user's password is compliant with the password policy.
(3) Deleting a JP1 user:
To delete a registered JP1 user, execute the following command:
jbsrmuser JP1-user-name
(4) Listing all JP1 users
To list the registered JP1 users, execute the following command:
jbslistuser