- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - OpenVMS
- >
- Protection settings
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-04-2006 12:02 AM
тАО08-04-2006 12:02 AM
What is the command?
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-04-2006 12:14 AM
тАО08-04-2006 12:14 AM
SolutionIt is unlikely that you need to set the protections on the drives.
What is more likely is that the one or more directories are protected in such a way as to prevent write access from the account that you are using.
As I mentioned in your other posting, what does the output of DIRECTORY/SECURITY say on the directories?
- Bob Gezelter, http://www.rlgsc.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-04-2006 12:17 AM
тАО08-04-2006 12:17 AM
Re: Protection settings
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-04-2006 12:34 AM
тАО08-04-2006 12:34 AM
Re: Protection settings
We need all directories on all three servers to be able to accept copies from TSTSTG. An example of some failures are shown bellow.
Jim
TSTSTG-1 >copy CLAIMS_ANALYSIS.EXE team07::$1$DUA4:[EXE]* /prot=w:rewd %COPY-E-OPENOUT, error opening TEAM07::$1$DUA4:[EXE]CLAIMS_ANALYSIS.EXE;81 as ou tput -RMS-E-CRE, ACP file create failed -SYSTEM-F-INVLOGIN, login information invalid at remote node %COPY-W-NOTCOPIED, DUA25:[X53.SYSTEST.EXE]CLAIMS_ANALYSIS.EXE;81 not copied
TSTSTG-1 >copy CLAIMS_ANALYSIS.EXE team08::prod_exe /prot=w:rewd %COPY-E-OPENOUT, error opening TEAM08::[]PROD_EXE.EXE; as output -RMS-E-CRE, ACP file create failed -SYSTEM-F-INVLOGIN, login information invalid at remote node %COPY-W-NOTCOPIED, DUA25:[X53.SYSTEST.EXE]CLAIMS_ANALYSIS.EXE;81 not copied
TSTSTG-1 >copy ready_byrd.com team08::USRDSK1:[BLS]* %COPY-E-OPENOUT, error opening TEAM08::USRDSK1:[BLS]READY_BYRD.COM;29 as output -RMS-E-CRE, ACP file create failed -SYSTEM-F-INVLOGIN, login information invalid at remote node %COPY-W-NOTCOPIED, USERS$DISK:[X53BYRD]READY_BYRD.COM;29 not copied
TSTSTG-1 >copy ready_byrd.com team08::prod_dcl:* /prot=w:rewd %COPY-E-OPENOUT, error opening TEAM08::PROD_DCL:[]READY_BYRD.COM;29 as output -RMS-E-CRE, ACP file create failed -SYSTEM-F-INVLOGIN, login information invalid at remote node %COPY-W-NOTCOPIED, USERS$DISK:[X53BYRD]READY_BYRD.COM;29 not copied
TSTSTG-1 >copy ready_byrd.com team08::prod_dcl:* %COPY-E-OPENOUT, error opening TEAM08::PROD_DCL:[]READY_BYRD.COM;29 as output -RMS-E-CRE, ACP file create failed -SYSTEM-F-INVLOGIN, login information invalid at remote node %COPY-W-NOTCOPIED, USERS$DISK:[X53BYRD]READY_BYRD.COM;29 not copied
TSTSTG-1 >copy ready_byrd.com team08::prod_dcl:*
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-04-2006 12:47 AM
тАО08-04-2006 12:47 AM
Re: Protection settings
Use AUTHORIZE to review the proxy accounts:
UAF> show/proxy *
If they do not exist, you can add them e.g.:
UAF> add/proxy *::TSTSTG TSTSTG/default
would allow a TSTSTG user on any other node (the *) to log into this node as user TSTSTG
If no proxies have ever been defined, you will need to create the proxy database (only once per node):
UAF> create/proxy
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-04-2006 12:49 AM
тАО08-04-2006 12:49 AM
Re: Protection settings
You could use OPCOM to find the directories with the 'wrong' protection
If not already done:
SET AUDIT/ENABLE=FILE=FAIL/ALARM
or/and
SET AUDIT/ENABLE=FILE=FAIL/AUDIT
Then do a
REPLY/ENABLE
and let the user try.
You will then see OPCOM Messages or you can find this messages also in SYS$MANAGER:OPERATOR.LOG
such a Message looks similar like this one
%%%%%%%%%%% OPCOM 4-AUG-2006 14:38:28.20 %%%%%%%%%%%
Message from user AUDIT$SERVER on OBELIX
Security alarm (SECURITY) and security audit (SECURITY) on OBELIX, system id: 1027
Auditable event: Object access
Event information: file access request (IO$_ACCESS or IO$_CREATE)
Event time: 4-AUG-2006 14:38:28.20
PID: 202091A6
Process name: GENI
Username: GENI
Process owner: [GENI]
Terminal name: FTA727:
Image name: DSA0:[SYS0.SYSCOMMON.][SYSEXE]TYPE.EXE
Object class name: FILE
Object owner: [1,1]
Object protection: SYSTEM:RWED, OWNER:RWED, GROUP:RE, WORLD:
File name: _DSA0:[VMS$COMMON.SYS$STARTUP]SYSTARTUP_VMS.DAT;52
File ID: (11753,2855,0)
Access requested: READ
Posix UID: -2
Posix GID: -2 (%XFFFFFFFE)
Sequence key: 2B408B73
Status: %SYSTEM-F-NOPRIV, insufficient privilege or object protection violation
I enabled Opcom (REPL/ENABLE) removed my privileges (SET PROC/PRIV=NOALL) and did a TYPE of a file with a protection, which does not allowed me to type the file (SYS$STARTUP:SYSTARTUP_VMS.DAT).
In the Opcom message you can find all the required informations to solve your problem. This works same for direcory files.
Hope that helps
Regards
Heinz
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-04-2006 12:50 AM
тАО08-04-2006 12:50 AM
Re: Protection settings
$ SET DEF SYS$SYSTEM
$ MCR AUTHORIZE SHOW/PROX TESTG::*
which username on team08 does the proxy refer to ? Is it ok?
You may find that enabling opcom messages on team08 before attempting the file copy will give useful infomation.
$ REPLY/ENABLE
Purely Personal Opinion
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-04-2006 12:56 AM
тАО08-04-2006 12:56 AM
Re: Protection settings
TEAM08> set def sys$system:
TEAM08> mcr authorize show/prox tststg::*
%SECSRV-E-NOSUCHPROXY, no proxy record matches your specification
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-04-2006 01:07 AM
тАО08-04-2006 01:07 AM
Re: Protection settings
TSTSTG-1 >copy CLAIMS_ANALYSIS.EXE team08::prod_exe /prot=w:rewd %COPY-E-OPENOUT, error opening TEAM08::[]PROD_EXE.EXE; as output -RMS-E-CRE, ACP file create failed -SYSTEM-F-INVLOGIN, login information invalid at remote node %COPY-W-NOTCOPIED, DUA25:[X53.SYSTEST.EXE]CLAIMS_ANALYSIS.EXE;81 not copied
With destination + *...
TSTSTG-1 >copy CLAIMS_ANALYSIS.EXE team08::prod_exe:* /prot=w:rewd %COPY-E-OPENOUT, error opening TEAM08::PROD_EXE:[]CLAIMS_ANALYSIS.EXE;81 as outp ut -RMS-E-CRE, ACP file create failed -SYSTEM-F-INVLOGIN, login information invalid at remote node %COPY-W-NOTCOPIED, DUA25:[X53.SYSTEST.EXE]CLAIMS_ANALYSIS.EXE;81 not copied
How do I look at the operator log, I enabled it and I see nothing?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-04-2006 01:12 AM
тАО08-04-2006 01:12 AM
Re: Protection settings
On TEAM08 and TEAM09:
$ set def sys$system
$ mc authorize
UAF> create/proxy ! just in case
UAF> add TSTSTG::
UAF>exit
$
The usernames on TEAM08/09, must have access to the directories you are copying to -- you may have to create them!