Operating System - OpenVMS
cancel
Showing results for 
Search instead for 
Did you mean: 

User restriction

iman_1
Advisor

User restriction

Hia,

Is there a way I can allow one user to just login into his home directory and nowhere else so that he can just ftp his files from there ?

Ciao,
5 REPLIES
Karl Rohwedder
Honored Contributor

Re: User restriction

You may try with protections to prevent the user from accessing other directories, but that may become hard to manage.
Why don't you just give the user NETWORK access (MC AUTHORIZE MOD user/NOACCESS/NETWORK) and let him ftp his files from remote?

regards Kalle
Steven Schweda
Honored Contributor

Re: User restriction

First, you log into a system, not into a
directory.

There are many ways to restrict a user's
activity, such as a captive account, but it
would probably help to know exactly what
needs to be done by the user (like, transfer
files from xxx to yyy), rather than your idea
of how to implement the solution ("ftp his
files from there").
Thomas Ritter
Respected Contributor

Re: User restriction

iman, this may not be too useful in the short term, but our systems have been configured for no FTP access anywhere. All FTP type work has to be performed through a middle man box. We have a pair of DS10 running VMS. Internally we use DECNET to copy files to the DS10. Externally only FTP accesss is allowed. It was quite cheap to setup. Our approach almost ensures not leakage of files from Production and the FTP drop box is very well audited and restricted.
Andy Bustamante
Honored Contributor

Re: User restriction


We use an off lease Alphaserver-800 as an FTP server. Users are restricted to network access on logical device(s). We get the security of OpenVMS in a low cost system.

Andy
If you don't have time to do it right, when will you have time to do it over? Reach me at first_name + "." + last_name at sysmanager net
Chinraj Rajasekaran
Frequent Advisor

Re: User restriction

Hi,

For the ftp users just grant "NETWORK" access and disable all other BATCH/LOCAL/DIALUP/REMOTE accesses.



regards
Raj