HP Sentry User Manual

Section 1 - 8

SENTRY User’s Guide

Fitzgerald & Long

This program will generate a printed report, using whatever printer setup is in effect at the time the
program is run. To modify the printer, destination or form, use the SETPTR command at the TCL prior to
running the program. Alternatively, the SENTRY XEQ function may be used to execute the SETPTR
command.

To execute this program, select 1. Database Creation and Validation Menu from the SENTRY Main
Menu. Next, select 3. Validate the User Profile Database from the Database Creation and Validation
Menu.

Enter “OK” to start the validation or “<ESC>“ to exit: - This is the first of two input prompts in
this program. If you enter “OK”, the program will continue. To exit at either prompt press <ESC> then
enter <RETURN>.

Do you want to print missing password messages?(Y/N) or <ESC> to exit:

Your answer to this prompt controls whether or not the validation program tells you about users who have
no passwords in the SENTRY database. If “Y” is entered the message

FATAL! User “USER.ID” does not have a password in the SENTRY database.

will print on the validation report.

When SENTRY retrieves the data from the passwd file, the password field is loaded into the SENTRY
database. SENTRY cannot read the password or decrypt it! Only passwords created from the User Profile
data entry screen, which are encrypted by SENTRY can be decrypted by SENTRY. Some system
administrators choose to setup and track all user passwords through SENTRY. Others choose to have
users manage their own passwords and not to maintain them in SENTRY. If you are not tracking user
passwords, the “missing password” messages will be of little use to you.

We suggest that you answer “N”o don’t print these messages unless you have created all passwords
through the User Profile data entry screen or through one of SENTRY’s password utilities.

Two types of errors are reported. These are called “FATAL” and “Warning”. “FATAL” errors are those
which we believe could possibly create a serious security issue or those which would lead to an operational
problem. The following is a list of errors which we have labeled as FATAL.

1. “User XXXXX not on the SENTRY.USERS file.” - The user name “XXXXX” was found in the
list of SENTRY users in the SENTRY.CONTROL file, but no record was found for this user in the
SENTRY.USERS file. This indicates an inconsistency in the SENTRY database; we suggest that the User
Profiles be uploaded from UNIX again (selection 1 in the Database Creation and Validation Menu.)

2. “User XXXXX does not have a password in the SENTRY database.” - The user
“XXXXX” has no password in SENTRY. This message will ONLY appear if you answered “Y” to the
prompt, “Do you want to print missing password messages?”. If you are tracking passwords
within SENTRY, this user should be assigned a password.