HP Sentry User Manual

Section 2 - 12

SENTRY User’s Guide

Fitzgerald & Long

configured (through the System Profile screen) to generate alphanumeric passwords, which will contain at
least 1 numeric character.

If the System Profile is set to allow null passwords to be optional, you may <RETURN> past this prompt
leaving it null. We do not recommend null passwords. Every user should have a unique user ID and
passwords should be changed on a regular basis.

5. UID - This field defines the UID number for the user. Because UNIX references users internally by
their number, not their user ID, a UID may not be unique (e.g. root UID = zero). All users with the same
UID have the same privileges. File ownership is defined by the UID not the user name. In our example
screen note that the UID of 0 (zero) for the user ID “peggy” is used for both “peggy” and “root”. These
user IDs appear to the right of the field in parentheses. Cross referencing is available at this prompt. Enter
“@” for a list of all users and their UID’s. Enter “@” followed by part of a user name to cross reference
by name. For example, enter “@long” to see a list of users with the name “Long”. SENTRY will
generate a new UID if the character “N” is entered at this prompt. Generally speaking, it not a good
security practice to have more than one user ID with the same UID. A standard UNIX convention is to
assign all “normal” users UID’s greater than 100. Numbers lower then 100 are customarily assigned to
special system user IDs. A record called NEXT.NUMBER in the SENTRY.CONTROL file is maintained
by SENTRY to provide the next available number. You may edit this record and start it at your preferred
starting number. The largest UID number is defined by the System Profile program and should be set no
higher than your system’s limit.

6. GID - This field defines the GID number for the user. This number specifies the user’s primary group
membership. Although the user may belong to supplementary groups, this field defines the primary group.
The name of this group is translated via the UNIX “group” file and the GID may be used in assigning file
system permissions.

To review a list of groups defined on your system and their GIDs, enter “@” at this prompt. You may
choose a group from this “pick” list. The name of the group will display in parentheses to the right of the
file. If you enter an “N” SENTRY assumes that you wish to create a new group. The next available GID
will be assigned and you will be prompted to provide a Group Name.

At this prompt you may enter “@” for a list of defined groups, “@” followed by part of a group name to
see a cross reference list, an existing GID, a new GID, the name of an existing group (SENTRY will look
up the GID), or an “N” and SENTRY will generate the next available GID. Because some versions of
UNIX limit the number of simultaneous supplementary groups to 8 your group assignments should be
carefully planned so that you have no user who requires membership in more than 9 groups (one primary
and 8 supplemental).

7. Home Directory - The directory to which the user is initially attached at login is commonly called the
“home” directory. Enter the path to this directory here. A cross reference list is available by entering
“@”. This will provide a list of all the paths defined as “home” directories in use by the users on your
system.