TCP/IP Information
Copyright © 1997 by International Business Machines Corporation

TCP/IP Configuration Notebook Online Help

Configure User Security Page

Use this page to configure and maintain users' access status for one or more of the following TCP/IP servers on this host: FTPD, TELNETD, and REXECD. The TCP/IP administrator grants users access and updates their access status by:

Information from this page is saved in the TCP/IP Configuration Notebook, and passwords are encrypted before they are stored.

The fields on this page are:

User Name... list box

Contains user names (with optional comments) of users who may be authorized to access one or more servers on this host.

The push buttons on this page are:

Configure FTP Server

File Transfer Protocol is used to read and write data from and to a remote host, in ASCII or binary form, and provides additional functions such as the ability to list directories at a remote host and transfer multiple files at once.

Use this push button to configure a user selected from the User Name... list box. You may grant a user FTP access to this computer, specify the Read/Write directories the user can access, and determine which of the user's FTP activities will be logged. Clicking this push button displays the Configure FTP Access window. Until this window is completed for a selected user, the words "Not Configured" will appear in the FTP Server area on the Configure User Security page. Otherwise, the word "Configured" will appear.

The fields for this window are:

Enable FTP Access for This User
Check this box to give the selected user FTP access to the host. When this box is checked for a selected user, the word "Enabled" will appear in the FTP Server area on the Configure User Security page. Otherwise, the word "Disabled" will appear.

Directory Access for Read

Specify the directories or subdirectories for which you are granting read access to the FTP user. The following are examples of directory access for read:

c:\
Grants read access to all subdirectories and files in the c:\ drive.

c:\docs
Grants read access to only the docs subdirectory in the c:\ drive.

Deny Read Access to Directories Listed

Check this box to deny Read access to the drives and directories listed in Directory Access for Read field.

Attention: Checking this box gives Read access to any drive or directory not explicitly listed in the Directory Access for Read field.

Uncheck this box to grant Read access only to the drives and directories listed in Directory Access for Read field.

Directory Access for Write

Specify the directories or subdirectories for which you are granting write access to the FTP user. The following are examples of directory access for write:

c:\
Grants write access to all subdirectories and files in the c:\ drive.

c:\temp d:\doc
Grants write access to the temp subdirectory in the c:\ drive and the doc subdirectory in the d:\ drive.

Deny Write Access to Directories Listed

Check this box to deny Write access to the drives and directories listed in Directory Access for Write field.

Attention: Checking this box gives Write access to any drive or directory not explicitly listed in the Directory Access for Write field.

Uncheck this box to grant Write access only to the drives and directories listed in Directory Access for Write field.

Timeout (seconds)
Specify how many seconds after user input activity stops that the FTP connection should stay active, before timing out.

dbg
Check this box to record debug information, in addition to any the other FTP commands you check below, in the system log file (default name SYSLOG.MSG). The information will only be logged if this box is checked and SYSLOGD is running.

Log All (except dbg)
Check this box to record all the FTP commands (listed below) in the system log file (default name SYSLOG.MSG). If this box is checked, the FTP commands in the subsequent list will not be selectable. If this box is not checked, you can log any of the subsequent FTP commands individually; in which case, only the checked commands will be logged in the system log file.

The information will only be logged if this box is checked and SYSLOGD is running.

cd FTP Command

Log all occurrences by the user of the FTP cd (change remote working directory) command to the system log file (default name SYSLOG.MSG). The messages will only be logged if this box is checked and SYSLOGD is running.

dir FTP Command

Log all occurrences by the user of the FTP dir (list contents of remote directory) command to the system log file (default name SYSLOG.MSG). The messages will only be logged if this box is checked and SYSLOGD is running.

get FTP Command

Log all occurrences by the user of the FTP get (receive one file) command to the system log file (default name SYSLOG.MSG). The messages will only be logged if this box is checked and SYSLOGD is running.

md FTP Command

Log all occurrences by the user of the FTP md (delete multiple files) command to the system log file (default name SYSLOG.MSG). The messages will only be logged if this box is checked and SYSLOGD is running.

put FTP Command
Log all occurrences by the user of the FTP put (send one file) command to the system log file (default name SYSLOG.MSG). The messages will only be logged if this box is checked and SYSLOGD is running.

rd FTP Command
Log all occurrences by the user of the FTP rd (remove remote directory) command to the system log file (default name SYSLOG.MSG). The messages will only be logged if this box is checked and SYSLOGD is running.

del FTP Command
Log all occurrences by the user of the FTP del (delete remote file) command to the system log file (default name SYSLOG.MSG). The messages will only be logged if this box is checked and SYSLOGD is running.

ren FTP Command
Log all occurrences by the user of the FTP ren (rename remote file) command to the system log file (default name SYSLOG.MSG). The messages will only be logged if this box is checked and SYSLOGD is running.

Additional push buttons for this window are:

OK
Close the window and save any changes.

Cancel
Close the window and discard any changes.

Help
Get help information for this notebook page.

Configure TELNET Server
The Telnet protocol provides a standard way for terminal devices to access terminal-oriented processes. It provides duplex communication and can send data in ASCII or binary form. Telnet is typically used to establish a session on a remote host but can also be used for terminal-to-terminal and interprocess communication.

Use this push button to configure a user selected from the User Name... list box. You may grant a user Telnet access this computer, specify what program the user can run on the Telnet server (typically the TELNETD.CMD command shell), and specify any shell commands to be passed to the program. Clicking this push button displays the Configure TELNET Access window. Until this window is completed for a selected user, the words "Not Configured" will appear in the TELNET Server area on the Configure User Security page. Otherwise, the word "Configured" will appear.

The fields for this window are:

Enable TELNET Access for This User
Check this box to give the selected user TELNET access to the host. When this box is checked for a selected user, the word "Enabled" will appear in the TELNET Server area on the Configure User Security page. Otherwise, the word "Disabled" will appear.

Program
Specify the command shell that will run on the TELNET server when the connection is established for this user. The default command shell is TELNETD.CMD.

Shell Parameters
Specify any parameters to be passed to the program. There are no limitations to what you can pass to the TELNETD.CMD file; you can specify standard batch file commands or REXX commands.

Disconnect When Shell Exits
End the TELNET client session after the shell program runs on the remote system. The default is to disconnect when the user ends the shell program.

Additional push buttons for this window are:

OK
Close the window and save any changes.

Cancel
Close the window and discard any changes.

Help
Get help information for this notebook page.

Configure REXEC Server
Enable REXEC access for a user selected from the User Name... list box. REXECD provides automatic logon and user authentication, depending on the parameters specified in the REXEC command, or in the NETRC file (see the online TCP/IP Guide for sample content of an NETRC file). Clicking this push button displays the Configure REXEC Access window.

The fields for this window are:

Enable REXEC Access for This User
Check this box to give the selected user access to the REXEC server. When this box is checked for a selected user, the word "Enabled" will appear in the REXEC Server area on the Configure User Security page. Otherwise, the word "Disabled" will appear.

Additional push buttons for this window are:

OK
Close the window and save any changes.

Cancel
Close the window and discard any changes.

Help
Get help information for this notebook page.

Copy User Access
Create a new user account with exactly the same accesses as an existing user account highlighted in the User Name... list box. The new user will receive all FTP, TELNET, and REXEC accesses and privileges that the copied user has.

When you click the Copy User Access push button, the Copy User Access window appears. Use this window to provide a user name for the new account, change the password (the new user will have the same password as the copied user, unless you change it here), and note any comments relevant to the new user.

The fields on this window are:

User Name

Specify the new user name to be added to the list box. The user name may be up to 64 alphanumeric characters, and must be different from the user name of the account you are copying. This field is required.

Comment

Specify a description of up to 256 characters for this entry. This field is optional.

Password

Overtype the asterisks in this field if you want the new user to have a password different from the copied user. The password can be up to 12 characters and is case-sensitive. Changing this field is optional.

Verify Password

If, in the Password field, you changed the password for the new user, re-enter the password here to confirm your new entry was typed correctly. If you modified the Password field, this field is required.

Home DIR

Overtype the information in this field if you want the new user to have a virtual root directory (the directory where the user automatically begins upon logging in) different from the copied user.

Add
Insert an entry into the list box. When you click the Add push button, the User Security Entry window appears. Use this window to supply information about the new user.

The fields on this window are:

User Name

Specify the user name to be added to the list box. The user name may be up to 64 alphanumeric characters. This field is required.

Comment

Specify a description of up to 256 characters for this entry. This field is optional.

Password

Type a unique string of characters that authorizes the user to log on to your computer. The password can be up to 12 characters and is case-sensitive. This field is required.

Verify Password

Re-enter the password from the Password field to confirm your entry was typed correctly. This field is required.

Home DIR

Specify the user's virtual root directory, the directory where the user automatically begins upon logging in.

Additional push buttons for this window are:

OK
Close the window and save any changes.

Cancel
Close the window and discard any changes.

Help
Get help information for this notebook page.

Change
Modify a User Name entry selected from the list box. When you click the Change push button, the User Security Entry window appears.

The fields you can change from this window are:

User Name

Specify the user name to be added to the list box. The user name may be up to 64 alphanumeric characters. This field is required.

Comment

Specify a description of up to 256 characters for this entry. This field is optional.

Password

Specify a unique string of characters that authorizes the user to log on to your computer. The password can be up to 12 characters and is case-sensitive. This field is required.

Verify Password

Re-enter the password from the Password field to confirm your entry was typed correctly. This field is required.

Home DIR

Specify the user's virtual root directory, the directory where the user automatically begins upon logging in.

Additional push buttons for this window are:

OK
Close the window and save any changes.

Cancel
Close the window and discard any changes.

Help
Get help information for this notebook page.

Delete
Erase the list box entry you selected, which will be displayed in a Delete window. You cannot modify the displayed entry; click OK to delete it, or Cancel to close the window without deleting.

Undo
Remove any changes made since you last accessed this page.

OK
Close the TCP/IP Configuration Notebook and save all changes made since opening it.

Cancel
Close the TCP/IP Configuration Notebook and discard any changes made since opening it.

Help
Get help information for this notebook page.

The subtabs on this page are:

User Access
Go to the Configure User Security page.

RSHD
Go to the Configure RSHD Access page.

TFTPD
Go to the Configure TFTPD Access page.

Admin PW
Go to the IBM TCP/IP Administrator Password page.

How Do I?

For a step-by-step description of key tasks you can do from this page, go to:


[ Top of Page | Previous Page | Next Page | Table of Contents ]