LOGINCP or LOGONCP command: Difference between revisions

From m204wiki
Jump to navigation Jump to search
(Clarification on the use of commas in passwords.)
Line 67: Line 67:
A password can be 1 to 127 characters long. Versions 7.7 and later support long passwords, or passphrases, which are at least 9 characters long and up to 127 characters.  
A password can be 1 to 127 characters long. Versions 7.7 and later support long passwords, or passphrases, which are at least 9 characters long and up to 127 characters.  
<ul>
<ul>
<li>CCASTAT passwords: Regular passwords (up to 8 characters) and long passwords maintained in CCASTAT with the <var>[[LOGCTL command: Modifying file entries in the password table|LOGCTL]]</var> command can contain any character except a comma - comma is the delimiter between arguments to the LOGCTL command.  However, commas are allowed in passwords changed with the LOGONCP command or with the <var>[[$Sir_Login]]</var> function.</li>
<li>CCASTAT passwords: Regular passwords (up to 8 characters) and long passwords maintained in CCASTAT with the <var>[[LOGCTL command: Modifying file entries in the password table|LOGCTL]]</var> command can contain any character except a comma &mdash; comma is the delimiter between arguments to the LOGCTL command.  However, commas are allowed in passwords changed with the LOGONCP command or with the <var>[[$Sir_Login]]</var> function.</li>
<li>External Security Manager (ESM) passwords: Regular passwords (up to 8 characters) and passphrases maintained by an ESM can contain some special characters, depending on the settings for that ESM. Check with your ESM administrator to determine which characters are allowed. Passwords and passphrases are passed, unaltered and with no restrictions, from Model 204 to the ESM for verification. </li>
<li>External Security Manager (ESM) passwords: Regular passwords (up to 8 characters) and passphrases maintained by an ESM can contain some special characters, depending on the settings for that ESM. Check with your ESM administrator to determine which characters are allowed. Passwords and passphrases are passed, unaltered and with no restrictions, from Model 204 to the ESM for verification. </li>
</ul>
</ul>

Revision as of 17:33, 13 September 2017

Summary

Privileges
Any user with UPRIV X'10' privileges
Function
Logs in to the Model 204 system and changes the user password

Syntax

{LOGINCP | LOGONCP} userid [account]

Where:

userid A character string that identifies the user who is logging in to Model 204. The user ID can be 1 to 10 characters in length.

When an external security interface is performing login validation, the maximum length for the user ID might differ.

account A character string that identifies the account under which the user is logging in to Model 204. The account can be 1 to 10 characters in length. Under an external security interface, the maximum for account might differ.

The account identifies the user account to Model 204's accounting routines. The value of account in these routines might be affected by the use of an external security interface. Refer to the Security interfaces category for a detailed discussion of security interfaces.

If an account is not provided, the string NO ACCOUNT is used as the account.

Example

In this example, a user logs in to Model 204 and is prompted and re-prompted for the new password:

LOGONCP USER1 M204.0347: Password M204.0353: USER1 USER1 login 16 JUL 29 12.38 M204.2633: Enter new password M204.2633: Re-enter new password M204.0350: New password accepted M204.0345: CCASTAT updated

Pressing Enter at the M204.2633: prompt will leave the user logged in without changing the password.

LOGINCP is a synonym for LOGONCP.

Usage notes

LOGINCP and LOGONCP are available as of Model 204 version 7.7.

Because colons are valid password characters as of version 7.7, LOGINCP or LOGONCP replaces the former technique for changing passwords using LOGIN or LOGON and specifying oldpassword:newpassword.

To change a login password in version 7.6 or earlier, see LOGIN or LOGON command.

The LOGINCP and LOGONCP commands allow the user to gain access to Model 204 at most installations. The system manager controls whether or not the login procedure is required at an installation. If the login procedure is not required, the user is assigned a default set of privileges.

Once a user has connected to Model 204, and if the system manager has set the Model 204 option to require logins, any commands entered by the user (other than LOGIN or LOGON, LOGINCP or LOGONCP) display a request for the user to log in.

Failing to log in correctly

If either the user ID or the password is incorrect, Model 204 displays a message that the login failed. In that case, the user reissues the LOGINCP command.

  • Model 204 provides login delays for threads that repeatedly fail to log in correctly. Refer to the discussion of this feature in Login delays.
  • A password must follow restrictions as described in "Setting a password" below.
  • IFSTRT and IFDIAL threads can change the password as described above. When the password security feature is installed, the more restrictive password rules apply, except that IFSTRT threads do not require the user to reenter the new password.

Password requirements

Because this command is available as of Model 204 version 7.7, the version 7.7 password rules apply:

A password can be 1 to 127 characters long. Versions 7.7 and later support long passwords, or passphrases, which are at least 9 characters long and up to 127 characters.

  • CCASTAT passwords: Regular passwords (up to 8 characters) and long passwords maintained in CCASTAT with the LOGCTL command can contain any character except a comma — comma is the delimiter between arguments to the LOGCTL command. However, commas are allowed in passwords changed with the LOGONCP command or with the $Sir_Login function.
  • External Security Manager (ESM) passwords: Regular passwords (up to 8 characters) and passphrases maintained by an ESM can contain some special characters, depending on the settings for that ESM. Check with your ESM administrator to determine which characters are allowed. Passwords and passphrases are passed, unaltered and with no restrictions, from Model 204 to the ESM for verification.

With the Password Expiration feature installed, the following additional rules apply.
The password must:

  • Not be the same as the USERID, the current password, or the previous password.
  • Be six, seven, or eight characters long.
  • Begin with an alphabetic character.
  • Include at least one numeric character.

After login

After logging in and changing the login password, the user has access to most of the Model 204 system commands. The user ID under which the user logs in determines which privileges are available. These privileges can include the ability to:

  • Change file passwords
  • Use restricted commands such as CREATE FILE and MONITOR
  • Reset restricted parameters with the RESET command

For information on the login process for an external security interface, see the Model 204 security interfaces.