[Search for users] [Overall Top Noters] [List of all Conferences] [Download this site]

Conference iosg::all-in-1_v30

Title:*OLD* ALL-IN-1 (tm) Support Conference
Notice:Closed - See Note 4331.l to move to IOSG::ALL-IN-1
Moderator:IOSG::PYE
Created:Thu Jan 30 1992
Last Modified:Tue Jan 23 1996
Last Successful Update:Fri Jun 06 1997
Number of topics:4343
Total number of notes:18308

493.0. "Checking access to drawers" by KERNEL::HOULDINGJ (Jill Houlding - Back in Basingstoke) Wed Apr 15 1992 11:45

    Hi
    
    Apologies if this has been asked and answered before. I am teaching an
    ALL-IN-1 V3.0 course this week and have a question:
    
    When an unprivileged user uses the IAD option to see what drawers are
    available to him ALL-IN-1 searches PARTITION.DAT (seen on Trace) and
    only processes those drawers to which this user has access. How does
    ALL-IN-1 decide which drawers this user has access to? I cannot see any
    field in PARTITION which would give this information. Does this mean
    that ALL-IN-1 goes off an looks at the ACL on ACESS.DAT in each of
    these drawers?
    
    Thanks for any help you can give
    
    Cheers
    
    Jill
T.RTitleUserPersonal
Name		DateLines
493.1/NOOPTIONAL ?UTRTSC::SCHOLLAERTHalf Dutch - Half BelgiumWed Apr 15 1992 12:3632
    Hello Jill,
    
>    Apologies if this has been asked and answered before. I am teaching an
>    ALL-IN-1 V3.0 course this week and have a question:
    
    When do you schedule your TEAMlinks training ? 
    
>    field in PARTITION which would give this information. Does this mean
>    that ALL-IN-1 goes off an looks at the ACL on ACESS.DAT in each of
>    these drawers?
    
    I think this is true. Performance issue ? Perhaps the "User Name"
    should set to NOOPTIONAL for big systems. 
    The ACL lookup is only performed on those users, 
    found in PARTITION. So you can limit the number of lookups. 
    
    Regards,
    
    Jan
    
    
    
    /OPTIONAL 
    
    Thanks for any help you can give
    
    Cheers
    
    Jill
493.2FCS IAD method for access checksCHRLIE::HUSTONWed Apr 15 1992 14:3321
    
    re checking drawer access during IAD
    
    I believe the exact method of an IAD is dependant on several things.
    sometimes teh FCS is used other times it may not be. I can only answer
    for how the FCS does it.
    
    Each drawer has a file called ACCESS.DAT in the drawer directory.
    When an IAD is requested, the FCS decides if the user is a system
    manager (holds the OAFC$SYSMAN id), if so it simply gets the number
    of drawers the user requested, no access check is done.
    
    If the user does not hold the OAFC$SYSMAN id, then access checks are
    done on a drawer by drawer basis. The partition file holds the name of
    the drawer and the directory of the drawer (among other things). The
    directory is used to check the users access to ACCESS.DAT. If the user
    has access to ACCESS.DAT then they have access to the drawer and that
    drawer is returned to them as an available drawer.
    
    --Bob