Customizing users and groups

Users and groups enable you to control access to your database and your system catalog. If you initialize users and groups when you generate a system catalog, it will already have a default set of users and groups. You can use these as is, or you can modify them. You can also create your own users and groups. When you modify users or groups in DBA, the system catalog is updated automatically. You do not need to regenerate it.

A user’s access level is determined by membership in a group. To create users with varying access levels, create groups, assign access levels to groups, and then assign users to the groups. For information on how group access levels and table access levels work together, see Setting security levels.

Initializing users and groups

DBA and dbcreate have options that enable you to initialize users and groups—that is, return to an initial, default set of users and groups. This default set includes three default users and two default groups (see the table below). You can initialize users and groups as you generate or regenerate a system catalog (see Generating the system catalog and Initializing users and groups with dbcreate). And you can initialize users and groups for an existing system catalog without regenerating it as described below.  

Important

Initializing user and groups removes users and groups you’ve added, removes modifications you’ve made, and restores users and groups to their default settings.

User name

Password

Assigned group

Access level

DBA

MANAGER

SYSTEM

254

DBADMIN

MANAGER

SYSTEM

254

PUBLIC

No password

USER

100

For information on access levels, see Setting security levels.

To use DBA to initialize users and groups without regenerating the system catalog,

1. Open the system catalog in DBA. Close any open lists or input windows in DBA.
2. Select Maintenance > Initialize Users & Groups. The following prompt is displayed:

Do you want to overwrite the existing table?

3. To initialize users and groups, select Yes.

To initialize users and groups from the command line without regenerating the system catalog, do one of the following, where connect_string has the user_name/password/connect_filename format. (For information on DBA command‑line options, see Command line options.)

dbr SODBC_DBA:xfdba.dbr -c connect_string -i
$ XFDBA -C connect_string -I

For example, to initialize users and groups for the sample database in a Windows or UNIX environment, enter

dbr SODBC_DBA:xfdba.dbr -c DBADMIN/MANAGER/sodbc_sa -i

To initialize users and groups for the sample database in OpenVMS, enter

$ XFDBA -C DBADMIN/MANAGER/SODBC_SA -I

These examples assume that your connect file is sodbc_sa, that SODBC_DBA is set to the directory where the DBA program resides, and that the connect file is located in the GENESIS_HOME directory.  

Viewing groups

To view groups, close any open lists and input windows and select Maintenance > Groups. The Group List window displays a list of groups with the following information:

GIDAn automatically assigned group ID number.

NameThe alphanumeric identifier for each group.

UsersThe number of users assigned to each group.

AccessThe access level of each user in the group (numeric, from 0 to 255).

DescriptionA brief description of each group.

Creating a group

You can create up to 999,999 groups, and you can assign a maximum of 255 users to a group.

1. Open the Group List window. (See Viewing groups.)
2. Select Group Maintenance > New Group.
3. Complete the fields in the Group window:

Group ID

An automatically assigned group number. This field is not modifiable.

Group name

Enter an alphanumeric identifier of up to 10 characters.

Access level

Enter a number between 0 and 255 that determines users’ read/write access to data. This level determines the access level of all users in the group. Note that a group must be set to at least 100 for users in that group to access the database.

We recommend that you use levels 254 and 255 for administrative users only. For more information on setting access levels, see Setting security levels.

Num of users

The total number of users assigned to this group. This field is not modifiable.

Description

(optional) Enter an alphanumeric description of up to two lines of 30 characters.

4. Select OK or press F4.

Modifying a group

1. Open the Group List window. (See Viewing groups.)
2. In the Group List window, highlight the group you want to modify.
3. Select Group Maintenance > Modify Group.
4. Make any changes. Then select OK or press F4.

Deleting a group

1. Open the Group List window. (See Viewing groups.)
2. In the Group List window, highlight the group you want to delete. A group that has users cannot be deleted (users must first be deleted or assigned to other groups).
3. Select Group Maintenance > Delete Group. A window is displayed with the selected group’s name and description and the following prompt:

Do you want to delete the current entry?

4. To delete the group, select Yes.

Viewing users in a group

1. Open the Group List window. (See Viewing groups.)
2. Highlight the group in the Group List window.
3. Select Group Maintenance > View Users. The User List window opens. For information on this window, see Viewing all users.

To modify a user, see Modifying a user.

Viewing all users

To view a list of all users, close any open lists or input windows and select Maintenance > Users. The User List window displays the following information for each user:

NameA case‑sensitive alphanumeric identifier.

PasswordA case‑sensitive alphanumeric password. Users are not required to have passwords.

Full nameThe user’s full name.

GIDThe ID of the group the user belongs to.

Adding a user

You can add up to 255 users to a group.

1. Open the User List window. (See Viewing all users above.)
2. Select User Maintenance > New User. The User window is displayed.
3. Enter data in each field as described below.

User name

Enter an alphanumeric identifier for the user you are creating. It can be up to 10 characters long. This field corresponds to the Name column in the User List window and is case sensitive.

Password

(optional) Enter an alphanumeric password. It can be up to 10 characters long. Passwords are case‑sensitive and are visible only to users who can open DBA (users with an access level of 254 or greater). The following characters are not allowed:   ~ @ # $ % ^ & * _ + = \ } { " , : ? / < > ! '

Group ID

Enter the ID of the group you want to assign a user to. A user’s access level is determined by the group it belongs to. To view a list of available groups, select User Maintenance > Select Group.

Full name

(optional) Enter the user’s full name. It can be up to 40 characters long.

Description

(optional) Enter an alphanumeric description of the user. The description can be up to 60 characters long.

Modifying a user

1. Open the User List window. (See Viewing all users above.)
2. Highlight the user in the User List window.
3. Select User Maintenance > Modify User.
4. Make any changes. Then select OK or press F4.

Deleting a user

1. Open the User List window. (See Viewing all users above.)
2. Highlight the user in the User List window.
3. Select User Maintenance > Delete User. A window is displayed with the selected user’s user name and the following prompt:

Do you want to delete the current entry?

4. To delete the user, select Yes.