DECUS France 19-Juin-1990 SIG VAX/VMS Présentation Programmathèque : N. DIAKONOFF ********************************** * * * S Y S U A F . E X E * * * ********************************** DEC nous propose deux façons d'avoir des informations sur les comptes existants sur un système : 1/ AUTHORIZE LIST/BRIEF (Très succint). 2/ AUTHORIZE LIST/FULL (Trop d'infos). Très souvent, les responsables des machines ont besoin de connaire des renseignements précis sur les comptes sans pour celà aller à la pêche avec AUTHORIZE LIST/FULL. D'où le programme que je vous présente aujourd'hui. SYSUAF est un programme écrit par Brian LOMASKY (TERADYNE/BOSTON). Il se trouve dans la bande VS0106 de la programmathèque de DECUS (C'est une des deux bandes [TK50] du symposium d'ANAHEIM 1989]. SYSUAF est livré avec le source ( 2773 lignes de BASIC, commentaires inclus), nécessite le compilateur BASIC 3.0 ou plus et fonctionne de VMS 4.6 à VMS 5.3-1. Pour le faire fonctionner il faut le privilège READALL et il est déconseillé de l'installer. Les possibilités sont les suivantes : A - Liste des utilisateurs /Username / UIC et répertoire par défaut : SYSUAF OWNER, USERNAME, UIC, DIR Report Owner Username UIC Default Dir ATENA ATENA [00255,000010] [ATENA] DECNET DEFAULT DECNET [00376,000376] [DECNET] DEFAULT [00200,000200] [USER] DEMO1 DEMO1 [00273,000020] [DEMO1] DEMO2 DEMO2 [00273,000021] [DEMO2] DEMO3 DEMO3 [00273,000022] [DEMO3] FIELD-SERVICE FIELD [00001,000010] [SYSMAINT] Compte IMPACT IMPACT [00271,000077] [IMPACT] UTILISATEUR LAMDA LAMDA [00250,000003] [LAMDA] PHONE$SERVER default PHONE$SERVER [00376,000372] [PHONE$SERVER] RDB$REMOTE [00271,000067] [RDB$REMOTE] SYSTEM MANAGER SYSTEM [00001,000004] [SYSMGR] VPM$SERVER default VPM$SERVER [00376,000370] [VPM$SERVER] De plus cette liste est triée aussi par UIC : UIC Owner UIC Owner [00001,000004] SYSTEM [00271,000077] IMPACT [00001,000007] SYSTEST [00273,000020] DEMO1 [00001,000010] FIELD [00273,000021] DEMO2 [00200,000200] DEFAULT [00273,000022] DEMO3 [00250,000003] LAMDA [00376,000367] MIRRO$SERVER [00255,000010] ATENA [00376,000370] VPM$SERVER [00271,000017] TRANSFERT [00376,000371] NML$SERVER [00271,000067] RDB$REMOTE [!P[3 J[100 C[100;76 B[87;54 G[1` SYSUAF USERNAME, FLAGS, ACCOUNT AND PASSWORD CHANGE AND EXPIRATION DATES Report D L C D D D D P D D A D I D O A I I I I G P W I I U I S E C P S S S S E W D A S S T S C F K T A W N M N D E U R R O F T C P I C E E A P E X D E E L O L L W V N L W I W X P I P C O R Account Password Date of Pwd Date of Pwd2 Last Interactive Username Y I D E T C M L D P 2 T O O G C Expiration Lifetime Change Change Login Date ----------------------------------------------------------------------------------------------------------------------------------- a b c d e f g h i j k l m n o p ATENA (none) 90 04/03/90 (none) 04/10/90 DECNET d (none) 90 12/20/89 (none) (none) DEFAULT (none) 90 01/12/84 (none) (none) FIELD (none) 30 04/18/90 (none) (none) MAIL$SERVER d (none) 90 04/19/90 (none) (none) MIRRO$SERVER d (none) 90 04/19/90 (none) (none) NML$SERVER d (none) 90 04/19/90 (none) (none) RDB$REMOTE a b c d h n (none) 90 (pre-expired) (none) (none) SYSTEST_CLIG a b c d e (none) 30 (none) (none) (none) SYSUAF WSDEFAULT, QUOTA, EXTENT Report Username WSDEFAULT WSQUOTA WSEXTENT ENQLM FILLM ASTLM BIOLM DIOLM PRCCNT BYTLM PBYTLM ATENA 512 1024 4096 600 60 24 18 18 2 36000 0 DEFAULT 512 1024 4096 600 60 24 18 18 2 36000 0 DEMO1 200 500 1000 600 60 24 18 18 2 36000 0 FIELD 200 500 1000 600 20 24 18 18 2 36000 0 IMPACT 200 500 1000 600 20 24 18 18 2 36000 0 MAIL$SERVER 200 500 1000 600 20 24 18 18 2 36000 0 MIRRO$SERVER 200 500 1000 600 20 24 18 18 2 36000 0 NML$SERVER 200 500 1000 600 20 24 18 18 2 36000 0 PHONE$SERVER 200 500 1000 600 20 24 18 18 2 36000 0 RDB$REMOTE 200 500 1000 600 50 24 18 18 2 10240 0 SYSTEM 1024 2048 4096 2000 60 80 18 18 30 36000 0 SYSTEST 256 512 2048 300 100 100 18 18 2 32768 0 VPM$SERVER 200 500 1000 600 20 24 18 18 2 36000 0 [!p D - Usernames seulement. Voir plutôt WHO dans VMS: E - Liste des utilisateurs qui se connectent (avec date et UIC). F - Liste des utilisateurs qui ne se connectent jamais. Report of all users who have not logged in within the last 6 months (180 days) Date of Last Date of Last Username Interactive Login Non-Interactive Login DEFAULT (none) (none) FIELD (none) (none) IMPACT 04/11/89 (none) MIRRO$SERVER (none) (none) NML$SERVER (none) (none) RDB$REMOTE (none) 04/11/89 SYSTEST (none) (none) VPM$SERVER (none) (none) [!p [!P[3 J[100 C[100;76 B[87;54 G[1` SYSUAF PRIVILEGE Report A D D S L I O E R E U L A B B C C D A W X G G L N P P P P P P P E C S S S S S T T P V S L U Y M M E G N Q G R R O M E F H R R R R S A U E S S Y Y Y Y M M G O W A P T G P E K T N G U R P P G O T O N Y M M M M W D R T H H S S S S P P R L O C O P C A X R A O R O O N P _ U M P M _ C G J M A A I P A M G L N P J M A P R N O R H S E N C S A T U A R I N B E A I E B N B P L T R R E B C A R N B D R L Username T L I K S C L H E D A P M V O T X R P O B L L X M L Y V E M L K M V L X E O D -------------------------------------------------------------------------------------------------------------- a b c d e f g h i j k l m n o p q r s t u v w x y z 1 2 3 4 5 6 7 8 9 0 + $ % ATOUSLESPRIVS e q 2 0 DECNET q 0 DEFAULT q 0 FIELD PASTOUTPRESQUE e k q r 0 PHONE$SERVER q 0 RDB$REMOTE q 0 SYSTEM a b c d e f g h i j k l m n o p q r s t u v w x y z 1 2 3 4 5 6 7 8 9 0 + $ % SYSTEST f g h i l m o q t u x 2 7 8 0 $ SYSUAF USERNAME, UIC, DEV/DIR, LGICMD, ACCOUNT Report Username UIC Device Directory LGICMD Account ATENA [00255,000010] DNF: [ATENA] LOGIN DNF DECNET [00376,000376] SYS$SPECIFIC: [DECNET] NL: DECNET DEFAULT [00200,000200] SYS$SYSDEVICE: [USER] LOGIN FIELD [00001,000010] SYS$SYSROOT: [SYSMAINT] LOGIN FIELD IMPACT [00271,000077] DT: [IMPACT] LOGIN DT MAIL$SERVER [00376,000374] SYS$SPECIFIC: [MAIL$SERVER] NL: DECNET MIRRO$SERVER [00376,000367] SYS$SPECIFIC: [MIRRO$SERVER] NL: DECNET NML$SERVER [00376,000371] SYS$SPECIFIC: [NML$SERVER] NL: DECNET PHONE$SERVER [00376,000372] SYS$SPECIFIC: [PHONE$SERVER] NL: DECNET RDB$REMOTE [00271,000067] SYS$COMMON: [RDB$REMOTE] SYS$SYSTEM:RDB$REMOTE_LOGIN.COM SYSTEM [00001,000004] SYS$COMMON: [SYSMGR] LOGIN SYSTEM SYSTEST [00001,000007] SYS$SYSROOT: [SYSTEST] LOGIN SYSTEST VPM$SERVER [00376,000370] SYS$SPECIFIC: [VPM$SERVER] NL: DECNET [!p L -Génération de la procédure DCL pour REVOKE/IDENTIFIER : $SAVE_PRIV=F$SETPRV("SYSPRV,BYPASS,CMKRNL") $SAVE_UIC=F$USER() $IF F$EXTRACT(0, 1, SAVE_UIC) .NES. "[" THEN SAVE_UIC = "[''SAVE_UIC']" $ON ERROR THEN GOTO DONE $SET UIC [SYSTEM] $IF F$TRNLNM("SYSUAF") .EQS. "" THEN DEFINE/USER SYSUAF SYS$SYSTEM:SYSUAF.DAT $IF F$TRNLNM("NETUAF") .EQS. "" THEN DEFINE/USER NETUAF SYS$SYSTEM:NETUAF.DAT $IF F$TRNLNM("NETPROXY") .EQS. "" THEN - DEFINE/USER NETPROXY SYS$SYSTEM:NETPROXY.DAT $RUN SYS$SYSTEM:AUTHORIZE REVOKE/IDENTIFIER PROJET JFH REVOKE/IDENTIFIER PROJET JFR $DONE: SET UIC 'SAVE_UIC' $SET PROC/PRIV=('SAVE_PRIV') M -Génération de la procédure DCL pour MODIFY/username : $SAVE_PRIV=F$SETPRV("SYSPRV,BYPASS,CMKRNL") $SAVE_UIC=F$USER() $IF F$EXTRACT(0, 1, SAVE_UIC) .NES. "[" THEN SAVE_UIC = "[''SAVE_UIC']" $ON ERROR THEN GOTO DONE $SET UIC [SYSTEM] $IF F$TRNLNM("SYSUAF") .EQS. "" THEN DEFINE/USER SYSUAF SYS$SYSTEM:SYSUAF.DAT $IF F$TRNLNM("NETUAF") .EQS. "" THEN DEFINE/USER NETUAF SYS$SYSTEM:NETUAF.DAT $IF F$TRNLNM("NETPROXY") .EQS. "" THEN - DEFINE/USER NETPROXY SYS$SYSTEM:NETPROXY.DAT $RUN SYS$SYSTEM:AUTHORIZE MODIFY ATENA/ MODIFY DECNET/ MODIFY DEFAULT/ MODIFY DISTRIBUTION/ MODIFY FIELD/ MODIFY VPM$SERVER/ $DONE: SET UIC 'SAVE_UIC' $SET PROC/PRIV=('SAVE_PRIV') Il existe plusieurs options de génération de fichiers DCL : L : REVOKE/IDENTIFIER M : MODIFY username/ N : MODIFY username/LGICMD=file_spec O : MODIFY username/DEVICE=device/DIRECTORY=directory/PWDMIN=n $SAVE_PRIV=F$SETPRV("SYSPRV,BYPASS,CMKRNL") $SAVE_UIC=F$USER() $IF F$EXTRACT(0, 1, SAVE_UIC) .NES. "[" THEN SAVE_UIC = "[''SAVE_UIC']" $ON ERROR THEN GOTO DONE $SET UIC [SYSTEM] $IF F$TRNLNM("SYSUAF") .EQS. "" THEN DEFINE/USER SYSUAF SYS$SYSTEM:SYSUAF.DAT $IF F$TRNLNM("NETUAF") .EQS. "" THEN DEFINE/USER NETUAF SYS$SYSTEM:NETUAF.DAT $IF F$TRNLNM("NETPROXY") .EQS. "" THEN - DEFINE/USER NETPROXY SYS$SYSTEM:NETPROXY.DAT $RUN SYS$SYSTEM:AUTHORIZE MODIFY ATENA/DEVICE=DNF:/DIRECTORY=[ATENA]/PWDMINIMUM=6 MODIFY DECNET/DEVICE=SYS$SPECIFIC:/DIRECTORY=[DECNET]/PWDMINIMUM=6 MODIFY DEFAULT/DEVICE=SYS$SYSDEVICE:/DIRECTORY=[USER]/PWDMINIMUM=6 MODIFY DISTRIBUTION/DEVICE=DIA:/DIRECTORY=[DISTRI]/PWDMINIMUM=6 MODIFY FIELD/DEVICE=SYS$SYSROOT:/DIRECTORY=[SYSMAINT]/PWDMINIMUM=8 MODIFY MAIL$SERVER/DEVICE=SYS$SPECIFIC:/DIRECTORY=[MAIL$SERVER]/PWDMINIMUM=6 MODIFY MIRRO$SERVER/DEVICE=SYS$SPECIFIC:/DIRECTORY=[MIRRO$SERVER]/PWDMINIMUM=6 MODIFY PHONE$SERVER/DEVICE=SYS$SPECIFIC:/DIRECTORY=[PHONE$SERVER]/PWDMINIMUM=6 MODIFY RDB$REMOTE/DEVICE=SYS$COMMON:/DIRECTORY=[RDB$REMOTE]/PWDMINIMUM=6 MODIFY SYSTEM/DEVICE=SYS$COMMON:/DIRECTORY=[SYSMGR]/PWDMINIMUM=8 MODIFY SYSTEST/DEVICE=SYS$SYSROOT:/DIRECTORY=[SYSTEST]/PWDMINIMUM=8 MODIFY VPM$SERVER/DEVICE=SYS$SPECIFIC:/DIRECTORY=[VPM$SERVER]/PWDMINIMUM=6 $DONE: SET UIC 'SAVE_UIC' $SET PROC/PRIV=('SAVE_PRIV') P : MODIFY username/WSDEFAULT=value/WSQUOTA=value/WSEXTENT=value /ENQLM=value/FILLM=value Q : DISKQUOTA AA [uic]/PERM=999999/OVER=500 V : MODIFY username/PGFLQUO=quota/BYTLM=quota [!P[3 J[100 C[100;76 B[87;54 G[1` S : De la chasse aux privilèges ... SYSUAF PRIVILEGE Report of all users having other than GROUP/MOUNT/NETMBX/TMPMBX privileges (or priv'ed UIC) that are not DISUSERed A D D S L I O E R E U L A B B C C D A W X G G L N P P P P P P P E C S S S S S T T P V S L U Y M M E G N Q G R R O M E F H R R R R S A U E S S Y Y Y Y M M G O W P A P T G P E K T N G U R P P G O T O N Y M M M M W D R T H H S S S S P P R L O r C O P C A X R A O R O O N P _ U M P M _ C G J M A A I P A M G L N P J M A P R o N O R H S E N C S A T U A R I N B E A I E B N B P L T R R E B C A R N B D R L Privileged x Username T L I K S C L H E D A P M V O T X R P O B L L X M L Y V E M L K M V L X E O D UIC y ------------------------------------------------------------------------------------------------------------------------------------ a b c d e f g h i j k l m n o p q r s t u v w x y z 1 2 3 4 5 6 7 8 9 0 + $ % AA e q 2 0 * BBBBBBBBBBBB e k o q r z 7 0 $ CC q r 0 $ DD q r 0 $ EE q r 0 $ FF e q 0 * GGG q r 0 $ HHH e q 2 0 * SYSTEM a b c d e f g h i j k l m n o p q r s t u v w x y z 1 2 3 4 5 6 7 8 9 0 + $ % [00001,000004] * SYSTEST f g h i l m o q t u x 2 7 8 0 $ [00001,000007] [!p U : Report of all users who have logged in within the last 6 months (180 days) Date of Last Date of Last Username Interactive Login Non-Interactive Login ATENA 04/10/90 05/16/90 DECNET (none) 06/15/90 MAIL$SERVER (none) 06/15/90 PHONE$SERVER (none) 05/31/90 SYSTEM 06/18/90 06/15/90 TRANSFERT 06/18/90 05/21/90 W : Procédure DCL pour la duplication d'utilisateurs sur un autre noeud du réseau. Il existe (Option X) aussi la possibilité de copier les mots de passe encryptés d'un noeud vers un autre. $SAVE_PRIV=F$SETPRV("SYSPRV,BYPASS,CMKRNL") $SAVE_UIC=F$USER() $IF F$EXTRACT(0, 1, SAVE_UIC) .NES. "[" THEN SAVE_UIC = "[''SAVE_UIC']" $ON ERROR THEN GOTO DONE $SET UIC [SYSTEM] $IF F$TRNLNM("SYSUAF") .EQS. "" THEN DEFINE/USER SYSUAF SYS$SYSTEM:SYSUAF.DAT $IF F$TRNLNM("NETUAF") .EQS. "" THEN DEFINE/USER NETUAF SYS$SYSTEM:NETUAF.DAT $IF F$TRNLNM("NETPROXY") .EQS. "" THEN - DEFINE/USER NETPROXY SYS$SYSTEM:NETPROXY.DAT $RUN SYS$SYSTEM:AUTHORIZE ADD ATENA/UIC=[255,10]/OWNER="ATENA" MODIFY ATENA/DEVICE=DNF:/DIRECTORY=[ATENA]/PWDMINIMUM=6 MODIFY ATENA/LGICMD=LOGIN MODIFY ATENA/WSDEFAULT=512/WSQUOTA=1024/WSEXTENT=4096/ENQLM=600/FILLM=60 MODIFY ATENA/PGFLQUOTA=10000/BYTLM=36000/ASTLM=24/BIOLM=18/DIOLM=18 MODIFY ATENA/PRCLM=2/TQELM=10/PBYTLM=0 MODIFY ATENA/DEFPRIV=(NETMBX,TMPMBX) MODIFY ATENA/PRIV=(NETMBX,TMPMBX) MODIFY TRANSFERT/DEVICE=GEN:/DIRECTORY=[TRANSFERT]/PWDMINIMUM=6 MODIFY TRANSFERT/LGICMD=LOGIN MODIFY TRANSFERT/WSDEFAULT=200/WSQUOTA=500/WSEXTENT=1000/ENQLM=600/FILLM=20 MODIFY TRANSFERT/PGFLQUOTA=10000/BYTLM=36000/ASTLM=24/BIOLM=18/DIOLM=18 MODIFY TRANSFERT/PRCLM=2/TQELM=10/PBYTLM=0 MODIFY TRANSFERT/DEFPRIV=(NETMBX,OPER,TMPMBX,VOLPRO) MODIFY TRANSFERT/PRIV=(NETMBX,OPER,TMPMBX,VOLPRO) $DONE: SET UIC 'SAVE_UIC' $SET PROC/PRIV=('SAVE_PRIV') AAAREADME.1ST 10/31/89 Brian Lomasky c/o TERADYNE, INC. 321 Harrison Ave., Mail Stop H87. Boston, MA 02118 (617) 482-2706, x3259 DEC's AUTHORIZE utility has two reporting options for the SYSUAF.DAT file: 1) Too little (AUTHORIZE LIST/BRIEF) 2) Too much (AUTHORIZE LIST/FULL) This is almost useless for meeting the system manager's requirements of maintaining and monitoring the SYSUAF and its users. -------------------------------------------------------------------------------- SYSUAF V3.02 is a reporting program for the SYSUAF and RIGHTSLIST data files. Simply turn on READALL (or equiv) privilege and run SYSUAF.EXE. (Do NOT install this program with privilege; otherwise, any user could execute it). A menu of 18 reporting options (listed below) will be displayed. The best way to see what is available is to try them and see what data is displayed. Then use the ones that suit your purpose. You can print reports either to the screen (formatted for 80 columns) or to a data file (SYSUAF.LIS; formatted for either 80 or 132 columns, depending on which report option is selected). (Note that some of the options create SYSUAF.LIS as a DCL command procedure which can then be easily edited and then executed). SYSUAF.EXE will try to open SYS$SYSTEM:SYSUAF.EXE and SYS$SYSTEM:NETUAF.EXE (or SYS$SYSTEM:NETPROXY.DAT), unless the logical name of SYSUAF and/or NETUAF (or NETPROXY) is defined, in which case the SYSUAF.EXE program will try to open the SYSUAF and/or NETUAF (or NETPROXY) files pointed to by the logical name(s), respectively. SYSUAF.BAS is the source code for the main program (written in VAX BASIC V3). SYSUAF.EXE is the executable file for the main program. TRANSFER_PWD_TO_NODE.BAS is the source code for the password-copying program which is executed by the command file created by the SYSUAF.EXE report option "X" (written in VAX BASIC V3). TRANSFER_PWD_TO_NODE.COM is a command file to compile and link the executable from the source code. It will also copy the executable to a directory called TOOLS: TRANSFER_PWD_TO_NODE.EXE is the executable file for the password-copying program You should not need to recompile or relink either of the executables unless you need to change the features of the program. (Instructions for compiling and linking SYSUAF are contained at the beginning of the source code). These programs have been tested on VMS V4.6, V4.7 and V5.1-02. Special note on report option "W": Report option "W" is used to copy all SYSUAF.DAT data (except for any encrypted password data - which is handled by the "X" option) for selected users (based upon the responses to the other SYSUAF prompts) from one node's SYSUAF.DAT to another node's SYSUAF.DAT. It does this by creating a command file, which when executed, will copy the account data. You will be prompted as to whether you want to copy only usernames which do not have a matching username (as yet) on the remote node or whether to copy data for all selected usernames (based upon the responses to the other SYSUAF prompts). Normally, you would run this option and then run option "X" to create the two SYSUAF.LIS command files which will then be subsequently executed, as follows: 1) Copy the SYSUAF.LIS command file produced by the report option "W" to the remote node and execute it on the remote node to add the required new accounts (less passwords). 2) Then execute the command file produced by the report option "X" on the local node to copy the encrypted password information from the local node's accounts to the accounts on the remote node. The command file will prompt you for the name of the remote node to be updated. Besides the usual SYSPRV (or equiv) privilege that is required to run this utility on the local node, you will also need a proxy from the local node to a similarly-privileged account on the remote node in order for the program to open both nodes' SYSUAF.DAT files for the transfer operation. Special note on report option "X": Report option "X" is used to copy the encrypted password information from one node's SYSUAF.DAT to another node's SYSUAF.DAT. It does this by creating a command file, which when executed, will copy the data. You will be prompted as to whether you want to copy only passwords whose usernames do not have matching usernames (as yet) on the remote node or whether to copy passwords for all selected accounts (based upon the responses to the other SYSUAF prompts). Note that the command file created by this option will attempt to execute a utility called TRANSFER_PWD_TO_NODE.EXE which is located in a logically-named directory called TOOLS: (You must define the TOOLS: logical name and ensure that the executable resides in that directory, prior to executing the command file). This report option does not affect the local node's SYSUAF.DAT file in any way; Only the remote node's encrypted password data in its SYSUAF.DAT file is updated. -------------------------------------------------------------------------------- The user is prompted for the following information: The first prompt allows you to specify the type of report to be created. The second prompt allows you to specify whether output should be sent to the screen or to a disk file (SYSUAF.LIS). The default response is indicated within the angle brackets (< >). This option does not appear if the selected report type indicates that a file is to be created. The third prompt allows you to limit the report only to the users who hold a specific rightslist identifier, if you so desire. The fourth prompt allows you to limit the report only to the users who have a specific (octal) group UIC number, if you so desire. The fifth prompt allows you to limit the report to only CAPTIVE, NON-CAPTIVE, or all users, if you so desire. If you select report option "W" or "X" (see below), you will also be prompted as follows: Do you want to skip users who have existing accounts on another node? (Enter Y or N) (If you respond with a "Y" to this prompt, you will be further prompted to enter a node name to be compared against; all usernames on the local node who also have an account on the remote node will be omitted from the update process.) -------------------------------------------------------------------------------- << List of SYSUAF Report Options: >> SYSUAF REPORT PROGRAM V3.02 --- Report Type: (Except for options B and T, all DIS-USER'ed accounts will be omitted) A) Owner, Username, UIC (including sort by UIC) (incl Default Dir if to a file) B) Username, Flags (incl sort by UIC) (incl Acct Expire + PW Dates if to a file) C) Wsdefault, Wsextent, and Wsquota (incl ENQLM, FILLM, ASTLM, BIOLM, DIOLM, BYTLM, PBYTLM if to a file) D) Usernames only (No report headings are printed) E) Usernames, dates, and UICs who have ever logged in (No report headings) F) Usernames who have never logged in (No report headings are printed) G) Usernames and dates who have not logged in within the past 6 months H) Privileges (Default AND Authorized) (132-columns) I) Fill Bytes Report (to a file) J) Username, UIC, Default Dev/Dir, LGICMD (ACCT if file) (incl sort by UIC) K) Same as J) but also lists all identifiers held by each user (sorts by IDENT) L) Creates AUTHORIZE command file of: REVOKE/IDENTIFIER identifier(s) username M) AUTHORIZE "MODIFY username/" command file of all usernames N) AUTHORIZE "MODIFY username/LGICMD=file-spec" command file of all usernames O) AUTHORIZE "MODIFY username/DEVICE/DIRECTORY/PWDMIN" cmd file of all users P) AUTHORIZE "MODIFY username/WSDEFAULT=value/WSQUOTA=value/WSEXTENT=value /ENQLM=value/FILLM=value" command file of all usernames Q) DISKQUOTA "ADD [uic]/PERM=999999/OVER=500" cmd file for all users for DUA0: R) Report of all accounts having any user-data S) Highly-privileged users, privileges, UICs, and privileged proxies T) Usernames who have been DISUSER'ed (No report headings are printed) U) Usernames and dates who have logged in within the past 6 months V) AUTHORIZE "MODIFY username/PGFLQUO=quota/BYTLM=quota" command file W) AUTHORIZE command file to dupl a user's account + identifiers (less Password) X) AUTHORIZE command file to dupl a user's encrypted password info on a node: Send Report to: S)creen or F)ile Enter any held IDENTIFIER substring to search for OR just press the key for all held IDENTIFIERs Enter Octal UIC Group to search for ( for all UICs) Select only C)aptive users, N)on-Captive users, or for all users DUMP_VMSMAIL_PROFILE.EXE is a reporting program which will display the contents of the SYS$SYSTEM:VMSMAIL_PROFILE.DATA file. DUMP_VMSMAIL_PROFILE.BAS is the source code (written in VAX BASIC V3).