|
|
|
Whenever an application connects to a FairCom Server, it must identify itself to the FairCom Server. The identifying code is called the User ID. To gain access to the FairCom Server, the User ID seeking access to the FairCom Server must be one already authorized as a valid User ID. A password for the User ID may also be required to access the FairCom Server.
If one attempts to log on to a FairCom Server with an invalid User ID (i.e., one not issued by the Administrator or created by changing an existing User ID), the FairCom Server will deny the request and send a message to that effect (i.e., error message 450). An attempt to log on with a valid User ID but an invalid user password will also be denied, with a message stating the reason (i.e., error message 451).
When an application, i.e., a user running a given application, logs on to the FairCom Server, a task user is created to identify the session with the User ID. This is relevant when monitoring or disconnecting clients from the FairCom Server.
The FairCom Server recognizes four kinds of users:
Administrator
The ADMIN account is built into the FairCom server. It cannot be removed or altered. It is the all-powerful, database administrator account (DBA) or “super user”. It is the only built-in account. The name, ADMIN, cannot be changed. Its default password is ADMIN, which is uppercase. You should immediately change this password using the ctpass utility.
Passwords
FairCom strongly recommends assigning strong passwords to each User ID — especially the ADMIN account.
Passwords can be up to 63 characters. Characters can be letters, numbers, or punctuation marks. Passwords are case-sensitive (i.e., upper case and lower case characters are treated as different). It is possible, but not recommended, for any account to have a blank password. Additional configurations can enforce minimum password lengths, required character classes and number of days before expiration.
Unique User ID
A user or an application must provide a User ID and password to log into a FairCom Server. This ensures only authenticated and authorized accounts can access the server.
Only an administrator can create new User IDs and passwords for other users. An administrator may also assign other User IDs to the ADMIN group to provide them with full administrator capabilities (other than the ability to delete, disable, or alter the ADMIN account).
User IDs can be up to 31 characters long. Characters can be letters, numbers, or punctuation marks. User IDs are not case-sensitive (i.e., upper and lower case characters are treated as the same).
Guest Users
The following practice is not recommended. The server can be configured to allow connection with an empty User ID and an empty password. When the User ID is empty, the server assigns the name, GUEST to the User ID. This is called a guest login.
To allow guest logons, add the following line to the ctsrvr.cfg configuration file: GUEST_LOGON YES.
Note: Users, including ADMIN, can use the ctpass utility (see User’s Control of Security Options) to change their own password. Members of the ADMIN group can use the FairCom DB Server Administrator Utility, described below, to change the password for a User ID that is not a member of the ADMIN group; only the super ADMIN account (named ADMIN) can change a password for an account that is a member of the ADMIN group.
