/sys$common/syshlp/NCLHELP.HLB  —  NCL Introduction, Specifying Access Control
    To set default access control information for a series of NCL
    commands within a single NCL session (usually to be performed on a
    remote system), use the SET NCL DEFAULT ACCESS command.  Refer to
    HELP NCL DEFAULT_CONTEXT for more information on the use of that
    command.

    To provide access control information to be used for the execution
    of a single NCL command, you may use one of the following methods:

    o  Use the by prepositional phrase

       The by prepositional phrase authenticates that an account or
       proxy account for a particular user has been set up with the
       proper access control information. Use of the by preposition
       is portable to other DECnet-Plus systems. Use the following
       format to append access control information using the by
       preposition.

       by user=username, password=password, account=account, -
         proxy={TRUE/FALSE}

       For Tru64 UNIX, NCL ignores any use of the by proxy clause
       so that the modifier "by proxy=true" (i.e., proxy access
       allowed) is always in effect.

       If user j_smith has privileges to access the session control
       application graphics_exchange on the remote node, he can use
       the by preposition as follows:

       ncl> ! On node .admin.finance
       ncl> show node .admin.artists session control application -
       _ncl> graphics_exchange all counters, by user=j_smith, -
       _ncl> password=DoNotUse

    o  Specify an access control string

       The access control string (ACS) consists of a user name and
       password, for an account on the remote system.

       For Tru64 UNIX, enter the ACS as part of the node-name
       specification nodename/usr/password as follows:

       ncl> show node .admin.artists/j_smith/DoNotUse session control -
       _ncl> application graphics_exchange all counters

       You do not need privileges to do a show operation. However,
       to do a set operation, you need to have superuser access
       to the system.

       For OpenVMS:

       NCL> show node .admin.artists"j_smith DoNotUse" session -
       _NCL> control application graphics_exchange all counters

       To do a show operation, you need NET$EXAMINE right on the
       remote OpenVMS system. For read and write access (for example,
       set, disable, enable etc.), you need NET$MANAGE right or
       BYPASS priviledge on the remote system.

    The use of proxy accounts is a more manageable method of
    establishing access control schemes between two systems. See
    the DECnet-Plus Network Management manual for more information
    about controlling remote network access through the use of proxy
    accounts, or refer to HELP NETWORK_MANAGEMENT ACCESS_CONTROL
    PROXIES.

    For Tru64 UNIX, access control does not have any effect when the
    NCL command is directed to the local node. This happens because
    NCL uses interprocess communication instead of DECnet-Plus to
    communicate with node 0, the local node, and therefore the user's
    privileges are determined by the user id that NCL is running under.
Close Help