HP OpenVMS System Services Reference Manual

Because this quota is a longword decimal number, the buffer length field in the item descriptor should specify 4 (bytes).

UAI$_LASTLOGIN_I

Sets, as a quadword absolute time value, the date of the last interactive login.

UAI$_LASTLOGIN_N

Sets, as a quadword absolute time value, the date of the last noninteractive login.

UAI$_LGICMD

Sets, as an OpenVMS RMS file specification, the name of the default login command file.

Because a file specification can include up to 63 characters plus a size-byte prefix, the buffer length field of the item descriptor should specify 64 (bytes).

UAI$_LOCAL_ACCESS_P

Sets, as a 3-byte value, the range of times during which local interactive access is permitted for primary days. Each bit set represents a 1-hour period, from bit 0 as midnight to 1 a.m., to bit 23 as 11 p.m. to midnight.

The buffer length field in the item descriptor should specify 3 (bytes).

UAI$_LOCAL_ACCESS_S

Sets, as a 3-byte value, the range of times during which local interactive access is permitted for secondary days. Each bit set represents a 1-hour period, from bit 0 as midnight to 1 a.m., to bit 23 as 11 p.m. to midnight.

The buffer length field in the item descriptor should specify 3 (bytes).

UAI$_LOGFAILS

Sets the count of login failures.

Because this decimal number is a word in length, the buffer length field in the item descriptor should specify 2 (bytes).

UAI$_MAXACCTJOBS

Sets the maximum number of batch, interactive, and detached processes that can be active at one time for all users of the same account. The value 0 represents an unlimited number.

Because this decimal number is a word in length, the buffer length field in the item descriptor should specify 2 (bytes).

UAI$_MAXDETACH

Sets the detached process limit. The value 0 represents an unlimited number.

Because this decimal number is a word in length, the buffer length field in the item descriptor should specify 2 (bytes).

UAI$_MAXJOBS

Sets the active process limit. A value of 0 represents an unlimited number.

Because this decimal number is a word in length, the buffer length field in the item descriptor should specify 2 (bytes).

UAI$_NETWORK_ACCESS_P

Sets, as a 3-byte value, the range of times during which network access is permitted for primary days. Each bit set represents a 1-hour period, from bit 0 as midnight to 1 a.m., to bit 23 as 11 p.m. to midnight.

The buffer length field in the item descriptor should specify 3 (bytes).

UAI$_NETWORK_ACCESS_S

Sets, as a 3-byte value, the range of times during which network access is permitted for secondary days. Each bit set represents a 1-hour period, from bit 0 as midnight to 1 a.m., to bit 23 as 11 p.m. to midnight.

The buffer length field in the item descriptor should specify 3 (bytes).

UAI$_OWNER

Sets, as a character string, the name of the owner of the account.

Because the owner name can include up to 31 characters plus a size-byte prefix, the buffer length field of the item descriptor should specify 32 (bytes).

UAI$_PASSWORD

Sets the specified plaintext string as the primary password for the user and updates the primary password change date. You must have SYSPRV privilege to set passwords for any user account (including your own).

The UAI$_PASSWORD and UAI$_PASSWORD2 item codes provide the building blocks for designing a site-specific SET PASSWORD utility. Note that if you create such a utility, you should also set the LOCKPWD bit in the user authorization file (UAF) to prevent users from using the DCL command SET PASSWORD and to prevent the LOGINOUT process from forcing password changes. If you create a site-specific SET PASSWORD utility, install the utility with SYSPRV privilege.

You must adhere to the following guidelines when specifying a password with UAI$_PASSWORD or UAI$_PASSWORD2:

The password must meet the minimum password length defined for the user account.
The password cannot exceed 32 characters in length.
The password must be different from the previous password.

To clear the primary password, specify the value 0 in the buffer length field.

When you use $SETUAI to change the password on an account that has the UAI$V_EXTHAUTH flag set, the UAI$V_MIGRATEPWD flag is set automatically.

Note

If you specify UAI$_PASSWORD, the UAI$_PWD_DATE item is ignored. To use these two item codes, you must use them in two separate calls.

To generate a pre-expired password, follow the instructions in the "Description" section at the end of this system service documentation."

UAI$_PASSWORD2

Sets the specified plaintext string as the secondary password for the user and updates the secondary password change date. You must have SYSPRV privilege to set passwords for any user account (including your own).

To clear the secondary password, specify the value 0 in the buffer length field.

Note

If you specify UAI$_PASSWORD2, the UAI$_PWD2_DATE item is ignored. To use these two item codes, you must use them in two separate calls.

To generate a pre-expired password, follow the instructions in the "Description" section at the end of this system service documentation.

UAI$_PBYTLM

Sets the paged buffer I/O byte count limit.

Because the paged buffer I/O byte count limit is a longword decimal number, the buffer length field in the item descriptor should specify 4 (bytes).

UAI$_PGFLQUOTA

Sets, in pagelets (on Alpha and Integrity server systems), the paging file quota.

Because the paging file quota is a longword decimal number, the buffer length field in the item descriptor should specify 4 (bytes).

UAI$_PRCCNT

Sets the subprocess creation limit.

Because this decimal number is a word in length, the buffer length field in the item descriptor should specify 2 (bytes).

UAI$_PRI

Sets the default base priority.

Because this decimal number is a byte in length, the buffer length field in the item descriptor should specify 1 (byte).

UAI$_PRIMEDAYS

Sets, as a byte bit vector, the primary and secondary days of the week.

Each bit represents a day of the week, with the bit clear representing a primary day and the bit set representing a secondary day. The $UAIDEF macro defines the following symbolic names for these bits:

UAI$V_MONDAY
UAI$V_TUESDAY
UAI$V_WEDNESDAY
UAI$V_THURSDAY
UAI$V_FRIDAY
UAI$V_SATURDAY
UAI$V_SUNDAY

UAI$_PRIV

Sets, as a quadword value, the names of the privileges that the user holds.

Because the privileges are set as a quadword value, the buffer length field in the item descriptor should specify 8 (bytes).

UAI$_PWD

Sets, as a quadword value, the hashed primary password of the user.

Because the hashed primary password is set as a quadword value, the buffer length field in the item descriptor should specify 8 (bytes).

When you use $SETUAI to change the password on an account that has the UAI$V_EXTHAUTH flag set, the UAI$V_MIGRATEPWD flag is set automatically.

UAI$_PWD_DATE

Sets, as a quadword absolute time value, the date of the last password change.

Because this value is a quadword in length, the buffer length field in the item descriptor should specify 8 (bytes).

A value of --1 indicates that the password could be marked as preexpired.

Note

If you specify UAI$_PASSWORD, the UAI$_PWD_DATE item is ignored. To use these two item codes, you must use them in two separate calls.

To generate a pre-expired password, follow the instructions in the "Description" section at the end of this system service documentation.

UAI$_PWD_LENGTH

Sets the minimum password length.

Because this decimal number is a byte in length, the buffer length field in the item descriptor should specify 1 (byte).

UAI$_PWD_LIFETIME

Sets, as a quadword delta time value, the password lifetime.

Because this value is a quadword in length, the buffer length field in the item descriptor should specify 8 (bytes).

A quadword of 0 means that none of the password mechanisms will take effect.

UAI$_PWD2

Sets, as a quadword value, the hashed secondary password of the user.

Because the hashed secondary password is set as a quadword value, the buffer length field in the item descriptor should specify 8 (bytes).

UAI$_PWD2_DATE

Sets, as a quadword absolute time value, the last date the secondary password was changed.

Because this value is a quadword in length, the buffer length field in the item descriptor should specify 8 (bytes).

A value of --1 indicates that the password could be marked as preexpired.

Note

If you specify UAI$_PASSWORD2, the UAI$_PWD2_DATE item is ignored. To use these two item codes, you must use them in two separate calls.

To generate a pre-expired password, follow the instructions in the "Description" section at the end of this system service documentation.

UAI$_QUEPRI

Sets the maximum job queue priority in the range 0 through 31.

Because this decimal number is a byte in length, the buffer length field in the item descriptor should specify 1 (byte).

UAI$_REMOTE_ACCESS_P

Sets, as a 3-byte value, the range of times during which batch access is permitted for primary days. Each bit set represents a 1-hour period, from bit 0 as midnight to 1 a.m., to bit 23 as 11 p.m. to midnight.

The buffer length field in the item descriptor should specify 3 (bytes).

UAI$_REMOTE_ACCESS_S

Sets, as a 3-byte value, the range of times during which batch access is permitted for secondary days. Each bit set represents a 1-hour period, from bit 0 as midnight to 1 a.m., to bit 23 as 11 p.m. to midnight.

The buffer length field in the item descriptor should specify 3 (bytes).

UAI$_SALT

Sets the salt field of the user's record to the value you provide. The salt value is used in the operating system hash algorithm to generate passwords. $SETUAI does not generate a new salt value for you.

Because this decimal number is a word in length, the buffer length field in the item descriptor should specify 2 (bytes).

By copying the item codes UAI$_SALT, UAI$_ENCRYPT, UAI$_PWD, UAI$_PWD_DATE, and UAI$_FLAGS, a site-security administrator can construct a utility that propagates password changes throughout the network. Note, however, that HP does not recommend using the same password on more than one node in a network.

UAI$_SHRFILLM

Sets the shared file limit.

Because this decimal number is a word in length, the buffer length field in the item descriptor should specify 2 (bytes).

UAI$_TQCNT

Sets the timer queue entry limit.

Because this decimal number is a word in length, the buffer length field in the item descriptor should specify 2 (bytes).

UAI$_UIC

Sets, as a longword, the user identification code (UIC). For the format of the UIC, see the HP OpenVMS Guide to System Security.

UAI$_USER_DATA

Sets up to 255 bytes of information in the user data area of the system user authorization file (SYSUAF). This is the supported method for modifying the user data area of the SYSUAF. HP no longer supports direct user modification of the SYSUAF.

To clear all the information in the user data area of the SYSUAF, specify $SETUAI with a buffer length field of 0.

UAI$_WSEXTENT

Sets the working set extent, in pagelets (on Alpha and Integrity server systems), specified for the specified job or queue.

Because the working set extent is a longword decimal number, the buffer length field in the item descriptor should specify 4 (bytes).

UAI$_WSQUOTA

Sets the working set quota, in pagelets (on Alpha and Integrity server systems), for the specified user.

Because the working set quota is a longword decimal number, the buffer length field in the item descriptor should specify 4 (bytes).

Description

The Set User Authorization Information service is used to modify the user authorization file (UAF) record for a specified user.
The UAI$V_PWD_EXPIRED should only be set when the bit UAI$V_DISFORCE_PWD_CHANGE is set in the user's SYSUAF record and the comparison between the UAI$_PWD_DATE and UAI$_PWD_LIFETIME indicates a password is past its valid life.
To generate a pre-expired password, first generate a new hashed password using $HASH_PASSWORD. Then make a call to $SETUAI using either UAI$_PASSWORD or UAI$_PASSWORD2, as appropriate. Finally, make a separate call to $SETUAI to set UAI$_PWD_DATE or UAI$_PWD_DATE2 to -1.
For information about login and password expiration, see the Description section of the $GETUAI system service.
Required Access or Privileges

The following list describes the privileges you need to use the $SETUAI service:

BYPASS or SYSPRV---Allows modification of any record in the UAF (user authorization file).
GRPPRV---Allows modification of any record in the UAF whose UIC group matches that of the requester. Note, however, that you cannot change a UAF record whose UIC matches exactly the requester's UIC. Group managers with GRPPRV privilege are limited in the extent to which they can modify the UAF records of users in the same group; values such as privileges and quotas can be changed only if the modification does not exceed the values set in a group manager's UAF record.
No privilege---Does not allow access to any UAF record.

Required Quota

None
Related Services

$GETUAI

Condition Values Returned

SS$_NORMAL The service completed successfully.

SS$_ACCVIO The item list or input buffer cannot be read by the caller; or the return length buffer, output buffer, or status block cannot be written by the caller.

SS$_BADPARAM The function code is invalid; the item list contains an invalid item code; a buffer descriptor has an invalid length; or the reserved parameter has a nonzero value.

SS$_NOGRPPRV The user does not have the privileges required to modify the authorization information for other members of the UIC group.

SS$_NOSYSPRV The user does not have the privileges required to modify the authorization information associated with the user or for users outside of the user's UIC group.

RMS$_RSZ The UAF record is smaller than required; the caller's SYSUAF is likely corrupt.

This service can also return OpenVMS RMS status codes associated with operations on indexed files. For a description of RMS status codes that are returned by this service, see the OpenVMS Record Management Services Reference Manual.

$SETUP_AVOID_PREEMPT

Performs initial setup for process preemption avoidance.

Format

SYS$SETUP_AVOID_PREEMPT enable

C Prototype

int sys$setup_avoid_preempt (int enable);

Arguments

enable

OpenVMS usage: longword_unsigned

type: longword (unsigned)

access: read only

mechanism: by value

Enables or disables preemption avoidance. If the enable argument is set to 1, preemption avoidance is enabled; if 0, preemption avoidance is disabled.

Description

The Setup for Process Preemption Avoidance service is a kernel-mode initialization routine that locks the necessary internal data structures in memory so scheduling routines can access them above pageable IPL. A process or thread can then set or clear the indicator bit by calling the $AVOID_PREEMPT service.
In addition, if the process or thread has ALTPRI privilege, $SETUP_AVOID_PREEMPT sets a bit in the PKTA (a per-kernel-thread data area) to mark that the process or thread can prevent preemption by other processes or threads having the same base priority but not those that have a higher base priority.
Note that without ALTPRI, this service will still function successfully, but will only enable the $AVOID_PREEMPT service to avoid preemptions due to quantum end.
Required Access or Privileges

None
Required Quota

None
Related Services

$AVOID_PREEMPT

Condition Values Returned

SS$_NORMAL The service completed successfully.

Also, any values returned by the $LKWSET or $UNLKSET services.

$SET_DEFAULT_TRANS

Sets or clears the default transaction of the calling process.

Format

SYS$SET_DEFAULT_TRANS [efn] ,[flags] ,iosb [,[astadr] ,[astprm] ,[new_tid] ,[old_tid]]

C Prototype

int sys$set_default_trans (unsigned int efn, unsigned int flags, struct _iosb *iosb,...);

Arguments

efn

OpenVMS usage: ef_number

type: longword (unsigned)

access: read only

mechanism: by value

Number of the event flag that is set when the service completes. If this argument is omitted, event flag 0 is used.
flags

OpenVMS usage: mask_longword

type: longword (unsigned)

access: read only

mechanism: by value

Flags specifying options for the service. The flags argument is a longword bit mask in which each bit corresponds to an option flag. The $DDTMDEF macro defines symbolic names for the option flag, described in Table SYS-53. All undefined bits must be 0. If this argument is omitted, no flags are used.

Table SYS-53 $SET_DEFAULT_TRANS Option Flag
Flag Name Description

DDTM$M_SYNC Specifies successful synchronous completion by returning SS$_SYNCH. When SS$_SYNCH is returned, the AST routine is not called, the event flag is not set, and the I/O status block is not filled in.

iosb

OpenVMS usage: io_status_block

type: quadword (unsigned)

access: write only

mechanism: by reference

The I/O status block in which the completion status of the service is returned as a condition value. See the Condition Values Returned section.
The following diagram shows the structure of the I/O status block:

**Table SYS-53 $SET_DEFAULT_TRANS Option Flag**
Flag Name	Description
DDTM$M_SYNC	Specifies successful synchronous completion by returning SS$_SYNCH. When SS$_SYNCH is returned, the AST routine is not called, the event flag is not set, and the I/O status block is not filled in.

astadr

OpenVMS usage:	ast_procedure
type:	procedure entry mask
access:	call without stack unwinding
mechanism:	by reference

The AST routine executed when the service completes, if SS$_NORMAL is returned in R0. The astadr argument is the address of the entry mask of this routine. The routine is executed in the same access mode as that of the caller of the $SET_DEFAULT_TRANS service.

astprm

OpenVMS usage:	user_arg
type:	longword (unsigned)
access:	read only
mechanism:	by value

The AST parameter passed to the AST routine specified by the astadr argument.

new_tid

OpenVMS usage:	trans_id
type:	octaword (unsigned)
access:	read only
mechanism:	by reference

The identifier (TID) of the new default transaction for the calling process. If this argument is zero (the default) or if it specifies a zero TID (an octaword of zeros), the service clears the default transaction of the calling process.

old_tid

OpenVMS usage:	trans_id
type:	octaword (unsigned)
access:	write only
mechanism:	by reference

An octaword in which the service returns the identifier (TID) of the calling process' previous transaction (the one that was set or cleared by this call to $SET_DEFAULT_TRANS).

A zero TID is returned if the calling process did not have a default transaction prior to the call.

Description

The $SET_DEFAULT_TRANS system service:

Sets or clears the default transaction of the calling process.
If either the new_tid argument passes the null value or the new_tid argument is omitted or zero, then the default transaction of the calling process is cleared. Otherwise the default transaction of the calling process is set to the value passed in the new_tid argument.
Returns the identifier (TID) of the previous default transaction of the calling process (the one that was set or cleared by this call to $SET_DEFAULT_TRANS), if the old_tid argument is not zero.

$SET_DEFAULT_TRANS may fail for various reasons, including a call to $START_TRANS or $START_BRANCH that changes the default transaction of the calling process in progress.
Following a successful completion of $SET_DEFAULT_TRANS:

The calling process does not have a default transaction, if either the new_tid argument passed the null value or the new_tid argument was omitted or zero.
The default transaction of the calling process is that passed in the new_tid argument, if that argument was specified and its value was not zero.
The identifier (TID) of the previous default transaction of the calling process is returned in the old_tid argument, if that argument was not omitted.
A null value is returned if the calling process did not previously have a default transaction.

There is also a wait form of the service, $SET_DEFAULT_TRANSW.

Required Privileges

None.

Required Quotas

ASTLM

Related Services

$ABORT_TRANS, $ABORT_TRANSW, $ACK_EVENT, $ADD_BRANCH, $ADD_BRANCHW, $CREATE_UID, $DECLARE_RM, $DECLARE_RMW, $END_BRANCH, $END_BRANCHW, $END_TRANS, $END_TRANSW, $FORGET_RM, $FORGET_RMW, $GETDTI, $GETDTIW, $GET_DEFAULT_TRANS, $JOIN_RM, $JOIN_RMW, $SETDTI, $SETDTIW, $SET_DEFAULT_TRANSW, $START_BRANCH, $START_BRANCHW, $START_TRANS, $START_TRANSW, $TRANS_EVENT, $TRANS_EVENTW

Condition Values Returned

SS$_NORMAL If returned in R0, the request was successfully queued. If returned in the I/O status block, the service completed successfully.

SS$_SYNCH The service completed successfully and synchronously (returned only if the DDTM$M_SYNC flag is set).

SS$_ACCVIO An argument was not accessible to the caller.

SS$_BADPARAM The options flags were invalid.

SS$_EXASTLM The process AST limit (ASTLM) was exceeded.

SS$_ILLEFC The event flag number was invalid.

SS$_INSFARGS A required argument was missing.

SS$_INSFMEM There was insufficient system dynamic memory for the operation.

SS$_WRONGSTATE The default transaction was being changed at the time of the call.

Contents

Index

SS$_NORMAL	The service completed successfully.
SS$_ACCVIO	The item list or input buffer cannot be read by the caller; or the return length buffer, output buffer, or status block cannot be written by the caller.
SS$_BADPARAM	The function code is invalid; the item list contains an invalid item code; a buffer descriptor has an invalid length; or the reserved parameter has a nonzero value.
SS$_NOGRPPRV	The user does not have the privileges required to modify the authorization information for other members of the UIC group.
SS$_NOSYSPRV	The user does not have the privileges required to modify the authorization information associated with the user or for users outside of the user's UIC group.
RMS$_RSZ	The UAF record is smaller than required; the caller's SYSUAF is likely corrupt.

OpenVMS usage:	longword_unsigned
type:	longword (unsigned)
access:	read only
mechanism:	by value

OpenVMS usage:	ef_number
type:	longword (unsigned)
access:	read only
mechanism:	by value

OpenVMS usage:	mask_longword
type:	longword (unsigned)
access:	read only
mechanism:	by value

OpenVMS usage:	io_status_block
type:	quadword (unsigned)
access:	write only
mechanism:	by reference

SS$_NORMAL	If returned in R0, the request was successfully queued. If returned in the I/O status block, the service completed successfully.
SS$_SYNCH	The service completed successfully and synchronously (returned only if the DDTM$M_SYNC flag is set).
SS$_ACCVIO	An argument was not accessible to the caller.
SS$_BADPARAM	The options flags were invalid.
SS$_EXASTLM	The process AST limit (ASTLM) was exceeded.
SS$_ILLEFC	The event flag number was invalid.
SS$_INSFARGS	A required argument was missing.
SS$_INSFMEM	There was insufficient system dynamic memory for the operation.
SS$_WRONGSTATE	The default transaction was being changed at the time of the call.