HP OpenVMS Systems Documentation

OpenVMS Management Station allows you to organize the systems you need to manage in ways that are meaningful to you and your environment, and allows you to manage user accounts on those systems.

You can easily manage user accounts across multiple OpenVMS systems, depending on your needs. The systems might be some of the clusters in a network, all of the systems on one floor of a building, a mix of clusters and nonclustered nodes, and so forth.

You can use OpenVMS Management Station to manage OpenVMS user accounts in a convenient, easy manner. For example, when creating an account on multiple systems, OpenVMS Management Station can add a user authorization file (UAF) entry, grant rights identifiers, create an OpenVMS directory, set a disk quota, set up OpenVMS Mail characteristics, and so forth, for each instance of the account.

OpenVMS Management Station manages the following OpenVMS resources:

• The SYSUAF.DAT user authorization file
• The RIGHTSLIST.DAT user rights file
• The network proxy database
• Account login-directory trees
• User account disk quotas
• The OpenVMS Mail VMSMAIL_PROFILE.DATA file

The OpenVMS Management Station supports the following account management operations:

• Creating user accounts
• Modifying user accounts (any aspect)
• Deleting user accounts
• Renaming user accounts
• Displaying user account attributes

You perform many system management tasks by entering DCL (DIGITAL Command Language) commands. For example, enter the DCL command MOUNT to make disks and tapes available to the system. Most of the DCL commands used by system managers require special privileges (such as OPER privilege).

The general format of a DCL command is as follows:

Because a command can be continued on more than one line, the term command string is used to define the entire command. A command string is the complete specification of a command, including the command name, command qualifiers, parameters, and parameter qualifiers.

For complete descriptions of each DCL command, refer to online DCL help or the OpenVMS DCL Dictionary. If you are not familiar with DCL command syntax, refer to the OpenVMS User's Manual.

2.1.3 System Messages

When you enter commands in DCL or in utilities, the system returns messages to help you understand the result of each command. System messages can indicate the following information:

• Successful completion of a command
• Information about the effect of the command
• Warning about the effect of the command
• Failure to successfully complete the command

At times, you might need to interpret a system message, for example, to find out how to recover from a warning or failure. The Help Message utility allows you and system users to quickly access online descriptions of system messages from the DCL prompt.

For more information about the Help Message utility, refer to the OpenVMS System Messages: Companion Guide for Help Message Users. In addition, the OpenVMS System Messages and Recovery Procedures Reference Manual provides detailed descriptions of system messages.

2.1.4 DCL Command Procedures

You can use command procedures to efficiently perform routine tasks. A command procedure is a file containing DCL commands and, optionally, data used by those DCL commands. When you execute a command procedure, the system reads the file and executes the commands it contains. This eliminates the need for you to enter each command interactively. You can create command procedures to automate some of the routine system management tasks specific to your site.

A simple command procedure can contain a sequence of commands that you use frequently. For example, you could include the following commands in a command procedure called GO_WORK.COM:

$ SET DEFAULT [PERRY.WORK]
$ DIRECTORY
$ EXIT

When you execute this command procedure with the command @GO_WORK, you set your default directory to [PERRY.WORK] and display a list of files in that directory.

With complex command procedures, you can use DCL instead of a high-level programming language. For more information about creating command procedures, refer to the OpenVMS User's Manual.

2.1.4.1 Executing Command Procedures in Batch Mode

You can execute command procedures in batch mode by submitting the procedure to a batch queue. When resources are available, the system creates a batch process to execute the commands in the procedure. Usually, processes running in batch mode execute at a lower process priority to avoid competing with interactive users for system resources.

You might execute a command procedure in batch mode for the following reasons:

• To automate a task
• To process work at a lower scheduling priority, so as not to compete with interactive users for system resources
• To perform a task during off hours, such as at night or on weekends
• To allow an operation to continue without having a terminal logged in, thereby increasing the security of the system

A batch-oriented command procedure can include a command to resubmit itself to a batch queue, thereby repetitively performing the task with no user intervention. For example, you might create a batch-oriented command procedure to run the Analyze/Disk_Structure utility (ANALYZE/DISK_STRUCTURE) to report disk errors. If you include a command to resubmit the procedure to a batch queue, the procedure will automatically execute when scheduled, unless errors cause the procedure to fail. The following example is a simple command procedure, named SYSTEM-DAILY.COM:

$ SET NOON
$! Resubmit this procedure to run again tomorrow.
$!
$ SUBMIT/KEEP/NOPRINT/QUEUE=SYS$BATCH/AFTER="TOMORROW+1:00"/USER=SYSTEM -
  SYS$MANAGER:SYSTEM-DAILY.COM;
$!
$! Purge the log files
$ PURGE/KEEP=7 SYS$MANAGER:SYSTEM-DAILY.LOG
$!
$! Analyze public disks
$!
$ ANALYZE/DISK/LIST=SYS$MANAGER:WORK1.LIS; WORK1:
$ ANALYZE/DISK/LIST=SYS$MANAGER:WORK2.LIS; WORK2:
$!
$! Print listings
$!
$ PRINT/QUEUE=SYS$PRINT SYS$MANAGER:WORK1.LIS;,SYS$MANAGER:WORK2.LIS;
$ EXIT

Compaq provides several command procedures for managing a system. Table 2-1 lists some commonly used command procedures.

With the operating system, Compaq supplies a number of system management utilities to help perform system management tasks. A system management utility is a program that performs a set of related operations. For example, the Mount utility (MOUNT) makes disks and tapes available to the system, and the Backup utility (BACKUP) saves and restores files.

Most system management utilities require special privileges. Generally, you run these utilities from the SYSTEM account, which has all privileges by default. Section 2.2 describes logging in to the SYSTEM account.

You invoke some utilities using the following command format:

To invoke other utilities, such as MOUNT and ANALYZE/DISK_STRUCTURE, enter a DCL command. For example:

$ ANALYZE/DISK_STRUCTURE

This manual does not describe the following utilities in detail:

To help you perform basic system management tasks, Compaq provides a command procedure named SYS$EXAMPLES:MGRMENU.COM. This procedure displays a menu that you can use to perform the following tasks:

• Add a user account
• Build a standalone BACKUP kit
• Shut down your system

You can use this command procedure as is, or modify it to serve your own site-specific needs. If you modify this procedure, Compaq recommends you first copy the procedure to another directory (for example, SYS$MANAGER), so that an original version of MGRMENU.COM is always available in the SYS$EXAMPLES directory.

To see and use the menu, enter the following command:

$ @SYS$EXAMPLES:MGRMENU

To use system management utilities and perform system management functions, log in to the system manager's account (SYSTEM).

How to Perform This Task

1. Press Return on the console terminal.
2. At the Username prompt, enter SYSTEM.
3. At the Password prompt, enter the password that you chose for the SYSTEM account when you installed or upgraded the operating system, or the current password if you changed it since then.
4. The system displays a welcome message on the console terminal. If you have logged in previously, the system also prints the time of your last login. When the dollar sign ($) prompt appears, login is complete and you can enter commands.

Example

On VAX systems:

Username: SYSTEM
Password:
        Welcome to OpenVMS VAX Version n.n on node x
    Last interactive login on Thursday, 20-FEB-2000 16:41
    Last non-interactive login on Friday, 21-FEB-20000 17:06

On Alpha systems:

Username: SYSTEM
Password:
        Welcome to OpenVMS Alpha (TM) Operating System, Version n.n on node x
    Last interactive login on Thursday, 20-FEB-2000 16:41
    Last non-interactive login on Friday, 21-FEB-2000 17:06

If you manage more than one computer, you can use the System Management (SYSMAN) utility to centralize system management.

The following table lists some major SYSMAN features and points to sections in this chapter that contain more information.

SYSMAN centralizes system management, so that you, as system manager, can manage nodes or clusters from one location. Rather than logging in to individual nodes and repeating a set of management tasks, SYSMAN enables you to define your management environment to be a particular node, a group of nodes, or an OpenVMS Cluster environment. With a management environment defined, you can perform traditional system management tasks from your local node; SYSMAN executes these tasks on all nodes in the target environment.

2.3.1.1 Privileges Required

You must have the following to run SYSMAN:

• OPER and TMPMBX privileges
• A separate account with no more than 125 rights, or enough identifiers removed from the current account so the total number of rights falls within the appropriate range.
  The rights limitation of 125 includes a minimum of three identifiers that are granted during login when the process rights list is created:
  • A UIC identifier
  • A system identifier
  • At least one environmental identifier, depending upon the environment in which the process is operating

If you run SYSMAN from an account with more than 125 rights identifiers, and the environment is set to a remote node, the following error message is displayed:

SMI-E-RIGHTSLIM, Rights limit exceeded.

Note that this rights identifier limitation includes a minimum of three identifiers besides the rights identifiers that are associated with a user authorization record:

• A UIC identifier
• A system identifier
• Depending upon the environment in which the process is operating, at least one environmental identifier

To run SYSMAN, you must have either of the following:

• A separate account with no more than 125 rights identifiers
• Enough identifiers removed from your current account so that the total number of rights falls within the appropriate range

SYSMAN uses many of the same software tools that you traditionally use to manage a system. It can process most DCL commands, such as MOUNT and INITIALIZE. It can also execute many system management utilities and command procedures, such as AUTHORIZE and AUTOGEN.

SYSMAN also includes its own commands that let you perform the following tasks: