User Administration Commands
LeasePak Documentation Suite NETSOL website
Home Search Help
User Accounts

LeasePak Server Configuration and Maintenance

User Administration Commands

User Administration Commands

Top Overview lease /util 112 useradd db_add_login

db_add_user LeasePak Start-up files change_env

whatami lease /util 108 U0706 Security Update

Detailed Discussions of User Account Creation

Topics

  • Environments
    • production environment
    • administrative environment
    • test environment
    • visitor environment
    • host environment
  • DBMS
    • database server
    • database system
    • primary database system
    • SQL
  • General
    • OS
    • shell
      • bash
      • csh
      • ksh
      • sh
    • command history
    • command prompt
    • environment variable
    • shell programs
    • vi
  • Networking
    • TCP port
    • terminal
    • terminal emulator
    • terminal type
    • internet service
    • IP address
  • Hosts
    • application host
    • DBMS host
  • LeasePak
    • NetSol help desk
    • NetSol Technologies North America
    • SETUP
      • LeasePak instance
      • NSTDIR
        • NetSol directory
      • top directory
      • upper level directories
    • LeasePak driver
    • LeasePak start-up files
    • LeasePak utilities
    • LeasePak utility 108
    • LeasePak utility 112
    • LeasePak client
    • Naming Conventions
      • Strict naming convention
      • Loose naming convention
    • LeasePak release
      • build
        • build-descriptor
        • build ID
        • build ID alias
  • LLDB
    • LLDB properties
    • database type
    • DBO
  • Password
    • client string password
    • Unix string password
    • SQL server string password
    • translated password
    • password of the day
    • alphanumeric character
    • character
  • Users and Roles
    • LeasePak roles
      • system administrator
      • LeasePak administrative user
        • NSTDBA
          • LeasePak database admini-strator
        • NSTADMIN
          • LeasePak release admini-strator
        • $SRVADM
          • database server admini-strator
        • security authority
        • DBO
          • logical database owner
      • LeasePak non-administrative user
        • LeasePak user
        • LeasePak supervisor
        • regular user
        • restricted user
          • report user
          • partial update user
        • LeasePak security record
      • OS user
        • UID
        • Unix account
        • $HOME directory
        • shell start-up files
        • access modes
      • DBMS user
        • OS group
          • NSTGROUP
          • GID
  • Commands
    • NetSol utility script
      • whatami
      • useradd
      • setup_new_env
      • db_add_login
      • db_add_user
      • db_create

This page covers 9 utilities that are essential for setting up users to use the LeasePak system. These utilities are the same ones described in How to Create Non-Administrative Users.

The commands marked with a dagger (†) are not needed for hosted user administration.

lease /util 112

Top Overview lease /util 112 useradd db_add_login

db_add_user LeasePak Start-up files change_env

whatami lease /util 108 U0706 Security Update

LeasePak Password Translation
Use lease /util 112 to translate the client string password into the equivalent SQL Server string password, the Unix string password, and finally the RSC string password. These four password strings are tied together and they must remain tied or the user will not be able to access LeasePak successfully. Any changes must originate with the client string password, translated into the three additional working versions by lease /util 112.
lease /util 112 may be run by anyone in the $NSTGROUP group, even by the LeasePak administrative users such as $NSTADMIN and $NSTDBA, who are not able to run LeasePak themselves. It requires no LLDB, no database server, and no Queue Manager services. It does require that the user has executed a LeasePak start-up file, such as .lplogin or .lpprofile, either via a shell start-up file or by directly . .lplogin or source .lpprofile from the shell prompt.
The operator who executes lease /util 112 requires no special permissions or privileges.

Common Usage

The following is an example of using lease /util 112:
[nsadm76a:~]  lease /util 112
where

lease /util 112 Worksheet

Note the following values for running lease /util 112:
Name Description Your Value Notes
client string password the "plain-text" password used to log onto the LeasePak client should conform to site password policies for strength, complexity, and frequency of change
SQL server string password the translated version of the client string passsord for database use will be used by LeasePak software for accessing the LLDBand the database server. This is the password that should be used with db_add_login.
Unix string password the translated version of the client string passsord for OS use will be used by LeasePak software for logging onto the DBMS host and onto the application host. This is the password that should be used with the shell also.
RSC string password the translated version of the client string passsord for hosted user use will be used by LeasePak software for logging a hosted user onto the LeasePak client-server connection.

Running lease /util 112

Log on the application host as any user who is a member of the $NSTGROUP group who has a LeasePak start-up file assigned to his $HOME directory. Immediately after LeasePak is installed on the application host, the $NSTADMIN and $NSTDBA administrative users can execute the utility per the usage shown below. The $NSTADMIN will obtain the passwords for the LeasePak Supervisor and configure that account, so that s/he will then be able to execute this utility for all other users.

How to run lease /util 112:
Run lease /util 112 with the usage described above.

[nsadm76a:~]  lease /util 112

The command will produce a display similar to the screen print below. 

  [lpuser:~] lease /util 112
  This Utility option may be used to translate a Client password 
  into the equivalent Unix and SQL Server passwords.
  
  Do you wish to continue (Y/N)? Y 
  
  
Enter the Client password, <RETURN> to exit: aardvark

Client password     : aardvark
SQL Server password : ketxjyf3
Unix password       : bfuumxi0
RSC password        : eanfvmv7

Enter the Client password, <RETURN> to exit:
[lpuser:~]

useradd

Top Overview lease /util 112 useradd db_add_login

db_add_user LeasePak Start-up files change_env

whatami lease /util 108 U0706 Security Update

† Setting up the OS User
The System Administrator uses a command like useradd to add new OS user accounts. This is not a function of LeasePak, but of ordinary administration of the hosts. LeasePak of course depends on this administration, but places only a few requirements on how it is accomplished.
The following list of requirements applies to dedicated users only, proxy and hosted users have different requirements; see below.
IMPORTANT NOTE
LeasePak Requirements for User Accounts

LeasePak OS users must have the following:

  • a single unique name that is valid in the OS, in the database system, in LeasePak itself, within the corporate standards of the business licensed to use LeasePak, and is allowed by the applicable Naming Convention.
  • if a site employs multiple hosts, UIDs, GIDs, user names and user passwords must be consistent across all LeasePak hosts.
  • all LeasePak-enabled logins must belong to the $NSTGROUP as its primary login group
  • each LeasePak-enabled login must have its own home directory located in $HOME in order to maintain separate collections of reports which might otherwise overwrite reports generated by other users
  • each LeasePak-enabled login must also have an account created by db_add_login in the database system that contains the LLDB that the user is assigned by use of change_env or accesses via the LeasePak client.
  • each LeasePak-enabled login must have access to the LLDB in their assigned environment through db_add_user
  • each LeasePak-enabled login that also has shell access must have shell start-up files (.login, .profile, etc) that read LeasePak start-up files assigned using change_env
IMPORTANT NOTE
LeasePak Requirements for Hosted Users

Hosted users must have the following:

  • A unique username within the application host and the database host.
  • A home directory on the application host for reports and other files generated by LeasePak.
  • A record in the RSC security table that contains their RSC string password.
  • Access to a shared port on the application host, properly set up by a proxy user.
IMPORTANT NOTE
LeasePak Requirements for the Proxy User

The Proxy user must have the following:

db_add_login

Top Overview lease /util 112 useradd db_add_login

db_add_user LeasePak Start-up files change_env

whatami lease /util 108 U0706 Security Update

† Creating a User Account in the Database System
Use db_add_login to add a user who is already an OS user to the database system in order for that user to utilize the services provided by the database server, such as access to an LLDB.
db_add_login may only be run by $NSTDBA, the LeasePak database administrator. It requires that the database server db-type selected on the command line be up and running and capable of executing interactive SQL commands; does not require the services of the Queue Manager.
The operator who executes db_add_login must know or have access to the password of the $SRVADM.
Unlike most db_* commands, db_add_login does not affect a particular LLDB or environment, so there is no environment parameter given when executing it.

Common Usage

The following is an example of using db_add_login:
[nsdba76a:~]  db_add_login db-type user-name user-password

where

  • db-type indicates to which database system the user login is to be added: ora indicates Oracle and syb indicates Sybase. This is necessary because two LeasePak instances can be installed to each run on one of two installed database systems on a single host.
  • user-name is an existing OS user who has not previously been added to the database system.
  • user-password is the user's SQL server string password translated password obtained by running lease /util 112.
  • Other inputs
    • The operator will be prompted for the password of the $SRVADM (the database server administrator) . For security, the characters of the password are not printed on the screen as the operator types them.

db_add_login Worksheet

Note the following values for running db_add_login:

Name Description Your Value Notes
db-type database type ora for Oracle or syb for Sybase
user-name OS account login name existing OS user name, not already added to the database system
user-password SQL server password from lease /util 112 This password is tied to the client string password and to the Unix string password. The SQL Server string password and the Unix string password are derived together from the client string password in lease /util 112.
$SRVADM's password Database server administrator's password The System Administrator assigned the $SRVADM password during LeasePak SETUP (installation). db_add_login is one of the LeasePak utility programs that accesses the database server using $SRVADM's credentials, hence its password is required

Running db_add_login

Log on the application host as $NSTDBA.

Run db_add_login with the usage described above.

[nsdba76a:~]  db_add_login ora jstettner ketxjyf3

Or, for increased security:

[nsdba76a:~]  db_add_login ora jstettner

The above form of the prompts for the user password, and the command runs without:

The command will produce a display similar to the screen print below. 

  [nsdba76a:~] db_add_login ora jstettner ketxjyf3
  2011-09-09 15:21:21 db_add_login: Add ora DBMS login jstettner
  2011-09-09 15:21:21 db_add_login: Running commands as srvadm
  
  Server Administrator 'srvadm' password: srvadm's password
  2011-09-09 15:21:30 db_add_login: Start: ora jstettner
  2011-09-09 15:21:31 db_add_login: End
  [nsdba76a:~]

db_add_user

Top Overview lease /util 112 useradd db_add_login

db_add_user LeasePak Start-up files change_env

whatami lease /util 108 U0706 Security Update

† Granting Access to LLDB to user
Use db_add_user to grant to an existing user within the database system access to the LLDB attached to a LeasePak environment.
db_add_user may only be run by $NSTDBA. It requires that the database server for the db-type determined when the selected environment was built using setup_new_env be up and running and capable of executing interactive SQL commands; does not require the services of the Queue Manager.
The operator who executes db_add_user must know or have access to the DBO's password, which was set when the LLDB was built using db_create.
Like most db_* commands, db_add_user affects a particular LLDB which is determined by the environment given as the first parameter to the command.
The db_add_user command may only be run from production environments and test environments; visitor environments are not allowed to perform configuration-changing tasks on the LLDBs they point to. The original, or host environment, given when the visitor environment was created, must be used for performing configuration-changing tasks such as db_add_user.

Common Usage

The following is an example of using db_add_user:
[nsdba76a:~] db_add_user env-name user-name access-group

where

  • env-name indicates the LeasePak environment which contains the LLDB that will be affected by the command
  • user-name is the name of an existing user login within the database system, who is not already a user of the LLDB
  • access-group is either msi or msir. msi is the access that all users who access LeasePak using the LeasePak client, and grants read and write permission on all LeasePak tables, and execute permission on all LeasePak stored procedures. msir grants only read permission on the LeasePak tables. It cannot be used to access LeasePak through the LeasePak client or to access any LeasePak Utility on the application host. msir is intended for use by non-LeasePak users such as analysts or auditors who require read access but will not be able to make any changes to the data.
  • Other inputs
    • The operator will be prompted for the password of the DBO (the Database Owner). For security, the characters of the password are not printed on the screen as the operator types them.
db_add_user Worksheet

Note the following values for running db_add_user:

Name Description Your Value Notes
env-name environment name l Must have been previously created using setup_new_env; the LLDB that the environment points to must exist; the environment must be a test environment or a production environment.
user-name Database server login name existing DBMS user name, not already granted access to the LLDB
access-group LLDB access group either msi for all LeasePak users; or msir for read-only analysts
DBO's password LLDB owner's password the DBO password, assigned when the DBO was created, most likely at the same time the LLDB was built using db_create

Running db_add_user

Log on the application host as $NSTDBA.

Run db_add_user with the usage described above.

[nsdba76a:~]  db_add_user prod jstettner msi

The command will produce a display similar to the screen print below. 

  [nsdba76a:~] db_add_user prod jstettner msi
  2011-09-10 18:39:50 db_add_user: Add user jstettner to (prod)lpr_prod
  2011-09-10 18:39:50 db_add_user: Running commands as lpr_prod
  
  Database Owner 'lpr_prod' password: DBO's password
  2011-09-10 18:39:58 db_add_user: End
  [nsdba76a:~]

Unix Start-up files

Top Overview lease /util 112 useradd db_add_login

db_add_user LeasePak Start-up files change_env

whatami lease /util 108 U0706 Security Update

† Preparing the User Account to Enter LeasePak

Many Unix/Linux commands have associated with them initialization files. These are usually plain text files, that end-user can modify to suit their needs with just a simple text editor. So it is in the OS itself, where there are many initialization files stored on the hosts.

Often these files have names that incorporate the characters "rc", which stand for "runcom", which itself is an abbreviation of "run commands" or "run control" or "run configure," according to posts on StackExchange, Wikipedia, and other sites.

An "rc" file then is a file of commands used to configure a software program when it first starts to run. Unix/Linux use rc files as the OS starts to run following boot-up. The shells are programs that provide the basic user interface for the OS. They can also be considered CLIs (Command-Line-Interfaces). Their primary purpose is to allow humans to control and command the computer in its work, and for the computer to give its output to the humans who tend it.

For the purposes of this discussion, we will divide the world of Unix/Linux shell programs into two camps: (1) is sh (bourne sh, posix sh, bash, ksh, and others) and (2) is csh (csh, tcsh, and others). When a shell starts, it reads its native configuration files. sh shells read profile or .profile files in the system /etc directory, or the user's home directory. Csh reads login or .login files found in the same locations as the (.)profile files. They often contain very similar information, but they often have marked differences, too.

One place where this difference shows up is in how scripts are interpreted by the different shells. The differences are widespread enough to make it very difficult to write a single script that will run correctly under both shells. NetSol has developed a technique, a system of script functions (available only under sh) and aliases (available in both shells), that allow carefully written scripts to run correctly under either shell. Files that contain these limited scripts are tagged msirc files, and bear the file extension '.msirc'.

Files of this type are characterized as "shell neutral". Msirc files are not used to implement LeasePak functions, but instead are used to provide a single source for configuration of both types of shells. The run-time configuration of LeasePak shells is accomplished using this form of scripting.

When a Unix user logs onto a LeasePak server, his or her shell will execute the .login file in the user's home directory or the .profile file, etc. For LeasePak, the start-up file must set a few environmental variables and then start running a series of scripts, some named "*rc", which will configure the shell environment for LeasePak. This shell environment gives its user the ability to access LeasePak utilities, and to examine files and directories containing LeasePak data, and to execute allowed system utilities.

The shell start-up files are the ones mandated by the version of the operating system and the shell program the user uses. Primarily, these are .profile and .login, but include (for csh shells) .cshrc, .history, and any others that the shell, or OS, start-up files are programmed to read. Thus, when a shell start-up file reads a LeasePak start-up file, then that shell is considered "logged into LeasePak", and "has a LeasePak environment", and "is configured for LeasePak."

Use vi to modify a user's shell start-up file to configure his or her account for LeasePak upon logging in.
Modifying a user's shell start-up file may be performed by the system administrator or by the individual user, depending on who owns the files and what kind of access modes the files have been given. This modification should be performed by the administrator upon creation of the user's OS account.

IMPORTANT NOTE

LeasePak User Types and Start-up Files

Unix start-up files are an essential element for a user's ability to run a on the application host. Generally only those LeasePak users who require shell access will have shell start-up files that may require modification. Therefore, Report Users and Partial Update Users should not have Unix start-up files that require modification.

Only the administrative users, $NSTADMIN and $NSTDBA, the LeasePak supervisor and those regular users with shell access may have a Unix start-up files that may require modification.

If the System Administrator chooses to use the template Unix start-up files located in LeasePak' $live/lib directory, sample.login and sample.profile, as the basis for the start-up files of the LeasePak users he or she creates, then the modification required is already incorporated. If the System Administrator uses files of a different origin, then the functionality provided in the template files must be inserted into the start-up files used.

Modifying the Unix start-up files

Below are the contents of the two template Unix start-up files provided in $live/lib. These are truly minimal start-up files, and probably not adequate in and of themselves to fully provision a user for anything but accessing LeasePak at the shell level; they are adequate for that task.

Below is the template file sample.login. It is intended for use by users who are using the csh or tcsh command shells: 

###############################################################
# NetSol Sample .login file
# $Revision: 6.2.0.2 $ $Date: 2011/09/11 00:26:42 $
###############################################################
# Set up the default search paths:
set path=( $path . )

#set up the terminal
eval `tset -s -Q -m ':?vt100' `
stty erase "^H" kill "^U" intr "^C" eof "^D" susp "^Z" hupcl ixon ixoff tostop
tabs    

alias cd 'cd \!*; set prompt="[${LOGNAME}:${cwd}] "'
cd $cwd

#  Source user's .lplogin file to set up LEASEPAK/UX environment

		if ( -f $HOME/.lplogin )  then 
				source $HOME/.lplogin
		else
				echo "Warning:  You don't have a .lplogin file"
		endif

Below is the template file sample.profile. It is intended for use by users who are using the sh, ksh, or bash command shells: 

###############################################################
# NetSol Sample .profile file
# $Revision: 6.2.0.3 $ $Date: 2011/09/11 00:31:49 $
###############################################################
# Set up the terminal:
		eval ` tset -s -Q -m ':?vt100' `
		stty erase "^H" kill "^U" intr "^C" eof "^D"
		stty hupcl ixon ixoff
		tabs

# Set up the search paths:
		PATH=$PATH:.

# Set up the shell variables:
		EDITOR=vi
		export EDITOR

# Source user's .lpprofile file to set up LEASEPAK/UX environment

		if [ -f $HOME/.lpprofile ] ; then 
				. $HOME/.lpprofile
		else
				echo "Warning:  You don't have a .lpprofile file!"
		fi

In both cases, the sample start-up files set up the user's terminal or terminal emulator, set up a path variable, and set some other environment variables.

They both then check for the existence of a LeasePak start-up file in the user's home directory, and if found, read it into the shell process, but if not found, print a message to the user advising them that no LeasePak start-up file was found.

CRITICAL NOTE

In Order for LeasePak to Work

The user's environment must assign to the TERM or term variable (depending on which shell is in use) a value that is supported by the Queue Manager. See System Requirements Terminal Emulation for more information.

IMPORTANT NOTE

LeasePak Start-up Files

When a LeasePak environment is created using setup_new_env, two LeasePak start-up files are created: .lplogin and .lpprofile. In order for a user shell to be configured for LeasePak, the user's .login or .profile file must read in the appropriate one of these LeasePak start-up files. The next section discusses how to make this happen.

change_env

Top Overview lease /util 112 useradd db_add_login

db_add_user LeasePak Start-up files change_env

whatami lease /util 108 U0706 Security Update

† Providing User with Environment-Specific Start-Up

Use change_env to set the environment that a user with shell access will log into when they log onto the application host. change_env copies the LeasePak start-up files described above to the user's home directory.

change_env may be executed only by $NSTADMIN. It requires neither the services of the database server nor the services of the Queue Manager.

IMPORTANT NOTE

change_env and the LeasePak Administrative Users

The $NSTADMIN cannot use change_env to affect its own account or the account of the $NSTDBA. These accounts are pre-configured by the SETUP program to point to the primary DBMS's administrative environment and must remain configured that way.

The roles of $NSTADMIN and $NSTADBA are to administer the entire release and its databases, not just a single environment or database.

Common Usage

The following is an example of using change_env:
change_env user-name release-version env-name modes

where

  • user-name is the OS user name of the user whose environment is to be set. This user should already be completely set up in LeasePak by the System Administrator and the LeasePak supervisor following the procedures outlinedhere.
  • release-version is the LeasePak release version that contains the environment that the use is assigned to
  • env-name is the environment to which the user is assigned, and to which he has been given access via the above-mentioned procedures
  • modes are the file access modes that are to be applied to the copies of the LeasePak start-up files in the user's $HOME directory by change_env. If the user is allowed to change his own environment, then the modes should be 660, writable by owner and group. If the user is not allowed to change her own environment, then the modes should be 640, writable only by owner, who will be $NSTADMIN.

change_env Worksheet

Note the following values for running change_env:
Name Description Your Value Notes
user-name Database server login name existing fully configured LeasePak user name, whose home directory is either writable by $NSTGROUP or contains LeasePak start-up files which are writable by $NSTGROUP or by $NSTADMIN
release-version LeasePak release version where environment is located Must exist and contain indicated environment; its top directory must be within the $NSTDIR directory tree
env-name environment name Must have been previously created using setup_new_env; the LLDB that the environment points to must exist; the environment and its LLDB be accessible to the user
access-modes file access modes to apply to start-up files 660 if user is to be able to change his or her own environment, 440 if not

The very first LeasePak user in a new installation of course cannot acquire the .lp* files using change_env, because that user has no start-up file, he or she has no LeasePak commands like change_env available. This user, usually the LeasePak Supervisor, must copy the files from the environment to the home directory, using this command line to do so:

[lpsup76a:~]  cp top-dir/env/env-name/etc/.lp* $HOME

where top-dir is the top directory and env-name is the environment name.

Running change_env

Log on the application host as $NSTADMIN.

Run change_env with the usage described above.

[nsadm76a:~]  change_env jstettner v76a prod 640

The command will produce a display similar to the screen print below. 

[nsadm76a:~] change_env jstettner v76a prod 640
2011-09-15 05:07:47 change_env: Environment for jstettner changed to version v76a, prod 
environment

Be sure jstettner logs off and logs in again to have changes take effect
[nsadm76a:~]
Note that the resulting files are owned by $NSTADMIN, and are not writable by the user; this is the effect of the 640 access modes. Note also that the original LeasePak start-up files were backed up with the extended name _bak.

whatami

Top Overview lease /util 112 useradd db_add_login

db_add_user LeasePak Start-up files change_env

whatami lease /util 108 U0706 Security Update

† Identifying User Current Environment
Use whatami to determine which environment the user is set up to log into.
whatami may be executed by any dedicated user who is configured for LeasePak. whatami is not used to determine if a user is configured for a LeasePak environment; it is used to determine which LeasePak environment the user is configured for. It requires neither the services of the database server nor of the Queue Manager.

Running whatami

Log on the application host as any LeasePak user with shell access

Run whatami as follows:

[lpuser:~] whatami

The command will produce a display similar to the screen print below.

[lpuser:~] whatami
User : jstettner
LeasePak version : v76a
Installed in : /opt/nst/v76a
Environment name : prod
Environment type : PRODUCTION

Database name : lpr_prod
DBMS name : Sybase
Database server : SEVILLE
Database home : /opt/sybase

Designated build : live
Current linked-in build : bld7.60.1234
Executable directory is a : link to build directory

You will need the following for LeasePak PC Client setup:
IP Address or name : seville
Server Port : 7600
[lpuser:~]

The data displayed provides a glimpse into the user's environment, giving the following information:

Item Example Notes
User jstettner Unix user name
LeasePak version v76a LeasePak release version
Installed in /opt/nst/v76a top directory of release tree
Environment name prod environment that the user is configured for
Environment type PRODUCTION PRODUCTION environment, TEST environment, or VISITOR environment
Database name lpr_prod the LLDB of the environment
DBMS name Sybase Oracle or Sybase
Database server SEVILLE the database server under which the LLDB is built
Database home /opt/sybase directory where database system software is installed
Designated build live a build id or build id alias
Current linked-in build 7.60.1234 the build that Designated build evaluates to; the actual build that the environment is linked to.
Executable directory is a link to build directory How the LeasePak driver files are linked to the environment; other value is "directory of links to executables"
IP Address or name SEVILLE name or address of the application host. This could also be in web form lpak.myleasingco.com or an IP address such as 92.168.00.117
Server Port 7600 the TCP port number on which LeasePak listens for connection requests

lease /util 108

Top Overview lease /util 112 useradd db_add_login

db_add_user LeasePak Start-up files change_env

whatami lease /util 108 U0706 Security Update

Providing the LeasePak Supervisor with LeasePak Security Record
Use lease /util 108 to add a fully enabled LeasePak Security Record for a user (usually just the <LeasePak Supervisor. Only one user should be set up this way; that user then uses [U0706] Security to set up template users or roles roles, which then can be cloned into individual Security records for individual employees.
lease /util 108 may be run by any LeasePak-enabled user who is a DBMS user (see db_add_user) in the LLDB belonging to the target environment.
It requires that the database server for the db-type designated by setup_new_env be up and running and capable of executing interactive SQL commands; does not require the services of the Queue Manager.
lease /util 108 requires the operator to input his/her client string password plus the Password of the Day before he or she is allowed to create any security records. The Password of the Day may be obtained only by contacting NetSol Help Desk, and will work only on the calendar day on which it was issued or for which it was issued.

lease /util 108 Worksheet

Note the following values for running lease /util 108:

Name Description Your Value Notes
operator's name The operator's login name The operator must have a database system account and must be a user in the LLDB environment
operator's password The operator must provide his client string password the client string password was assigned when the operator's account was created.
Password of the Day allows operator to use lease /util 108 obtain the Password of the Day from the NetSol Help Desk
user-name login name of user must be an existing OS user name, who also is a DBMS user in the appropriate database system (see db_add_login) and who is a user in the LLDB (see db_add_user)of the environment to which the user is assigned (see change_env).
user initials the initials that will represent the user within LeasePak. The initials must be unique within the LLDB as must the user name; the initials are three characters; LeasePak does not enforce any derivation of the initials from the user name; initials are entirely arbitrary as long as they are alphanumeric characters and unique.
user-status a quick checklist; all must be "Yes"   Yes  No
  Yes  No
  Yes  No
 < Yes/No : does user have Unix account?
< Yes/No : does user have DBMS login?
< Yes/No : has user been added to the LLDB?

Running lease /util 108

Terminal emulation: the operator's current shell session must use one of the supported terminal types. Refer to for more information.

Log on the application host as lpsup76a, the LeasePak Supervisor.

Run lease /util 108 as shown below.

[lpsup76a:~]  lease /util 108

The command will produce a display similar to the screen print below. Enter Y when asked about continuing, and then the operator's client string password. 

  [lpsup76a:~] lease /util 108
  This Utility option is an NetSol Technologies Client Services tool used in
  initial client account setup.  WARNING: Improper use of this utility
  will cause severe harm.
  
  Do you wish to continue (Y/N)? Y
  Client Password?  client-string

The command will produce a display similar to the screen print below. Enter the password of the day (obtained from the NetSol Help Desk) when prompted. Then enter the username, in this example, lpsup76a followed by ENTER, when prompted. Finally, enter the user's initials, in this example, sup followed by ENTER, when prompted.

The final ENTER after the user initials causes LeasePak to perform the insertion of the LeasePak Security Record.

lease /util 108 will then prompt for another user name. If the operator simply presses ENTER, the program exits back to the command prompt. 

  Password? password-of-the-day
  
  
  Enter username, <RETURN> to exit: lpsup76a  Enter user initials: sup
  User successfully added.
  
  Enter username, <RETURN> to exit: 
  [lpsup76a:~]

U0706 Security

Top Overview lease /util 112 useradd db_add_login

db_add_user LeasePak Start-up files change_env

whatami lease /util 108 U0706 Security Update

Providing the LeasePak User with LeasePak Security Record
Use [U0706] Security to add LeasePak security records for all LeasePak non-administrative users.
[U0706] Security may only be run by the LeasePak Supervisor or by regular users authorized by the LeasePak Supervisor. It requires that the database server for the db-type designated by setup_new_env be up and running and capable of executing interactive SQL commands; does not require the services of the Queue Manager.
[U0706] Security is a LeasePak Client update; the operator must have access to a Windows PC with the v76a LeasePak Client properly installed on it, as well as appropriately configured accounts giving access to LeasePak.

About [U0706] Security

This section details a few items from [U0706] Security related to setting up the various types of user accounts. Refer to the LeasePak Reference Guide for the full documentation on [U0706] Security.

Determining the user type

To specify whether an account is a regular, report, or partial update user, select the appropriate LeasePak Account Status value on the Port. Sec. tab of [U0706] Security

Forcing a user password change

In most cases, the administrator will want users to change their passwords the first time they log on the LeasePak client. To force a user password change, select Force Password Change on next login on the Waiver Tol./Password tab of [U0706] Security. After the user logs on the client and changes the password, this box will clear.

Changing other users' passwords

To grant a user the ability to change other users' passwords, the following must be done:

See Maintenance->Passwords.

Top Overview lease /util 112 useradd db_add_login

db_add_user LeasePak Start-up files change_env

whatami lease /util 108 U0706 Security Update