% Librarian I01-294ȧȧ>? 5}$ADD&8DELETE'EXIT'`EXPORT  File_Info MessagesOverview Running_EXPORT;vSHOW `Wȧ 1 OverviewJThe DCE EXPORT utility allows you to create an OpenVMS authorization file from an existing DCE registry. CThe DCE registry entries (or a subset of the registry entries) are Gconverted into records in the OpenVMS SYSUAF file and rights database. DConversions are essentially a reversal of those made with the IMPORT function. EPasswords cannot be exported. Instead, the automatic synchronization Mfeature that occurs during integrated login is used to exp ort user passwords.CThe DCE EXPORT utility also creates and maintains an exclude list. <The exclude list contains the DCE names of users who do not Bhave, and do not require, an OpenVMS account. This feature allows =DCE EXPORT to skip over these users during EXPORT operations. NOTE:H The DCE EXPORT utility described in this section cannot be satisfied F by the export function shipped with OSF DCE because of substantial ; differences between OpenVMS and UNIX user registry data .ww`Wȧ 1 File_InfoAThe DCE EXPORT utility is shipped as an OpenVMS executable image Enamed DCE$EXPORT.EXE. The image resides in the SYS$SYSTEM directory. JThe DCE EXPORT exclude file is named by default DCE$EXPORT_EXCLUDE.DAT andCalso resides in SYS$SYSTEM. You can change the name or location, orEboth, of this file by defining the logical name DCE$EXPORT_EXCLUDE to(point to the new filename and location. ww`Wȧ1 Running_EXPORTHThe DCE  EXPORT utility allows system administrators to create an OpenVMS2authorization file from an existing DCE registry. ?Integrated Login provides two methods of running the DCE EXPORTutility, as follows.@o By invoking the DCE EXPORT utility using a predefined symbol. $ EXPORT EXPORT> NYou can also specify a single DCE EXPORT command on the command line. Control -returns to DCL after the command is executed. $ EXPORT command $DSYS$COMMON:[SYSMGR]DCE$DEFINE_REQUIRED _COMMANDS.COM defines the DCE Gsymbol EXPORT, which is used to invoke the DCE EXPORT utility. If this Esymbol is not defined in your environment, you can define the symbol as follows:& $ EXPORT :== $SYS$SYSTEM:DCE$EXPORTo By issuing the RUN command.  $ RUN SYS$SYSTEM:DCE$EXPORT EXPORT> 5See the Digital DCE for OpenVMS VAX and OpenVMS AlphaBReference Guide for detailed descriptions of the EXPORT commands. ww`Wȧ 1 Messages2 EXP_ACCEXISTS  .OpenVMS account for already exists Explanation: : Could not export because it has already been exported. User Action:  None.2 EXP_ADDDCEACC 5account for successfully added to OpenVMS Explanation: < An OpenVMS acount was successfully created for . User Action: = Note directly preceding and following messages for warnings.2 EXP_ADDDCEUAF 3principal successfully added to DCE$UAF Explanation: > Principal successfully added to the DCE$UAF file D as part of the EXPORT operation. Message displayed only if /INFORM) is specified on the EXPORT command line. User Action: None.2 EXP_ADDUAF 6principal successfully exported to OpenVMS Explanation:5 An OpenVMS account for successfully created for DCE . User Action:= Note directly preceding and following messages for warnings.2 EXP_BINDERR &error binding to D&CE security registry Explanation: + Cannot connect to the DCE security server.  User Action: 2 Note accompanying error message for more details.2 EXP_CREDCEUAF created new DCE$UAF file Explanation: A new DCE$UAF file was created. User Action:  None.2 EXP_DCEERR  Explanation: Accompanying DCE error message. User Action: < Use this message to solve the problem generating the error.2 EXP_DCELOGIN error in DCE login Explanation:  Could not perform a DCE login. User Action: 4 Enter valid DCE principal and password combination.2 EXP_DCEUAFERRerror searching DCE$UAF Explanation: ) Error searching or reading DCE$UAF file. User Action: 2 Note accompanying error message for more details.2 EXP_DELDCEUAF7principal successfully deleted from DCE$UAF Explanation:C Principal successfully deleted from DCE$UAF as part of> larger delete operation. Message is displayed only if /INFORM) is specified on the EXPORT command line. User Action: None.2 EXP_DISUSER  remains DISUSER-ed Explanation: < OpenVMS account for was successfully created but could not enable the account. User Action: > Manually remove the DISUSER flag using the AUTHORIZE utility.2 EXP_ERRACCEXC 'error accessing DCE EXPORT exclude file Explanation: * Could not access DCE EXPORT exclude file. User Action: 2 Note accompanying error message for more details.2 EXP_ERRADDEXC 1error adding principal to DCE EXPORT exclude file Explanation: 4 Could not add principal to DCE EXPORT exclude file. User Action: 2 Note accompanying error message for more details.2 EXP_ERRADDUAF&error adding principal to DCE$UAF file  Explanation: . Could not add principal name to DCE$UAF file. User Action: 2 Note accompanying error message for more details.2 EXP_ERRCRACC -error creating OpenVMS account for  Explanation: 4 Could not create an OpenVMS account for . User Action: 1 See accompanying error message for more details.2 EXP_ERRCRDCEUAF %error creating DCE authorization file Explanation: 9 An error occurred while attempting to create the DCE$UAF file. User Action: & See accompanying message for details.2 EXP_ERRCREUAF Ferror creating OpenVMS account for - see following messages  Explanation: 5 Could not create the OpenVMS account for . User Action: 3 Note accompanying error messages for more details.2 EXP_ERRDCEUAF &error accessing DCE authorization file Explanation: 2 An error occurred while attempting to access the  DCE$UAF file. User Action: & See accompanying message for details.; 2 EXP_ERRDELEXC 5error deleting principal from DCE EXPORT exclude file Explanation: 9 Could not delete principal from DCE EXPORT exclude file. User Action: 2 Note accompanying error message for more details.2 EXP_ERRDELUAF *error deleting principal from DCE$UAF file Explanation: . Could not delete principal from DCE$UAF file.  User Action: 2 Note accompanying error message for more details.2 EXP_ERRENAUSR error enabling user  Explanation: 9 Could not remove DISUSER flag from 's account. User Action: 6 Manually remove the flag using the AUTHORIZE utility.2 EXP_ERRQUOTA Jerror assigning disk quota to username - see following messages Explanation: 2 Error(s) occurred while attempting to set up disk quota for  User Action: * Note the messages following this message.2 EXP_ERRSETPW %error setting password for  Explanation: / Could not set password for OpenVMS . User Action: 3 Manually set password using the AUTHORIZE utility.2 EXP_ERRSPAWN error spawning subprocess Explanation: 2 Error spawning subprocess with the SPAWN command. User Action: ? Check user runtime configuration. Refer to appropriate OpenVMS documentation for more details.2 EXP_ERRSYSUAF error accessing SYSUAF file Explanation: " Could not access the SYSUAF file. User Action: 2 Note accompanying error message for more details.2 EXP_ERRUAFGET  error getting SYSUAF information Explanation: 0 Error accessing information in the SYSUAF file. User Action: 6 Note accompanying error message for more information.2 EXP_EXCADD 6principal added to DCE EXPORT exclude list Explanation:< Principal successfully added to the DCE EXPORT  exclude list. User Action: None.2 EXP_EXCDEL :principal removed from DCE EXPORT exclude list Explanation:5 Principal successfully deleted from the  DCE EXPORT exclude list. User Action: None.2 EXP_EXCLUDED 4principal has been excluded from OpenVMS Explanation: = Unable to export because it is on the DCE EXPORT< exclude list. This message is displayed only if /INFORM is & specified on the EXPORT command line. User Action: B If incorrectly excluded, use DELETE/EXCLUDE to remove it from the& DCE EXPORT exclude list and reexport.2 EXP_GRPUICFULL *no member UIC available in specified group Explanation: 2 No more members available in the specified group. User Action: # Use another group UIC if possible.2 EXP_INDCEUAF (principal already in DCE$UAF Explanation: : Could not add already existing principal name to DCE$UAF. User Action:  None.2 EXP_INEXCLUDE 8principal already in DCE EXPORT exclude file Explanation: > An attempt was made to add an already existing princi*pal name to the DCE EXPORT exclude file. User Action:  None.2 EXP_INITERROR initialization error Explanation: 2 Error during initialization phase for DCE EXPORT. User Action: 2 Note accompanying error message for more details.2 EXP_INITWAIT initializing..... Explanation: $ DCE EXPORT in initialization phase. User Action:  None.2 EXP_INPREQ input required! Explanation: # Input not entered where mandatory. User Action:   Provide input.2 EXP_INTERROR internal error Explanation:  Internal error in DCE EXPORT. User Action: > Note accompanying error message for more details or submit a Quality Assurance Report (QAR).2 EXP_INTINPDEV #internal error opening input device Explanation:  Error accessing SYS$INPUT. User Action: ? Check user runtime configuration. Refer to appropriate OpenVMS$ documentation for more information.2 EXP_INVGRPUIC invalid group UIC Explanation: 8 Group UIC entered is invalid (format if value, name if identifier). User Action:  Enter valid group UIC.2 EXP_INVMEMUIC invalid member UIC Explanation: 9 Member UIC entered is out of range or of invalid format. User Action:  Enter valid member UIC. 2 EXP_INVMS 1principal already exported to OpenVMS Explanation:  < A record for already exists in the DCE$UAF file. indicating that is has already been exported. User Action:  None.2 EXP_INVPASSWD (password validation failed. Please retry Explanation: < Password validation failed while entering password for the  OpenVMS account to be created. User Action:  Enter valid password.2 EXP_INVPWDLENBpassword length must be between and characters Explanation:8 The user specified password for the OpenVMS account is outside of the defined range. User Action:> Specify a password of length between and .2 EXP_NAMEINUSE COpenVMS username already mapped to another DCE principal Explanation: > OpenVMS username specified is already associated with another# DCE principal in the DCE$UAF file. User Action: @ Specify a username that is not associated with a DCE principal.A Use the DCE$UAF utility to search the DCE$UAF file for usernames$ and associated DCE principal names.2 EXP_NODCEUAF%unable to open DCE authorization fil# e Explanation: - Error occurred while attempting to open the  DCE$UAF file. User Action: & See accompanying message for details.2 EXP_NOEXCUSR no excluded users Explanation: ; No principal names listed in the DCE EXPORT exclude file.  User Action:  None.2 EXP_NOSCHUSR (no principal in DCE registry Explanation: B Principal requested for export does not exist in the  DCE registry. User Action: @ Use valid! DCE principal name. Use the DCE tool RGY_EDIT to view DCE principal names.2 EXP_NOSUCHEXC ,no such principal in DCE EXPORT exclude file Explanation: ? Requested principal does not exist in DCE EXPORT exclude file. User Action: ; Use the SHOW/EXCLUDE command to list names in the exclude  file.2 EXP_NOSUCHPR no DCE account  Explanation: ; An attempt was made to export a nonexistent DCE principal. User Action: > Specify a valid DCE princip"al name. Use the DCE tool RGY_EDIT to view the DCE principals.2 EXP_NOTINEXC 4principal not in DCE EXPORT exclude file Explanation: : An attempt was made to access a nonexistent record in the DCE EXPORT file. User Action:: Use SHOW/EXCLUDE to see the contents of the exclude file.2 EXP_NOVMSUSR no OpenVMS user  Explanation: < A nonexistent OpenVMS username was specified with the /LIKE qualifier. User Action:  " Specify a valid# OpenVMS username.2 EXP_NXTMEMUIC 'error finding next available member UIC Explanation: : Could not find the next available member UIC in the group specified. User Action: 6 Note the accompanying error message for more details.2 EXP_OUTOPNERR error opening alternate output Explanation: = Could not access file name specified with /OUTPUT qualifier. User Action: 2 Note accompanying error message for more details.2 EXP_SEEFILE 'see file for error messages Explanation: . Error(s) occurred while creating the OpenVMS 4 account but EXPORT was unable to display the error ; messages. The user is asked to read the file  for the error messages. User Action: . Read the file for error messages.2 EXP_TIMERR DCE time configuration error Explanation: 3 Time configuration is incorrect on the DCE system. User Action: 4 Refer to the Troubleshooting chapter in the Dig!%ital5 DCE for OpenVMS VAX and OpenVMS Alpha Product Guide.2 EXP_TOOLONGinput for too long Explanation: < Value of is longer than expected maximum size of value. User Action: 3 Enter a value that is within the valid size range.2 EXP_USERERR  error getting input from user Explanation:  User entered invalid input. User Action:  Enter valid input.wwȧ1 ADD;Adds DCE principal names. The ADD command& can only be usedwith the following qualifier:G o ADD/EXCLUDE Adds a DCE principal name to the EXPORT exclude, list (see /EXCLUDE). 2 /EXCLUDE5Adds a DCE principal name to the EXPORT exclude list. Format: ADD/EXCLUDE PRINCIPAL 3 Parameters principal= Specifies the DCE principal name to be added to the EXPORT exclude list.7 If the principal name contains lowercase characters,: spaces, or other special characters', enclose the entire string in quotes.wwȧ 1 DELETEADeletes DCE principal names. The DELETE command can only be usedwith the following qualifier:E o DELETE/EXCLUDE Deletes a DCE principal name from the EXPORT 4 exclude list (see /EXCLUDE). 2 /EXCLUDE:Deletes a DCE principal name from the EXPORT exclude list. Format: DELETE/EXCLUDE PRINCIPAL 3 Parameters principal: Specifies the DCE principal nam(e to be deleted from the EXPORT exclude list.7 If the principal name contains lowercase characters,: spaces, or other special characters, enclose the entire string is quotes.wwAȧ1 EXIT5Exits the EXPORT utility. You can also exit EXPORT bypressing the Ctrl/Z key. Format: EXITwwAȧ 1 EXPORT6The EXPORT command is used to create OpenVMS accounts :in the OpenVMS system authorization file (SYSUAF) based on&existing a)ccounts in the DCE registry. Format: EXPORT DCE-ACCOUNT-NAME& Qualifiers Defaults' /[NO]ADD_IDENTIFIERS /ADD_IDENTIFIERS /[NO]CONFIRM ( /DCE_LOGIN=(keyword=value[,...])( /[NO]EXCLUDE /NOEXCLUDE% /[NO]INFORM /INFORM* /[NO]INTERACTIVE /INTERACTIVE1 /OUTPUT[=output] /OUTPUT=SYS$OUTPUT:& /[NO]RECAP /NORECAP* /[NO]TEST_ONLY /NOTEST_ONLY# */[NO]WILD /WILD& Data Qualifiers Defaults5 /[NO]ACCOUNT=account /ACCOUNT=dce-group-name6 /DEVICE=device Taken from /LIKE account5 /DIRECTORY=directory /DIRECTORY=vms-username /GROUP_UIC=group_uic + /LIKE=vms-account /LIKE=DEFAULT> /MEMBER_UIC=member_uic Next available within UIC group7 /[NO]OWNER=owner /OWNER=dce-principal-name" /PASSWORD=passwd None) /[NO]QUOTA=n + /QUOTA=1000: /USERNAME=username /USERNAME=dce-principal-name 2 Parametersdce-account-name6 Specifies the name of the DCE account that is to be7 exported. If the DCE account name contains lowercase7 characters, spaces or other special characters then  enclose the name in quotes.; If an asterisk is specified in place of the dce-account-9 name then all accounts from the registry are selected. 2 Qualifiers/CONFIRM /CONFIRM /NOCONFI,RM< Controls whether the EXPORT command asks for confirmation' before creating the OpenVMS account.A In interactive mode the default is /CONFIRM. In noninteractive" mode the default is /NOCONFIRM. /DCE_LOGIN=(keyword=value[,...])& /DCE_LOGIN=(keyword=value[,...])C Provides DCE account details for accounts that are authorized toE read pricipals and accounts from the DCE registry. Valid keywords . for the DCE_LOGIN qualifier are as follows: Keyword -DescriptionI PRINCIPAL The principal name to be used for authentication ) purposes when reading accounts and/or $ principals from the DCE registry.D If you do not specify a principal with this 4 qualifier you are prompted for one interactively.C PASSWORD The password associated with the principal 4 name that was specified by the PRINCIPAL keyword.C If you do not specify a password with this 4 quali .fier you are prompted for one interactively.E If you do not specify a principal or password with this qualifier,H you are prompted for them interactively, regardless of whether or not9 you are running in interactive mode. This informationF need be entered only once per session, on the first EXPORT command.I Subsequent EXPORT commands within the same session do not require that# you to reenter this information.E If you are an interactive user and you do not specify the P/ASSWORDD keyword, EXPORT prompts you for your password. The advantage in K this is the password is not echoed and therefore does not appear on your terminal. /EXCLUDE /EXCLUDE /NOEXCLUDE (default)= Determines whether the DCE account is exported to OpenVMS.B If the DCE account is not exported, the OpenVMS account is not E created and an entry is created in the EXPORT exclude file for the specified DCE account. /INFORM /INFORM (defau0lt) /NOINFORM <Determines whether the user is informed of DCE accounts thatAwould have been selected for export, but are not selected. (The Ereasons that accounts are not selected for export are that they have Galready been exported (for example, they have an entry in the DCE$UAF) /or that they exist in the EXPORT exclude file.)/INTERACTIVE (default) /INTERACTIVE (default) /NOINTERACTIVE> Controls whether an interactive or noninteractive export is per 1formed. E In interactive mode, a series of questions is asked and the user'sI responses are used to determine the account details. This mode is well suited to interactive users. M In noninteractive mode, all input is supplied through the data qualifiers,H and any missing or conflicting data causes the OpenVMS account to notB be created. This mode is well suited to command files and batch jobs. @ Data qualifiers can be specified in interactive mode. In thisG case 2the data they provide is used to provide the default answers to: the relevant questions. All questions are still asked. /OUTPUT[=output] /OUTPUT[=output]6 Defines where all program output should be written. The default is SYS$OUTPUT:./RECAP /RECAP /NORECAP (default)F If /RECAP is specified details of the OpenVMS account are displayedE before it is actually created. When /CONFIRM is also specified theD account details are displayed immediately3 before the confirmation request. /TEST_ONLY /TEST_ONLY /NOTEST_ONLY (default)I If /TEST_ONLY is specified, OpenVMS accounts, identifiers, and DCE$UAFC entries are not created. All other functions operate normally. /WILD  /WILD (default) /NOWILDH Specifies whether or not standard VMS wildcarding is to be applied toH dce-account-name. The default is /WILD which means a dce-account-nameG of "SM*" is interpreted as meaning "export any ac4count starting SM".C If /NOWILD is specified the dce-account-name "SM*" is exported. 2 Data_Qualifiers/ACCOUNT=account /ACCOUNT=account (default) [NO]ACCOUNTA Specifies the account string for the OpenVMS account (same as I /ACCOUNT in AUTHORIZE). The account is a string of 1 to 8 alphanumeric characters. D If this qualifier is not specified, the DCE account's group name 4 is used (truncated to 8 characters if necessary).; If no account fie5ld is required then specify /NOACCOUNT./DEVICE=device /DEVICE=device6 Specifies the name of the OpenVMS account's default: device at login. The device-name is a string of 1 to 31: alphanumeric characters. If you omit the colon from the8 device-name value, a colon is automatically appended.7 The default device is copy the device field from the, account specified by the /LIKE qualifier./DIRECTORY=directory /DIRECTORY=directoryF Specifies the default6 directory name for the DIRECTORY field of theH OpenVMS SYSUAF record. The directory name can be 1 to 63 alphanumericD characters. If you do not enclose the directory name in brackets,% EXPORT adds the brackets for you. I The default directory name is [username] where username is the OpenVMS account's username. /GROUP_UIC=group_uic /GROUP_UIC=group_uic6 Specifies the group part of the UIC for the OpenVMS2 account. GROUP_UIC can be specified as an octal: gro 7up UIC code or as an existing group UIC identifier. 6 If specified as an octal number, it must be in the  range 1 to 37776 (octal).8 The default is to take the OpenVMS account's ACCOUNT @ field, convert it to uppercase, and interpret this as a group< UIC identifier. If such an identifier does not exist then; a similar translation is attempted for the DCE account's7 group name. If neither identifiers exist, the group < UIC is derived from the OpenVMS account specified by th8e  /LIKE qualifier./LIKE=vms-account /LIKE=vms-account; Specifies an existing OpenVMS account that is to be used6 as the basis for the OpenVMS account that is being C created. Any fields not specified on the EXPORT command line, as; well as all quotas, privileges, etc, are inherited from  the /LIKE account.2 The default is DEFAULT (as it is in AUTHORIZE). /MEMBER_UIC=member_uic /MEMBER_UIC=member_uic7 Specifies the member part of the 9UIC for the OpenVMS7 account. MEMBER_UIC should be specified as an octal / number within the range 0 to 177776 (octal).8 The default is to use the first available member UIC C within the group UIC (as specified by /GROUP_UIC). For example, > if the selected group is 150 and that group has members 1, 9 2, 5 and 6 already defined, then the new uic would be [150,3]./OWNER=owner (default) /OWNER=owner (default) /NOOWNER; Specifies the owner string fo:r the OpenVMS account (same< as /OWNER in AUTHORIZE). The owner is a string of 1 to 31 characters.C If this qualifier is not specified, the DCE account's principal : name is used (truncated to 31 characters if necessary).4 If no owner field is required, specify /NOOWNER. /PASSWORD=passwd /PASSWORD=passwd< Specifies the password for the OpenVMS account. Passwords2 contain from 0 to 32 characters and can include: alphanumeric characters, dollar signs, and un;derscores.$ Passwords are not case-sensitive.3 If you do not specify a password, the account is, created without a valid OpenVMS password. /QUOTA=quota  /QUOTA=quota (default) /NOQUOTA7 Specifies the disk quota for the device specified by9 /DEVICE to be given to the OpenVMS account (if quotas  are enabled on that volume).8 The default is 1000 blocks. If quotas are not enabled8 on the device specified by /DEVICE, or if /NOQUOTA is% specified, th<en no quota is given./USERNAME=username /USERNAME=username6 Specifies the username for the OpenVMS account. The: username is a string of 1 to 12 alphanumeric characters and can contain underscores.G If this qualifier is not specified, the DCE account's principal name7 is used (truncated to 12 characters and uppercased).wwȧ1 SHOW?Displays DCE principal names. The SHOW command can only be usedwith the following qualifier:C o =SHOW/EXCLUDE Displays DCE principal names in the EXPORT  exclude list (see /EXCLUDE). 2 /EXCLUDE8Displays DCE principal names in the EXPORT exclude list. Format: SHOW/EXCLUDE [PRINCIPAL]& Qualifiers Defaults /ALL1 /OUTPUT=output /OUTPUT=SYS$OUTPUT: 3 Parameters principal: Specifies the name of the DCE principal to be displayed: from the EXPORT exclude list. Full OpenVMS wildcarding  is allowed.7 I>f the principal name contains lowercase characters,: spaces, or other special characters, enclose the entire string is quotes.C If /ALL is on the command line, do not specify a principal name. 3 Qualifiers/ALL /ALL6 Specifies that all EXPORT exclude entries are to be; displayed. If you do not specify principal, then /ALL is assumed./OUTPUT=output /OUTPUT=output* Determines where the output is written. The default is SYS$OUTPUT:.ww