The Question is:
Is it possible in VMS to restrict the login of a user account to specific
Background: the [company] has defined workareas. All workers of one workarea
uses the same vms-account. If one worker change the workarea and therefore
works in a different location he should no longer be able to login with his
old account. A workarea
has about 700 workers in 3 shift operation and it is impossible to work with
Thank you in anticipation
The Answer is :
Inferring details left unstated in the question, it appears there
is a belief that an accountability and/or security problem exists.
The OpenVMS Wizard would strongly encourage the use of individually
assigned usernames and unique UICs, as this provides for better
security and better accountability. Many OpenVMS sites operate with
numbers of entries in SYSUAF well into the tens of thousands, using
DCL procedures for basic user maintenance tasks.
Other approaches -- lacking individual accountability -- involve using
the automatic login facility (SYSALF), or the use of DCL within the
SYLOGIN that performs the necessary verification of the login source.
Some of the options include:
The SYS$REM* logical names
An OpenVMS security identifier
Alternatively, you could customize LOGINOUT to perform the processing
of the login source directly, via the available LGI callouts mechanism.
Since the current configuration presently provides no user-specific
security, the use of a null password and the automatic login facility
(SYSALF) would be entirely appropriate. Based solely on the source of
the login, the user is automatically entered into the correct username.
More complex options include approaches that do not involve logging
into the system -- the user interface is always available to the
client via web, GUI, or other approach at all times, and the user
does not particularly need to connect to the system. Whether the
application performs its own verification and/or authentication is
another discussion, and one based on local security requirements.