CONTENTS Title Page Copyright Page Preface 1 Introduction 1.1 Who Should Use This Manual? 1.2 System Management Concepts and Terms 2 Starting Up the System 2.1 Starting Up Your System for the First Time 2.2 Booting the System 2.3 Logging In to the New System 2.4 Startup Command Procedure for Your Site (SYSTARTUP_V5.COM) 2.4.1 Mounting Public Disks 2.4.2 Setting Device Characteristics 2.4.3 Printers and Batch Processing: Starting Queues 2.4.4 Installing Known Images 2.4.5 Starting Up the DECnet Network 2.4.6 Running the System Dump Analyzer 2.4.7 Purging the Operator's Log File 2.4.8 Submitting Batch Jobs That Are Run at Startup Time 2.4.9 Defining the Number of Interactive Users 2.4.10 Starting Up the LAT Network 2.4.11 Creating Systemwide Announcements 2.5 Defining a System Login Command Procedure 2.5.1 Sample System Login Command Procedure 2.6 Backing Up the System 2.7 Building and Copying a VMS System Disk 2.8 System Startup Procedures 2.8.1 Startup Command Procedure for the System (STARTUP.COM) 2.8.2 Setting Up Logical Names for Your Site (SYLOGICALS.COM) 2.9 Emergency Startup Procedures 2.9.1 Bypassing the User Authorization File 2.9.2 Emergency Startup After Modifying System Parameters 2.9.3 Bypassing Startup and Login Procedures 2.9.4 Startup Problems 2.10 Shutdown Procedures 2.10.1 Orderly Shutdown 2.10.2 Emergency Shutdown 2.11 Summary 3 Installing Software 3.1 Preparing Your System for VMSINSTAL 3.1.1 Starting the VMSINSTAL Procedure 3.1.1.1 Selecting a Product-List 3.1.1.2 Selecting the Source 3.1.1.3 Selecting Options 3.1.1.4 Selecting the Destination 3.1.1.5 Qualifying the BACKUP Command 3.1.2 When the Installation Is Complete 3.1.3 Choosing VMSINSTAL Options 3.1.3.1 Auto-Answer ( A ) 3.1.3.2 Alternate Working Device (AWD) 3.1.3.3 Get Save Set ( G ) 3.1.3.4 File Log ( L ) 3.1.3.5 Release Notes ( N ) 3.1.3.6 Alternate Root ( R ) 3.1.4 Recovering from a System Failure 3.2 Summary 4 Managing Users 4.1 The User Authorization File (UAF) 4.1.1 System-Supplied UAF Records 4.1.2 General Maintenance of the UAF 4.2 Adding a User Account 4.3 Setting Up an Automatic Login Account 4.4 Modifying a User Account 4.5 Listing User Accounts 4.6 Deleting a User Account 4.7 System Management and MAIL 4.8 Summary 5 Performing Batch and Print Operations 5.1 Generic Queues and Execution Queues 5.2 Autostart Queues 5.3 Creating Queues 5.4 Starting Queues 5.5 Maintaining Batch and Print Queues 5.6 Monitoring Jobs 5.6.1 Deleting a Job 5.6.2 Retaining Jobs in a Queue 5.6.3 Modifying Job Processing Attributes 5.6.3.1 Holding and Releasing a Job 5.6.3.2 Requeuing a Job 5.6.3.3 Changing the Scheduling Priority of a Job 5.7 Summary 6 Setting Up and Maintaining a Network 6.1 Getting Started with Networks 6.2 Joining a Network 6.2.1 Preparing Your VMS System for the Network Environment 6.2.2 Using DECnet-VAX on Your System 6.2.3 Configuring the Network Environment 6.2.3.1 Modifying Default Access for an Existing Network 6.2.3.2 Establishing Asynchronous DECnet Connections to Other Systems 6.2.3.3 Starting the DECnet-VAX Software 6.2.3.4 DECnet-VAX on Workstations Not Connected to a Network 6.2.3.5 Shutting Down and Restarting the Network 6.2.3.6 Using NCP to Create and Tailor the Configuration Database 6.2.3.7 Providing Security for Your DECnet-VAX Node 6.3 Keeping the Network Running 6.3.1 Monitoring the Network 6.3.1.1 Using NCP to Display Information About Network Components 6.3.1.2 Using NCP Counters 6.3.1.3 Using DECnet Event Logging 6.3.2 Common Problems Encountered on the Network 6.3.2.1 Common Error Messages and Meanings 6.3.2.2 Problems Related to Network Operation 6.3.2.3 Asynchronous Connection Problems 6.4 Summary 7 Setting Up a Local Area VAXcluster Environment 7.1 What Is a Cluster? 7.1.1 VAXcluster Types 7.2 Shared Resources 7.3 Preparing a System for a Local Area VAXcluster Environment 7.3.1 Building a VAXcluster Configuration 7.3.1.1 Setting Up the Boot Server 7.3.1.2 Adding Satellite Nodes 7.4 DECnet-VAX Connections 7.5 Clusterwide Tasks Using SYSMAN 7.5.1 Setting a Clusterwide Environment 7.5.2 Executing Commands on a Cluster 7.6 Summary 8 Backing Up and Restoring Files 8.1 Making Backup Copies of Files 8.1.1 Image (Full) and Incremental Backups 8.1.2 Save Sets 8.1.3 Using the BACKUP Command to Save Files 8.1.4 Making Image Backups of a Disk 8.1.5 Making Incremental Backups of a Disk 8.1.6 Using Command Procedures for Backups 8.1.6.1 Command Procedure for Nightly Image Backup 8.1.6.2 Command Procedure for Nightly Incremental Backup 8.1.6.3 Interactive Command Procedure for Backups 8.2 Preparing Your System for Efficient Backups 8.3 Restoring Files from Backup Copies 8.3.1 Restoring All of the Files on a Disk 8.3.1.1 Restoring Files from an Image Backup 8.3.1.2 Restoring Files from an Incremental Backup 8.3.2 Restoring an Individual Directory Structure 8.3.3 Restoring an Individual File 8.3.4 Listing the Contents of a Save Set 8.4 Standalone Backup 8.5 Obtaining Information About BACKUP Operations 8.6 Backup and Magnetic Tape 8.6.1 Automatic Tape Unloading 8.6.2 Tape Label Processing 8.6.3 Assigning Volume Labels to Magnetic Tapes 8.7 Summary 9 Maintaining Acceptable System Performance 9.1 Knowing Your Work Load 9.1.1 Using the Monitor Utility (MONITOR) 9.1.2 Using the Accounting Utility (ACCOUNTING) 9.1.3 Managing Work Load 9.1.4 Distributing Work Load 9.1.5 Installing Known Images 9.1.6 Tuning a System 9.1.7 Predicting When Tuning Is Required 9.1.8 Evaluating Tuning Success 9.1.9 Performance Options 9.2 Summary 10 Operator Tasks 10.1 Performing Backups 10.2 Maintaining System Log Files 10.2.1 The System Dump File 10.2.2 The Error Log File 10.2.3 The Operator Log File 10.2.3.1 Types of OPCOM Messages 10.2.3.2 Maintaining the Operator Log File 10.2.3.3 Printing the Operator Log File 10.2.3.4 Restarting OPCOM 10.2.4 The Accounting Log File 10.2.4.1 Accounting Records 10.2.4.2 Accounting Report Formats 10.3 Summary 11 System Security Issues 11.1 Types of Computer Security Problems 11.1.1 User Irresponsibility 11.1.2 User Probing 11.1.3 User Penetration 11.2 Levels of Security Requirements 11.3 The Secure System Environment 11.4 Managing Passwords 11.4.1 Initial Passwords 11.4.2 System Passwords 11.4.3 Primary and Secondary Passwords 11.4.4 Enforcing Minimum Password Standards 11.4.5 Requiring the Password Generator 11.4.6 Protecting Passwords 11.5 Controlling Break-In Detection 11.5.1 Controlling the Number of Retries on Dialups 11.5.2 Controlling Break-In Detection and Evasion 11.5.3 Displaying the Break-In Database 11.6 Protecting Files and Directories with ACLs 11.6.1 Creating and Maintaining ACLs 11.6.2 Identifiers 11.6.3 Access Control List Entries 11.6.4 Summary of ACLs 11.7 Creating a Project Account 11.8 Security Auditing 11.8.1 Enabling Classes of Security Alarms 11.8.2 Enabling Alarm Messages 11.9 The Audit Analysis Utility-A Security Auditing Tool 11.10 ANALYZE/AUDIT Command Line Format 11.11 ANALYZE/AUDIT Output 11.12 Using ANALYZE/AUDIT 11.12.1 Recognizing Common System Events 11.12.2 Performing a Periodic Audit Analysis 11.12.3 Performing a Detailed Analysis of a Security Audit Log File 11.12.4 Using Interactive Mode Commands 11.13 Summary ACCOUNTING UTILITY ACCOUNTING QUALIFIERS /ACCOUNT /ADDRESS /BEFORE /BINARY /BRIEF /ENTRY /FULL /IDENT /IMAGE /JOB /LOG /NODE /OUTPUT /OWNER /PRIORITY /PROCESS /QUEUE /REJECTED /REMOTE_ID /REPORT /SINCE /SORT /STATUS /SUMMARY /TERMINAL /TITLE /TYPE /UIC /USER AUDIT ANALYSIS UTILITY ANALYZE/AUDIT QUALIFIERS /BEFORE /BINARY /BRIEF /EVENT_TYPE /FULL /IGNORE /INTERACTIVE /OUTPUT /PAUSE /SELECT /SINCE /SUMMARY ANALYZE/AUDIT INTERACTIVE MODE COMMANDS CONTINUE DISPLAY EXIT HELP LIST NEXT FILE NEXT RECORD POSITION SHOW ANALYZE/DISK_STRUCTURE UTILITY ANALYZE/DISK_STRUCTURE QUALIFIERS /[NO]CONFIRM /[NO]LIST[=filespec] /[NO]READ_CHECK /[NO]REPAIR /USAGE[=filespec] AUTHORIZE UTILITY AUTHORIZE COMMANDS ADD ADD/IDENTIFIER ADD/PROXY COPY CREATE/PROXY CREATE/RIGHTS DEFAULT EXIT GRANT/IDENTIFIER HELP LIST LIST/IDENTIFIER LIST/PROXY LIST/RIGHTS MODIFY MODIFY/IDENTIFIER MODIFY/PROXY MODIFY/SYSTEM_PASSWORD REMOVE REMOVE/IDENTIFIER REMOVE/PROXY RENAME RENAME/IDENTIFIER REVOKE/IDENTIFIER SHOW SHOW/IDENTIFIER SHOW/PROXY SHOW/RIGHTS BACKUP UTILITY BACKUP QUALIFIERS /ASSIST /BACKUP /BEFORE /BLOCK_SIZE /BRIEF /BUFFER_COUNT /BY_OWNER /BY_OWNER /BY_OWNER /COMMENT /COMPARE /CONFIRM /CRC /CRC /CREATED /DELETE /DENSITY /EXCLUDE /EXPIRED /FAST /FULL /GROUP_SIZE /IGNORE=option /IMAGE /INCREMENTAL /INITIALIZE /INTERCHANGE /JOURNAL /LABEL /LIST /LOG /MEDIA_FORMAT=[NO]COMPACTION /MODIFIED /NEW_VERSION /OVERLAY /OWNER_UIC /OWNER_UIC /OWNER_UIC /PHYSICAL /PROTECTION /RECORD /RELEASE_TAPE /REPLACE /REWIND /REWIND /SAVE_SET /SAVE_SET /SELECT /SINCE /TAPE_EXPIRATION /TRUNCATE /VERIFY /VOLUME BAD BLOCK LOCATOR UTILITY BAD BLOCK LOCATOR QUALIFIERS /BAD_BLOCKS /EXERCISE /LOG /OUTPUT /RETRY /SHOW ERROR LOG UTILITY ERROR LOG QUALIFIERS /BEFORE /BINARY /BRIEF /ENTRY /EXCLUDE /FULL /INCLUDE /LOG /NODE /OUTPUT /REGISTER_DUMP /REJECTED /SID_REGISTER /SINCE /STATISTICS /SUMMARY EXCHANGE UTILITY EXCHANGE COMMANDS COPY DELETE DIRECTORY DISMOUNT EXIT HELP INITIALIZE MOUNT RENAME SHOW TYPE INSTALL UTILITY INSTALL COMMANDS ADD CREATE DELETE EXIT HELP LIST PURGE REMOVE REPLACE LAT CONTROL PROGRAM UTILITY LATCP COMMANDS ATTACH CREATE LINK CREATE PORT CREATE SERVICE DEFINE/KEY DELETE LINK DELETE PORT DELETE SERVICE EXIT HELP RECALL REFRESH SET LINK SET NODE SET PORT SET SERVICE SHOW LINK SHOW NODE SHOW PORT SHOW SERVICE SPAWN ZERO COUNTERS MOUNT UTILITY MOUNT QUALIFIERS /ACCESSED /ASSIST /AUTOMATIC /BIND /BLOCKSIZE /CACHE /CLUSTER /COMMENT /CONFIRM /COPY /DATA_CHECK /DENSITY /EXTENSION /FOREIGN /GROUP /HDR3 /INCLUDE /INITIALIZE=CONTINUATION /LABEL /MEDIA_FORMAT=[NO]COMPACTION /MESSAGE /MOUNT_VERIFICATION /MULTI_VOLUME /OVERRIDE /OWNER_UIC /PROCESSOR /PROTECTION /QUOTA /REBUILD /RECORDSIZE=n /SHADOW /SHARE /SYSTEM /UNLOAD /WINDOWS /WRITE NCP UTILITY NCP COMMANDS COPY KNOWN NODES SET/DEFINE CIRCUIT SET/DEFINE EXECUTOR SET/DEFINE LINE SET/DEFINE NODE SET/DEFINE OBJECT SHOW/LIST CIRCUIT SHOW/LIST EXECUTOR SHOW/LIST LINE SHOW/LIST NODE SHOW/LIST OBJECT SYSTEM GENERATION UTILITY SYSGEN COMMANDS AUTOCONFIGURE CONFIGURE CONNECT/ADAPTER=adapter-spec CONNECT/NOADAPTER CONNECT CONSOLE CREATE DEINSTALL DISABLE CHECKS ENABLE CHECKS EXIT HELP INSTALL LOAD MSCP RELOAD SET/OUTPUT SET parameter-name SET/STARTUP SHARE SHARE/INITIALIZE SHOW/ADAPTER SHOW/CONFIGURATION SHOW/DEVICE=device-driver SHOW/DRIVER=device-driver SHOW [parameter] SHOW/STARTUP SHOW/UNIBUS TERMINAL/ECHO USE WRITE SUPPLEMENTAL SYSGEN INFORMATION SYSMAN UTILITY SYSMAN COMMANDS @ (Execute Procedure) ALF ADD ALF REMOVE ALF SHOW ATTACH CONFIGURATION SET CLUSTER_AUTHORIZATION CONFIGURATION SET TIME CONFIGURATION SHOW CLUSTER_AUTHORIZATION CONFIGURATION SHOW TIME DEFINE DISKQUOTA ADD DISKQUOTA CREATE DISKQUOTA DELETE DISKQUOTA DISABLE DISKQUOTA ENABLE DISKQUOTA MODIFY DISKQUOTA REBUILD DISKQUOTA REMOVE DISKQUOTA SHOW DO EXIT HELP LICENSE LOAD LICENSE UNLOAD PARAMETERS DISABLE CHECKS PARAMETERS ENABLE CHECKS PARAMETERS SET PARAMETERS SHOW PARAMETERS USE PARAMETERS WRITE SET ENVIRONMENT SET PROFILE SET TIMEOUT SHOW ENVIRONMENT SHOW KEY SHOW PROFILE SHOW TIMEOUT SPAWN STARTUP ADD STARTUP DISABLE STARTUP ENABLE STARTUP MODIFY STARTUP REMOVE STARTUP SET DATABASE STARTUP SHOW SYS_LOADABLE ADD SYS_LOADABLE REMOVE TERMINAL FALLBACK UTILITY TFU COMMANDS DIRECTORY EXIT HELP LOAD TABLE QUIT SET DEFAULT_TABLE SET LIBRARY SET TERMINAL/FALLBACK SHOW DEFAULT_TABLE SHOW LIBRARY SHOW STATISTICS SHOW TABLES SHOW TERMINAL /FALLBACK UNLOAD TABLE EXAMPLES 2-1 Orderly System Shutdown with SHUTDOWN.COM 2-2 Emergency Shutdown Using OPCCRASH 4-1 Sample UAF Record Display 4-2 Command Procedure Template for Deleting an Account's Files 6-1 Sample NETCONFIG.COM Dialogue 10-1 Sample Operator Log File (SYS$MANAGER:OPERATOR.LOG) 11-1 Sample Brief Listing 11-2 Sample Full Listing 11-3 Sample Summary Output 11-4 Spotting Suspicious Activity in the Audit Report 11-5 An Example of a Full Format Audit Report 11-6 Entering Interactive Command Mode FIGURES 6-1 DECnet-VAX Software Design as Based on DNA Layers TABLES 4-1 MAIL User Profile Record 5-1 Queue Management Commands 6-1 DECnet Event Classes 7-1 Installation Questions for Local Area VAXcluster Configurations 8-1 Recommended Process Quotas for Efficient Backups 8-2 Sample Process Quotas for Efficient Backups 11-1 Event Tolerance as a Measure of Security Requirements 11-2 System Files Benefiting from ACL-Based File Access Auditing LAT-1 Counters Common to CSMA/CD and FDDI Links LAT-2 Receive Errors Common to CSMA/CD and FDDI Links LAT-3 Transmit Errors Common to CSMA/CD and FDDI Links LAT-4 CSMA/CD Counters LAT-5 FDDI Counters LAT-6 LAT Node Counters NCP-1 Object Type Codes SGN-1 Device Type Codes SGN-2 SYSGEN Device Table SM-1 Key Names in SYSMAN