  *                                    PROFILE  	 Abstract: 	 ---------   I PROFILE is a FORTRAN utility which adds new accounts or modifies existing G accounts by using a screen-oriented interface that allows changes to be H made by moving the cursor to the desired field and entering the changes.H Four different screens can be displayed: main user profile, login flags,G primary and secondary days, access restrictions, and privileges. Cursor I movement is accomplished by using the arrow keys or the Unix 'hjkl' keys. K Fields can be changed in the main user profile screen by typing the "Insert K Here" or "Enter" keys to toggle edit mode. After the text has been entered, H Carriage Return or any of the arrow keys will terminate the input. LoginG flags, Primary days, and Privileges can be changed with the "Select" or K keypad "Period" keys. Normal or full privileges can be enabled with the "N" I or "A" keys. Access modes can be changed by: hitting "-" or "Remove" keys G to deny total access to an access type; hitting "+" or "Insert Here" to I allow total access to an access type; hitting "Select" or keypad "Period" K keys to selectively allow or deny access on an hourly basis. The user's top H level directory will be created, diskquota will be enabled, and a sample7 login procedure will be copied to the user's directory.   
 Installation: 
 -------------   * Compile and link using the command @BUILD.  D Copy the image PROFILE.EXE to the desired location (SYS$SYSTEM:, for* example), and define the following symbol:  *         PROFILE:==$disk:[directory]PROFILE  A and add the above to the appropriate login procedure (LOGIN.COM).   
 Operation:
 ----------  G If you profile an existing user, the information about the user will be I gathered using the system service $GETUAI and written to the screen using J SMG$ routines. If you profile a new user, the information from the DEFAULTG account template is gathered and displayed (with a few pertinent fields H already changed). You have the option at this point of selecting anotherI user to profile (by hitting Control_Z), or modifying any of the fields on E the main screen (by using the cursor keys and entering edit mode), or J selecting an alternate screen (using one of the four PF keys). A Control_ZG from one of the alternate screens will return you to the main screen. A K Control_Z from the main screen, once any changes have been made, will cause H the program to add or modify the account. You will first be prompted forH confirmation, however. If the account already exists the account will beK modified by using the system service $SETUAI. If the account is new it will J be added by spawning a quick DCL command procedure ($SETUAI cannot be usedF to add a new account) and using $SETUAI to modify the now existing newJ account. The DCL command is performed by creating a temporary command fileH and using LIB$SPAWN, without propogating symbol and logical name tables,H with the temporary command file as input. The spawn is reasonably quick,J but if you prefer to use a mailbox routine to execute the DCL command, youI may wish to consider it. Disk quota is enabled for the user (defaulted at H 1000, you may wish to change it with the /QUOTA qualifier) and top levelD directory is created by using LIB$CREATE_DIR. Lastly, a sample loginI command procedure is copied to the directory of the new user. The copy is ' performed by using the CONVERT utility.    Qualifiers:  -----------   K By default, all of the above features are enabled. However, you can disable F any of the above fields with certain qualifiers. Additionally, you canG enable previously disabled qualifiers when adding or modifying multiple 8 accounts during a PROFILE session. These qualifiers are:  9 /QUOTA=amount		- 	default value is 1000 and amount is not ' 				specifically required in this case.   5 /NOQUOTA		-	diskquota will not be added when creating  				a new account.  : /OVERDRAFT=amount	-	default value is 100 and amount is not- 				specifically required in this case. There & 				is no negative for this qualifier.  5 /NOMAIL			-	mail notification will not be sent to the 
 				new user.   1 /MAIL			-	mail, in the form of a welcome message, - 				will be sent to the new user. This is the  				default setting.  9 /NODIRECTORY		-	directory will not be created for the new ' 				user. Can be abbreviated to /NODIR.   / /DIRECTORY		-	directory will be created. Can be , 				abbreviated to /DIR. This is the default 				setting.  ? /NOADD_IDENTIFIER	-	do not add account identifier when creating ( 				a new account. Can be abbreviated to 				/NOADD.   = /ADD_IDENTIFIER		-	add account identifier when creating a new - 				account. This is the default setting. Can  				be abbreviated to /ADD.   9 /NOECHO_PASSWORD	-	do not echo the password to the screen ) 				when entering a new value. Also, when ) 				this qualifier is given, the password , 				field will always say "(secret)". Can be 				abbreviated to /NOECHO.   ; /ECHO_PASSWORD		-	password will be displayed on the screen, - 				if it's a new account, and will be echoed * 				when entering a change to the password. 				field. This is the default setting. Can be 				abbreviated to /ECHO.     	 Examples: 	 ---------   5 $PROFILE DUMMY/QUOTA=5000/OVERDRAFT=200/NOECHO/NOMAIL   I Created an account called DUMMY with a quota of 5000 blocks, an overdraft K of 200 blocks, no welcome message mailed to the user, and the password will I not be displayed to the screen as you type (in case some snoop is looking  over your shoulder!).   1 PROFILE> NEWGUY/ECHO/MAIL/QUOTA=1500/OVERDRAFT=50   H After adding the DUMMY account, this command at the PROFILE> prompt willK add an account called NEWGUY and the /NOECHO and /NOMAIL features have been 2 re-enabled and the quota values have been changed.   $PROFILE OLDGUY/NOECHO  C The already existing account OLDGUY is to be modified, but the only B qualifier of any real value for an existing account is the /NOECHO6 qualifier. The others all apply to brand new accounts.  * $PROFILE FAKEID/NOQUOTA/NODIR/NOMAIL/NOADD  I Creates an account called FAKEID. This account will have no directory, no K disk quota, no mail notification (because, after all, there is no directory E to hold the mail file), and the account identifier will not be added.   ! Special behavior for some fields: ! ---------------------------------   I For the UIC field, if you enter the group number only, the next available K member number will be supplied. You can also enter group and member numbers 4 without the brackets and they will be supplied also.  N The directory field can be entered without brackets and they will be supplied.  M All string fields will be automatically converted to uppercase except for the ) owner field which will accept mixed case.   N Account expiration can be entered either as an absolute time (eg. 31-JAN-2001)4 or as a delta time (eg. 180 00:00:00 or simply 180).   Bugs:  -----   F At the moment, there is a problem with modifying an additional accountG during a single session: the security alarm will accurately reflect the K changes made to the first account, but will not be accurate with additional K accounts. This behavior will be fixed in a future release (I hope!), but in J the meantime, if you require a completely accurate account of which fieldsI have been changed for a particular account, you should exit PROFILE after H adding or modifying the first account and then run the program again forJ each additional account. If this inaccurate security audit behavior is notK important to you, then you can freely add/modify multiple accounts during a  single session of PROFILE.  P ================================================================================ John Howells howells@earth.arc.nasa.gov howells@pioneer.arc.nasa.gov