Operations within MOMI, such as viewing of performance information, listing volumes, files and Spooler collector status are considered non-sensitive commands. Commands of this type are executed in the context of the User ID that started $MOMI.
Commands that perform an action, such as purging a file, viewing the contents of a file or viewing the contents of a Spooler job, are considered sensitive and must be executed under the context of a User ID and Password entered at the Client.
The Security Logon / Logoff screen allows the User to enter a Guardian Group.User or Safeguard alias format and password. The information is validated, and if accepted used to execute sensitive commands.
After attempting to logon and the password is expired but has a grace period or if Change Password is pressed, additional fields are displayed to allow the user the ability to alter their password.
The MOMI server uses a password one time when the Request Logon button is pressed. A "logon server" process is created locked to an instance of the client. It is used to start additional MOMI server processes as needed to provide sensitive command processing for that instance of the client.
The MOMI server imposes the following to a logon:
CMON pre-logon message is requested
CMON logon message is requested
numeric form of User ID is not allowed (example 255,100)
If Client Access is enabled, a logon may be denied by MOMI (which means the logon is not sent to the host). Message generated by Client Access are preceded by:
Client Access DB -
The following messages may be returned by Client Access:
Client Access DB - User Record Not Found
Client Access DB - User Not Allowed to Logon To Tandem