|
|
These file formats define the layout of the two files used by the ACB application. These files will be obsolete (and removed) when the ACS application is completed and released. Both of these files are plain ASCII text files that will be located in the PICS\Config filder and may be edited with NotePad or any other text editor. You must not use a word processor on these files as the binary data structures included in word processor files will confuse and possibly crash ACB.
The name of the address map file is "Address.Map" and it must be located in the PICS\Config folder.
The address map contains a list of internal LAN IP addresses and their external WAN counterparts. Each bridge system will contain two network interfaces, one connected to the PICS LAN and one connected to the corporate WAN. All of the PICS system management functions deal with the PICS LAN addresses. This file is used to map the addresses contained within the internal data structures to their WAN counterparts, for use by WAN clients. The ACB will not pass any addresses which are not listed in the map file to WAN clients, but an address may be mapped to itself. Self remapping is intended for use with internal clients only.
The file format is as follows:
; Any blank line or line whose first character is a ; semi-colon is a comment. ; PICS LAN Corporate WAN Description/Comments 192.168.1.1 148.152.92.104 Bridge-1-A 192.168.1.2 148.152.92.105 Bridge-1-B 192.168.1.3 148.152.92.106 Bridge-2-A 192.168.1.5 148.152.92.108 Bridge-3-A 192.168.1.10 148.152.92.120 PDRS-A 192.168.1.11 148.152.92.121 PDRS-B
Any non-comment (and non-blank) lines must contain two entries (the third is optional): the PICS LAN address and the Corporate WAN address, both IP addresses must be in standard decimal notation (as shown above). Anything following the second address is considered as a comment and may be used for the node name or other descriptive information.
The verification server must be located on a node listed in the map file in order to be reported to the WAN clients. Multiple verification servers are not supported.
The authorized user database is contained in a file named "PicsUser.Dat" and located in the PICS\Config folder.
The file looks like this:
; Any blank line or line whose first character is a ; semi-colon is a comment. steve:mypassword:oper,tech,user,admin howard:hispassword:tech,disable brook:yourpassword:admin user:user:user oper:oper:oper tech:tech:tech admin:admin:admin uo:uo:user,oper to:to:tech,oper tu:tu:tech,user ao:ao:admin,oper au:au:admin,user at:at:admin,tech ato:ato:admin,tech,oper atu:atu:admin,tech,user aou:aou:admin,oper,user toa:toa:tech,oper,user atou:atou:admin,tech,oper,user
Each non-blank, non-comment line contains three fields, separated by colons. NOTE: spaces should not be included on user definition lines. The three fields are: user name, password, and access rights. The user name is not case-sensitive, however, passwords are case-sensitive. The access rights field may contain a comma separated list of rights from the following list:
Right/Flag Description user Generic user ope Operator tech Technician admin System Administrator disable Disabled account developer Developer Access - allows user to modify the task control settings used by ACC (stored in the AccTasks.INI file). change Password must be changed before further access is granted change=yyyymmdd Optional form of a password change requirement, including an expiration date upon which the password must be changed. expire=yyyymmdd Account expires on given date.
Anything which is not in the list above will be ignored. Any and/or all of the rights may be combined and they may be listed in any order. The disable right is handled differently from the others. When a user is disabled, he will not be granted any access rights and any other rights listed (valid or otherwise) will be ignored.
With the current implementation, any access rights is equivalent to all access rights, since neither the service providers nor the communications manager have been updated to enforce access control. Those things will be implemented after the ACC/ACB/ACS suite is complete.
|
|