3.3.2 Access Records

The server access file contains one or more access records. Each access record is composed of four fields:

Client Machine Name: The official host name by which the client machine is identified on the TCP/IP network. On Windows, this name is found in the Host field under Control Panel => TCP/IP Properties => DNS Configuration. Under UNIX, use the "hostname" or "uname -n" command to determine the name.

Client Username: The user's login name on the client system. On Windows clients, Client Username is the value of the environment variable USERNAME. If that variable is not defined, the value of the variable USER is applied. The values assigned to these variables are case-sensitive. Be sure that the case used in the "AcuAccess" file matches the case of the value set in the variable. The literal string "USER" is applied when USER is not defined.

Local Username: The local user name that AcuConnect will use when fulfilling requests for the client user

Password: Password protection. When used, the requester must supply a password that matches this field.

Note: On Windows NT/2000, if your AcuAccess file maps any username (DEFAULT-USER or local user), and that username has a password associated with it, then you must include the password here and it must match the logon password on the server. This behavior is different than AcuServer which does not require a password for DEFAULT-USER here.

A typical server access record might look like:

Client Machine Name
Client Username
Local Username
Password
starling
bernie
bsmith
. . . . . . .

This record will allow user bernie to connect from machine starling. AcuConnect will use the local user name bsmith (Bernie's account on the file server) when executing requests for bernie. In this case, ". . . . . ." represents Bernie's local NT password which is required.

Three fields, Client Machine Name, Client Username, and Local Username, each have a wild card value that is used to indicate a general behavior.

These wild cards are:

Field name
Wild card
Meaning
Client Machine Name
*
Match all clients machines
Client Username
(empty field)
Match all client users
Local Username
same as client
Use the Client Username

When "same as client" appears in the Local Username field, certain conditions apply. Namely, if Client Username is not a valid name on the server, then DEFAULT-USER is used. In addition, if the Local Username field is blank, then DEFAULT-USER is used.

Again, if DEFAULT-USER is used to connect to AcuConnect on an NTFS partition under Windows NT or Windows 2000, be sure that DEFAULT-USER has both READ (RX) permissions on "acuthread.exe" and "acucorp.lic" and the appropriate permissions to access any file.

Note that the client user name passed by Windows clients is either the value of the environment variable USERNAME, if defined, or the value of the environment variable USER, if defined, or the literal string "USER" if neither environment variable is defined. (The values assigned to these environment variables are case-sensitive. Be sure that the case used in the "AcuAccess" file matches the case of the value set in the variable.)

For illustrative purposes, here is a set of common access records:

Client Machine Name
Client Username
Local Username
Password
support-pc

techie
<none>
warehouse-pc

<none>
president-pc
diamond
<same as client>
<none>
robin

<same as client>
<none>
starling
felice
<same as client>
<none>
starling
baxter

......
swallow
hartley
hartley
<none>
swallow

acct
<none>

These entries are interpreted as follows:

The entry for support-pc allows any user of support-pc to use AcuConnect. AcuConnect will use the local user name techie when executing requests for support-pc.

The entry for warehouse-pc allows any user of warehouse-pc to use AcuConnect. Because the Local Username field is empty, AcuConnect will use the value of DEFAULT-USER as the local user name when executing requests for warehouse-pc.

The entry for president-pc allows user diamond to access AcuConnect. For this record to match, the DOS environment variable USERNAME or USER must be defined with the value "diamond". Because the Local Username field holds "same as client", AcuConnect will attempt to use diamond as the Local Username. If diamond is not a valid local user name, the value of DEFAULT-USER will be used.

The entry for robin allows all users of robin to access AcuConnect. If the requester has an account on the server by the same name, AcuConnect will use that name; otherwise AcuConnect will use the value of DEFAULT-USER.

The first entry for starling allows user felice to access AcuConnect. AcuConnect will follow the same rules as the previous entry to assign a local user name.

The second entry for starling allows user baxter to access AcuConnect. AcuConnect will use the value of DEFAULT-USER when executing requests for baxter. baxter will need to provide a password before a connection will be established.

The first entry for swallow allows user hartley to access AcuConnect. AcuConnect will use the local user name hartley when executing requests for hartley.

The second entry for swallow allows all users of swallow to access AcuConnect. AcuConnect will use the local user name acct for all users of swallow, except hartley (or other records for swallow that explicitly name a client user).

The most permissive access record that can be created is:

Client Machine Name
Client Username
Local Username
Password
*

<same as client>
<none>

This record allows any user of any client to use AcuConnect, so long as they have an account on the server by the same name, or DEFAULT-USER is defined with a valid user name (DEFAULT-USER cannot be defined to be root). A client user running as root will be mapped to DEFAULT-USER.

Client Machine Name	Client Username	Local Username	Password
starling	bernie	bsmith	. . . . . . .

Field name	Wild card	Meaning
Client Machine Name	*	Match all clients machines
Client Username	(empty field)	Match all client users
Local Username	same as client	Use the Client Username