Using a Fileshare Password File

A Fileshare Server uses its password file to verify that a client enterprise server is entitled to access its files. Although Fileshare can run without a password file, you must use one if you want to apply any security through the Fileshare Server itself. This is strongly recommended, since Fileshare has access to all the files on your system.

The Fileshare Server uses its password file only when the enterprise server makes its first attempt at access (that is, when it starts up). File-level security is controlled by MSS itself, through the resource definitions you make.

The only way to maintain a password file is through this command line:

fs -pf pwd-filename options

Depending on the options you specify, Fileshare creates, modifies, or deletes pwd-filename. You can name the password file whatever you want, but it must correspond to the name you specify with the /pf option when configuring the Fileshare Server.

The options are as follows:

/u "username"
The username used by the enterprise server to log onto the server. This must correspond to the value specified in the FS user name field in the enterprise server's SIT. The username can be up to 100 characters. The username must be quoted if it contains spaces.
/pw "password"
The enterprise server's password. This must correspond to what is specified in the FS password field in the enterprise server's SIT. The password can be up to 100 characters. The password must be quoted if it contains spaces.
/e
Erases the specified user from the password file. You must specify both the /u and /pw options on the same command line when you are using /e.

If you delete all the entries in the password file, the Fileshare server deletes it.

Note: The usernames and passwords are case-sensitive. Valid characters must be invariant under transformation from ASCII to EBCDIC, which is dependent on the code page you are using. Usernames and passwords do not support the following characters "/\-". In addition, Micro Focus does not support long usernames and passwords for MFA.

Examples

Assume no password file exists, and you want to create one with two entries. The following commands:

fs -pf fssecu.pwd -u Usr1 -pw fspass1
fs -pf fssecu.pwd -u Usr2 -pw fspass2

result in the password file fssecu.pwd being created, with entries for both Usr1 and Usr2. The Usr1/fspass1 and Usr2/fspass2 combinations must correspond to FS username and FS password fields in the enterprise server's SIT.

To put password checking into effect on a Fileshare Server called FSSERV (for example), you must use the /pf option when starting it:

fs -s fsserv -cm ccitcp -pf fssecu.pwd

To disable Usr2's access to this Fileshare Server, use the following command:

fs -pf fssecu.pwd -e -u Usr2 -pw fspass2

If you now enter this command:

fs -pf fssecu.pwd -e -u Usr1 -pw fspass1

Fileshare removes the entry for Usr1, and deletes the file fssecu.pwd.