This file contains a summary of the changes made to the sample validation
policy scripts for uid, audit_id, login_name, nw_login_name, and nt_logon.

Only the portions of the scripts that differ from the sample scripts
delivered with User Administation 3.6.1 are included.  Replacing the 
portion of the original script with the corresponding portion of the 
new script (after any local customizations are taken into account) 
should resolve any problems with validation policy that occur as a result
of installing patch 3.6.1-ADM-0007.

Note that the modified sections tend to be located toward the end of 
each script.


##### Attribute: uid

----- original script (uid) -----

### What is the count of the uid. If greater than 0 (i.e. there is already
###  an user somewhere with this UID), then fail.
##
##COUNT=`wlsids -n UID $UID | sed -e 's/^.*: //g'`
##
##if [ "$COUNT" -gt 1 ]; then
##      echo FALSE

----- end original script (uid) ---

----- new script (uid) -----

### Check for uniqueness of the UID.  First, get a count of the
### number of times the UID is reserved.  If the count is 0, then
### the ID is not in use.  If the count is greater than 0, we 
### have to check for null reservations made by wallocid.
##
##COUNT=`wlsids -n UID $USER_UID | sed -e 's/^.*: //g'`
##
##if [ "$COUNT" -gt 0 ]; then
##
##  	# Get the list of keys associated with this UID.
##  	# We also do a bit of cleanup and strip the leading "UID:" and 
##  	# all embedded commas.
##
##  	KEYLIST=`wlsids -k UID $USER_UID | sed -e 's/^.*: //g' | sed -e 's/\,//g'`;
##
##  	while [ "$KEYLIST" ]; do
##
##    		# Loop through KEYLIST and grab the last KEY, then remove the 
##                # KEY from KEYLIST before the next iteration. 
##
##		KEY=`echo $KEYLIST | sed -e 's/^.* key=\(.*\)$/\1/'` 
##    		KEYLIST=`echo $KEYLIST | sed -e 's/^\(.*\)\".*\" key=.*$/\1/'`
##
##  		# If KEY is equal to any value other than "None" then this is
## 		# not a "null" reservation -- ie, there is a user with this 
##  		# UID -- and validation must fail.
##
##    		if [ "$KEY" != "None" ]; then
##      			echo FALSE
##			exit $E_OK
##    		fi
##
##  	done
##fi

----- end new script (uid) -----


##### Attribute: audit_id

----- original script (audit_id) -----

### What is the count of the uid. If greater than 0 (i.e. there is already
###  an user somewhere with this AID), then fail.
##
##COUNT=`wlsids -n AID $AID | sed -e 's/^.*: //g'`
##
##if [ "$COUNT" -gt 0 ]
##then
##    echo FALSE
##    exit $E_OK
##fi

----- end original script (audit_id) -----

----- new script (audit_id) -----

### Check for uniqueness of the AID.  First, get a count of the
### number of times the AID is reserved.  If the count is 0, then
### the ID is not in use.  If the count is greater than 0, we
### have to check for null reservations made by wallocid.
##
##COUNT=`wlsids -n AID $USER_AID | sed -e 's/^.*: //g'`
##
##if [ "$COUNT" -gt 0 ]; then
##
##        # Get the list of keys associated with this UID.
##        # We also do a bit of cleanup and strip the leading "UID:" and
##        # all embedded commas.
##
##        KEYLIST=`wlsids -k AID $USER_AID | sed -e 's/^.*: //g' | sed -e 's/\,//g'`;
##
##        while [ "$KEYLIST" ]; do
##
##                # Loop through KEYLIST and grab the last KEY, then remove the
##                # KEY from KEYLIST before the next iteration.
##
##                KEY=`echo $KEYLIST | sed -e 's/^.* key=\(.*\)$/\1/'`
##                KEYLIST=`echo $KEYLIST | sed -e 's/^\(.*\)\".*\" key=.*$/\1/'`
##
##                # If KEY is equal to any value other than "None" then this is
##                # not a "null" reservation -- ie, there is a user with this
##                # UID -- and validation must fail.
##
##                if [ "$KEY" != "None" ]; then
##                        echo FALSE
##                        exit $E_OK
##                fi
##
##        done
##fi

----- end new script (audit_id) -----


##### Attribute: login_name

----- original script (login_name) -----

##OUTPUT=`wlsnams -t -T UserNameDB $LOGIN_NAME | sed -e 's/ type=UNIX//' | grep ' type=UNIX'`

----- end original script (login_name) -----

----- new script (login_name) -----

##OUTPUT=`wlsnams -t -T UserNameDB $LOGIN_NAME | grep ' type=UNIX'`

----- end new script (login_name) -----


##### Attribute: nw_login_name

----- original script (nw_login_name) -----

##OUTPUT=`wlsnams -t -T UserNameDB $LOGIN_NAME | sed -e 's/ type=NetWare//' | grep ' type=NetWare'`

----- end original script (nw_login_name) -----

----- new script (nw_login_name) -----

##OUTPUT=`wlsnams -t -T UserNameDB $LOGIN_NAME | grep ' type=NetWare'`

----- end new script (nw_login_name) -----


##### Attribute: nt_logon

----- original script (nt_logon) -----

##OUTPUT=`wlsnams -t -T UserNameDB $LOGIN_NAME | sed -e 's/ type=NT//' | grep ' type=NT'`

----- end original script (nt_logon) -----

----- new script (nt_logon) -----

##OUTPUT=`wlsnams -t -T UserNameDB $LOGIN_NAME | grep ' type=NT'`

----- end new script (nt_logon) -----