|
|
|
The PENCRYPT utility processes all directory logon and minidisk passwords after it backs up the directory containing them. The directory is backed up in its current form, either encrypted or clear plain text.
Use this utility to establish encryption during CA VM:Secure installation, or during conversion to PEF, when you begin using encrypted passwords. It can also be used to undo the effects of REVERSE encryption.
Important! Immediately after running this utility, you must restart your VM system and run a CP nucleus which you have properly configured for password encryption, otherwise no one will be able to logon or otherwise use passwords. You should prepare this final CP Nucleus before running this utility, so you can immediately restart your VM system on the new Nucleus.
Important information for DES3! You must generate an intermediate version of the CP Nucleus component containing a DES3KEY definition before executing the PENCRYPT utility. Then you generate a final CP Nucleus to implement triple DES encryption. Therefore, you will need to shutdown and re‑initialize your VM system and CA VM:Secure twice during the transition to triple DES encryption.
Before running this utility, you have to initialize CA VM:Secure with a CP nucleus containing the triple DES key. Use the DES3KEY record in the VMXRPI CONFIG file to create this nucleus. This allows you to specify the encryption key to be used to perform the triple DES encryption with the PENCRYPT utility.
After you use this utility, you need to initialize CA VM:Secure with a CP nucleus that has been configured with triple DES encryption indicated. Use the ENCRYPT DES3 record in the VMXRPI CONFIG to create this nucleus.
Note: For more information about Installing PEF, see the chapter "Password Encryption Facility" in the Rules Facility Guide.
| Copyright © 2011 CA. All rights reserved. | Tell Technical Publications how we can improve this information |