You can give different access rights to users with passwords and users without passwords. Those who supply valid passwords are considered authenticated; those without passwords are guest users.
VisionFS has three authentication methods, allowing for encrypted and unencrypted transmission of passwords (and using separate password databases), or the use of another server -- which might be another VisionFS server or a Windows NT server -- to authenticate users.
The authentication methods are independent: a VisionFS server can use either the UNIX server's password database or its own VisionFS password database or use another server for authentication, but not any combination of these.
To change how VisionFS authenticates users, in the Profile Editor, double-click the server entry and select the Passwords tab.
By default, users must enter their UNIX passwords on the UNIX server running VisionFS, as if they are accessing the UNIX server from the console, or from another UNIX server. UNIX passwords are transmitted in ``plain text'' -- unencrypted -- on the network. Although both Windows and UNIX provide facilities for encrypting passwords, the encryption mechanisms used are incompatible.
To allow password encryption on the network, VisionFS can maintain a separate password database that uses the Windows encryption method. In VisionFS password mode, only users with entries in the VisionFS password database can be authenticated: all others have guest access only.
VisionFS Administrators for a server can set, change, and clear VisionFS passwords for any user with the Profile Editor. The UNIX superuser can also modify VisionFS passwords with the visionfs password command. In VisionFS password mode, users can modify their own VisionFS passwords using a separate Windows program, password.exe, in the same folder as the Profile Editor.
To make moving from unencrypted to encrypted passwords easier, VisionFS can accept UNIX passwords (unencrypted on the network) and automatically store them in the VisionFS password database using Windows-style encryption. This lets you populate the VisionFS password database with UNIX passwords until you're ready to switch to VisionFS passwords only.
If you specify that users are authenticated on another server, the password databases and username mappings on this VisionFS server are ignored for authentication purposes. The password databases used depend on the authentication server and its configuration: