After you enter values describing the test environment, these values remain in effect until you specifically change them. Any values that you do not specify can appear as asterisks (********), except for date and time. The asterisks can match any value. For instance, if you do not specify the UID or LID keyword, the subcommand tests whether all UIDs are allowed access. Separate multiple keywords from each other with blank spaces. You can use more than one input line to specify multiple keywords.
Specifies a resource name for which access is tested. CA ACF2 Option for DB2 places the $KEY value before the RSRC value unless you specify the RSRC value in single quotes. If the rule to be tested contains a $PREFIX control card, and the $PREFIX value is not masked, the $PREFIX value is used as the high level qualifier of the resource name whenever the RSRC value is entered without single quotes. The $KEY value will be used if the $PREFIX is masked. If the $KEY is not desired, then specify the fully qualified resource name in quotes.
When NOPREFIX is specified, the $KEY value will be used instead of the $PREFIX value when building the fully qualified resource name to be used in the test.
Specifies a logonid whose access you want to test. To specify this keyword, you must have the appropriate access to the user's logonid record that you are testing. Use of the LID keyword causes the UID value to be set to the UID of the indicated logonid.
Specifies a mask of the UIDs of users whose access you want to test. To specify this keyword, the user making the test does not need access to the logonid record of the user whose access is being tested. CA ACF2 does not consider logonid fields such as SECURITY, NON‑CNCL, PREFIX, and so forth, when testing this keyword. When you specify LID and UID, CA ACF2 uses the last LID or UID value specified. For example, when you specify LID(PAYJJD) UID(TFINPAYNLT), CA ACF2 uses UID(TFINPAYNLT). Conversely, when you specify UID(TFINPAYNLT) LID(PAYJJD), CA ACF2 uses LID(PAYJJD).
Specifies a role whose access you want to test. Specify an unmasked role. You can optionally specify the UID or LID keywords as well. To see which roles a logonid has, issue the ROLES logonid command.
Specifies the date for which access you want to test. This date can be formatted as mm/dd/yy, yy/mm/dd, or dd/mm/yy, depending on the DATE field of the GSO OPTS record. See “CONTROL Setting: GSO Records,” in the CA ACF2 Administrator Guide. Initially, the TEST subcommand uses the current date as the default.
Specifies the time (in hours and minutes) for which access you want to test. Initially, the TEST subcommand uses the current time as the default.
Specifies the type of function or service keyword, that you want to test for a particular DB2 resource. This parameter is required for databases, tables (or views), application plans, packages, collections, functions, stored procedures, schemas, sequences, JAVA archive (JAR) files, and distinct types. The type of DB2 resource being tested determines the value you can specify for this keyword. You can specify only one keyword at a time. See the SERVICE parameter described in this chapter for all the possible keywords.
Specifies the column of the table that you want to test access to. You can specify only one column at a time.
Terminates the TEST subcommand and places you back in the previous setting.
Terminates the TEST subcommand and places you back in the previous setting.
Resets the current TEST command environment variables.
|
Copyright © 2011 CA Technologies.
All rights reserved.
|
|