Type information at the command line according to the following field descriptions:
Specify the 1‑ to 252‑character name of the DB2 resource that you want to test access to or decompile. For example, if you are testing a table rule set, enter the table name. If you are testing a system privilege or utility, enter the specific privilege or utility.
Specify the three‑character type code of this resource. This field groups resources by their type. For example, TBL represents table resources, DBS represents database resources, and so on.
Indicate the SYSID of the rule set that you are testing.
Specify whether you want CA ACF2 Option for DB2 to decompile the rule set identified by the $KEY field. The default is NO. To decompile the rule set and display it at your terminal, specify YES. The rule set is not tested as it is decompiled. To test the rule set, you must press ENTER again after the rule set has decompiled.
Type the logonid of the user that you want to test. To specify this field, you must have access to the user's logonid record that you are testing. Use of the LID field causes the UID value to be set to the UID of the indicated logonid. You cannot mask this field or specify both the LOGONID and UID fields.
Indicate a mask of the UIDs that identify the users whose access you want to test. You cannot specify both the LOGONID and UID fields.
Specify the time (in hours and minutes) for which you want to test access. Initially, the current time is used as the default.
Specify the date for which you want to test access. Initially, the current date is used as the default. The DATE option of the GSO OPTS record determines the format of this field.
Specify the type of function, or keyword, that you want to test for a particular DB2 resource. This parameter is required for databases, tables, application plans, packages, collections, functions, stored procedures, schemas, sequences, JAVA achrive (JAR) files, and distinct types. The type of DB2 resource being tested determines the values you can specify for a keyword. See the SERVICE parameter described in this chapter for all possible keywords.
Type the column of the table that you want to test.
After you type the above information and press ENTER, CA ACF2 Option for DB2 returns the result in the RULE TEST OUTPUT DISPLAY AREA. Access to the resource under the specified criteria is one of the following:
Grants access to the resource.
Grants access to the resource, but logs it.
Denies access and logs the attempt.
If no rule entry specifically applies to the test environment, CA ACF2 Option for DB2 displays the message NO RULES APPLY, ACCESS IS DENIED. This means that one of the following is true:
|
Copyright © 2011 CA Technologies.
All rights reserved.
|
|