You can limit the power that logonid privilege fields provide users through scoping. In CA ACF2 Option for DB2, the INF parameter of a scope record defines the DB2 records and CA ACF2 Option for DB2 rule sets that a privileged user (that is, a logonid with SECURITY or AUDIT) can access. Without this scope record, the user would have access to all records and rule sets. The SCPLIST field in a user’s logonid record associates the scope record to the user.
You cannot scope a user who has the NON‑CNCL privilege.
|
Copyright © 2011 CA Technologies.
All rights reserved.
|
|