Previous Topic: Printer FormatNext Topic: Summary Terminal Format Output

Using ReportsUnderstanding the ACFRPTRV ReportWhat Does this Report Look Like?Detail FormatDetail Terminal Format Output

Detail Terminal Format Output
ACF2 UTILITY LIBRARY ‑ ACFRPTRV ‑ GENERALIZED RESOURCE LOG ‑ PAGE 1
DATE 01/19/05 (05.019) TIME 10.50 DETAIL
REQUESTED RESOURCE                              REC   LOOKUP KEY
UID                      SOURCE   CPU  MODULE   DISP     DSP‑MOD  KEY‑MOD  SERV
    DATE     TIME  JNAME    LID      NAME                PRE RMC INT PST FIN
D‑DBS‑DSNPDBASE003                               LOG  D‑DBS‑****DBASE***
CHFSEASTTLC433           LV460    CPU1          RULE        ‑     DIRECTRY LOAD
05.019 01/19 08.01 TLC433   TLC433   YVONNE                 0   4   4   0   4
PRIMARY AUTHID:    TLCYBB   ORIGINAL AUTHID:  TLCYBB
SECONDARY AUTHIDS: OLC      CLERK    TEAM     RPW
D‑SYS‑DSNPSYSADM                                 LOG  D‑SYS‑****SYSADM
CHFSEASTTLC429           LV431    CPU1          RULE        ‑     DIRECTRY
05.019 01/19 08.04 TLC429   TLC429   CARL                   0   0   0   0   4
PRIMARY AUTHID:    TLCKLS   ORIGINAL AUTHID:  TLCKLS
SECONDARY AUTHIDS: DBA      MGMT     TEAM     CLASS
D‑TBL‑DSNPPERSONEL.EMPLOYEETABLE                *VIO  D‑TBL‑****PERSONEL.EMPLOYEE
CHFSEASTTLC429           LV431    CPU1          RULE        ‑     DIRECTRY SEL
05.019 01/19 08.04   TLC429    TLC429    CARL                      0   0   0   0  16
PRIMARY AUTHID:    TLCKLS   ORIGINAL AUTHID:  TLCKLS
SECONDARY AUTHIDS:    DBA      MGMT      TEAM      CLASS

The first report entry shows that Yvonne (whose logonid is TLC433 and UID is CHFSEASTTLC433) was allowed access to the DB2 database DBASE003 in the DB2 subsystem DSNP. A rule set with the $KEY of DBASE*** was used to determine that access was allowed but logged. The primary and original authorization ID for Yvonne is TLCYBB. Secondary authorization IDs that Yvonne is associated with are OLC, CLERK, TEAM, and RPW.

You should interpret the second and third entries together. Both of these entries resulted from Carl requesting access to the PERSONEL.EMPLOYEETABLE resource in the DSNP subsystem. The first entry shows why Carl was granted access to the resource. In this case, he had SYSADM authority. The second entry shows that Carl tried to access the PERSONEL.EMPLOYEETABLE resource, but a rule denied access. When access is denied because the CA ACF2 Option for DB2 rule for the resource prevents access, CA ACF2 Option for DB2 checks other rule sets that might grant access, such as SYSADM or DBADM for the table (if applicable). If these rule sets specify LOG, CA ACF2 Option for DB2 generates two SMF records so that you can determine the object of the request. You can determine that these two records belong together because the date and time stamps are identical for the same person.