The NEXTKEY operand splits a very large rule set into several sets or merges several rule sets together.
Specify the rule ID of an alternate rule set in the NEXTKEY operand. If access to a file based on the environment and permissions specified in the current rule set is prevented, CA ACF2 for VM searches the alternate rule set specified through NEXTKEY.
When NEXTKEY specifies an alternate rule set, a security administrator needs to grant authority to who is responsible for writing and maintaining that rule set through the %CHANGE and %RCHANGE control statements. These control statements are placed in the alternate rule set that must initially be established by the security administrator.
For %CHANGE and %RCHANGE authorizations to be active, you must specify the CHANGE operand of the RULEOPTS VMO record. If you specify NOCHANGE, all %CHANGE and %RCHANGE authorizations are inactive. The default is CHANGE. This default value is required to use %CHANGE or %RCHANGE.
|
Copyright © 2009 CA Technologies.
All rights reserved.
|
|