To see this screen, press PF11 (NEXT) after you have viewed the Add Access Rule Set Control Information screen. Use this screen to add VM rule entries.
To add OS/390 or VSE rule entries, press PF6.
M9PA‑2123 Add VM Access Rule Entry List (2.1.2.3) CA ACF2 for VM COMMAND ===> _________________________________________________________ TIME 17:12 Rulekey ==> ________ Entry 1 of 3 This ruleset also has MVS‑style rules not shown here. Press PF6 to view. ___ WRE A001 Addr: V0191 Fn: PROFILE Ft: EXEC Uid: SHSADTLCAMS____________ A Fpool: ________ Dir: _______________________________________________ _______________________________________________ _______________________________________________ 002 Addr: _____ Fn: /_______ Ft: ________ Uid: *****PER________ AA Fpool: SYSPROG Dir: TLCMAS.ACF2.SECURITY.REPORTS _______________________________________________ _______________________________________________ 003 Addr: _____ Fn: PROFILE Ft: XEDIT Uid: ******TLC______________ A Fpool: TECH Dir: UNITED.STATES.ILLINOIS.COOK.CHICAGO.STREET NUMBER.FLOOR___________________________________ _______________________________________________ PF1=Help 2=Print 3=Quit 4=Return 5=Execute 6=MVS<‑>VM PF7=Backward 8=Forward 9=Director 10=Previous 11=Next 12=Retrieve
Enter an S (for SELECT) in the prefix area to see all of the details on the rule entry.
Indicates the prefix area for this screen. The prefix area is where you select rules or enter information.
Following is a brief description of the fields on this screen.
Specifies the $KEY value of the rule set. Normally, the rulekey is the ID of a VM user who has one or more Shared File System (SFS) files or directories, or minidisks specified in the VM directory under his user entry. In most cases, this is also the user's CA ACF2 for VM logonid logonid. The rulekey can also be the high‑level qualifier of an OS/390 or VSE data set. The rule ID specified can be up to eight characters long for access rules. You cannot mask this field.
CA ACF2 for VM logonid displays the address, filename, filetype, SFS filepool and SFS directory name as it currently exists. The UID displays the user that the rule is written for.
Use the following commands in the prefix area to display rule entries:
Inserts the moved rule entry after this line (same as F).
Inserts the moved rule entry before this line (same as P).
Deletes the rule entry on this line.
Inserts the moved rule entry following this line (same as A).
Inserts a rule entry following this line.
Moves this rule entry.
Inserts the moved rule entry previous to this line (same as B).
Selects this rule entry. CA ACF2 for VM logonid checks the rule to see if it is formatted like a VM rule or an OS/390 rule, then CA ACF2 for VM logonid displays the appropriate screen with additional information.
The three characters at the end of the line indicate the various access types. They stand for W=Write, R=Read, and E=Execute, respectively. Enter the access permission to be granted (A=Allow, L=Log, P=Prevent) under the appropriate access type. The above panel displays how you might define access privileges.
The user with a UID of SHSADTLCAMS has WRITE access to the PROFILE EXEC on the 191 disk. All users whose logonid starts with PER can READ and EXECUTE the TLCMAS.ACF2.SECURITY.REPORTS files in the SYSPROG filepool. Also, all users whose logonid begins with TLC can write to the PROFILE XEDIT file in the SFS directory named UNITED.STATES.ILLINOIS. COOK.CHICAGO.STREET.NUMBER.FLOOR in the TECH filepool.
|
Copyright © 2009 CA Technologies.
All rights reserved.
|
|