To see this screen, press PF11 (NEXT) after you have viewed the Add Access Rule Set Control Information screen. Use this screen to add OS/390 and VSE rule entries.
M9PA‑2124 Add MVS/VSE Access Rule Entry List (2.1.2.4) CA ACF2 for VM COMMAND ===> __________________________________________________________ TIME 17:12 Rulekey ==> ________ Entry 1 of 3 This ruleset has expanded VM‑format rules not shown here. Press PF6 to view. ‑‑‑‑‑‑‑‑‑‑‑‑‑FILE NAME‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑‑ ‑‑‑‑‑‑‑‑‑UID‑‑‑‑‑‑‑‑ A__ ...+...1...+...2...+....3....+....4... ... +....1....+....2..... WREA 001 V0191.PROFILE.EXEC SHSADTLCAMS____________ A A 002 SYS1.LINKLIB ‑______________________ AA 003 USERTEST.CREDIT.DATA SHSADTLC‑______________ AAAL PF1=Help 2=Print 3=Quit 4=Return 5=Execute 6=MVS<‑>VM PF7=Backward 8=Forward 9=Director 10=Previous 11=Next 12=Retrieve
This screen contains only summary information of the various rule entries. Enter an S (for SELECT) in the prefix area to see all of the details on the rule entry.
Indicates the prefix area for this screen. The prefix area is where you select rules or enter information.
Following is a brief description of the fields on this screen.
Specifies the $KEY value of the rule set. Normally, the rulekey is the ID of a VM user who has one or more MDISKs specified in the VM directory under his user entry. In most cases, this is also the user's CA ACF2 for VM logonid logonid. The rulekey can also be the high‑level qualifier of an OS/390 or VSE data set. The rule ID specified can be up to eight characters long for access rules. You cannot mask this field.
CA ACF2 for VM logonid displays the data set and UID for this rule set as it currently exists. The information shown under FILE NAME displays the name of the data set. The UID displays the user that the rule is written for.
Use the following commands in the prefix area to display rule entries:
Inserts the moved rule entry after this line (same as F).
Inserts the moved rule entry before this line (same as P).
Deletes the rule entry on this line.
Inserts the moved rule entry following this line (same as A).
Inserts a rule entry following this line.
Moves this rule entry.
Inserts the moved rule entry previous to this line (same as B).
Selects this rule entry. CA ACF2 for VM logonid checks the rule to see if it is formatted like a VM rule or an OS/390 rule, then CA ACF2 for VM logonid displays the appropriate screen with additional information.
The four characters at the end of the following line indicate the various access types:
___ ...+...1....+...2....+...3....+...4... ...+...1...+....2.WREA
They stand for W=Write, R=Read, E=Execute, and A=Allocate, respectively. Enter the access permission to be granted (A=Allow, L=Log, P=Prevent) under the appropriate access type.
Following is an example of how you might define access privileges.
___ ....+...1....+...2....+...3....+...4.... ...+...1...+....2. WREA 001 V0191.VOLUME SHSADTLC‑__________ AL
All users with a UID beginning SHSADTLC have READ access to V0191.VOLUME. All EXECUTES on this volume are LOGGED. You did not specify an access permission for WRITE. Because CA ACF2 for VM logonid provides protection by default, no permission implies PREVENT.
|
Copyright © 2009 CA Technologies.
All rights reserved.
|
|