You see this screen if the rule set you selected on the previous screen (Add Data Set Rule Entry List) was an OS/390 or VSE rule set.
M9PA‑2127 Add Rule Entry for MVS/VSE Datasets (2.1.2.7) CA ACF2 for VM COMMAND ===> __________________________________________________________ TIME 17:12 Rulekey ==> ________ Entry ___ of ___ Dataset Name ==> __________________________________________ Volume ==> ______ UID String ==> ___________________ Source ==> ________ Shift ==> ________ Nextkey ==> ________ Access valid until ==> ________ Access from program ==> ________ Access from DDNAME ==> ________ Access from library ==> ____________________________________________ Access (Allow/Log/Prevent): WRITE ==> _______ READ ==> _______ EXECUTE ==> _______ ALLOCATE ==> _______ Data ==> _________________________________________________________ PF1=Help 2=Print 3=Quit 4=Return 5=Execute 6=MVS<‑>VM PF7=Backward 8=Forward 9=Director 10= 11= 12=Retrieve
Following is a brief description of the fields on this screen.
Specifies the high‑level qualifier of the data set name. The rulekey can be up to eight characters long. You cannot mask this field.
Specifies the number of this rule entry and the total number of rule entries in this rule set.
Specifies the rest of the name of the data set.
Specifies the volume of the data set.
Specifies the User Identification string of the user that this rule entry applies to.
Specifies an input source or source group name where this rule should apply. For example, you can specify the ID of a terminal. The access is allowed only if the user is logged onto that terminal. If you do not specify a source, any input source is valid. Ask your security administrator for a list of valid source group names (optional).
Specifies the name of the shift record on the Infostorage database that applies to this rule entry. It defines valid days, dates, and times that this rule entry is in effect. If you do not specify this parameter, any access the rule indicates is appropriately allowed, logged, or prevented for all days, dates, and times.
Specifies the rule ID of the next rule set to be checked for this access. If
CA ACF2 for VM logonid denies access access to this file or data set based on the rule set environment and access permissions in the original rule,
CA ACF2 for VM logonid proceeds to the rule specified in the NEXTKEY operand for further checking (optional).
Indicates any character string (up to 64 characters) retained with the rule set and formatted when the rule set is decompiled. Your site might have standards for the formatting of this string. Standard CA ACF2 for VM logonid does not use values in the string, but they can be meaningful in your local implementation of CA ACF2 for VM through special program exit checking (optional).
Specifies the last date that this rule entry is valid. Valid input is in the Gregorian date form (mm/dd/yy, dd/mm/yy, or yy/mm/dd), depending the DATE parameter of the OPTS VMO record.
Specifies the program name that accesses the file or volume.
Specifies the ddname that this user must use to access the data set.
Specifies the name of the library that the program must execute out of. (This field is only valid for OS/390 and VSE data sets.)
Specifies the type of access that applies to this user. Valid options are ALLOW (allow the access to the file or volume), LOG (allow the access, but record the event), and PREVENT (do not allow the access). PREVENT is the default.
You can allow, log, or prevent users from having these types of access: WRITE (if allowed, the user can write to the file), READ (if allowed, the user can read the file), and EXECUTE (the user can execute the file).
You can mix the access permissions (ALLOW|LOG|PREVENT) with the access types (WRITE|READ|EXECUTE|ALLOCATE). For example, you can let a user read and execute a file, but not write to it. Do this by specifying: :
WRITE==> P
READ ==> A
EXECUTE==> A
READ also implies EXECUTE.
|
Copyright © 2009 CA Technologies.
All rights reserved.
|
|