Previous Topic: Adding Rule Entries for OS/390 or VSE Data SetsNext Topic: Displaying an Access Rule

Maintaining Access Rules with the Full-Screen FeatureAdding Rule Set %CHANGE Information

Adding Rule Set %CHANGE Information

To see this screen, press Enter after you have viewed the Add Rule Entry for a VM Minidisk or Add Rule Entry for MVS/VSE Data Sets screens. Use this screen to grant authority to users so that they can make changes to the specified rule set.

M9PA‑2130   Add Rule Set %CHANGE Information (2.1.3)       CA ACF2 for VM 
COMMAND ===> ____________________________________________________________
                                                               TIME 17:12
 Rulekey  : _________
 
 UIDs allowed to change full ruleset (%CHANGE):    Entry ___ of ___
 ==> ________________________  ==> ________________________
 ==> ________________________  ==> ________________________
 ==> ________________________  ==> ________________________
 ==> ________________________  ==> ________________________
 ==> ________________________  ==> ________________________
 ==> ________________________  ==> ________________________
 
 UIDs allowed to change rule entries only (%RCHANGE): Entry ___ of ___
 ==> ________________________  ==> ________________________
 ==> ________________________  ==> ________________________
 ==> ________________________  ==> ________________________
 ==> ________________________  ==> ________________________
 ==> ________________________  ==> ________________________
 ==> ________________________  ==> ________________________
 
 
PF1=Help       2=Print       3=Quit       4=Return      5=          6=         
PF7=Backward   8=Forward     9=Director   10=Previous   11=Next     12=Retrieve

Following is a brief description of the fields on this screen.

Rulekey

Specifies the key of the rule set. Normally, the rulekey is the ID of a VM user who has one or more MDISKs specified in the VM directory under his user entry. In most cases, this is also the user's CA ACF2 for VM logonid logonid. The rulekey can also be the high‑level qualifier of an OS/390 or VSE data set. The rule ID can be up to eight characters long. You cannot mask this field.

UIDS allowed to change full rule set (%CHANGE)

Specifies the UIDs of users with full change authority. These users can make changes to the specified rule set. This control statement indicates who (besides the data owner or security administrator) can replace a particular set of rules. A security administrator can compile a rule set with only $KEY and %CHANGE control statements, establishing a base rule set to distribute rule writing permissions.

UIDS allowed to change rule entries only (%RCHANGE)

Specifies the UIDs of users who have limited change authority. These users can make rule entries, but cannot delegate the same authority to anyone else. The designated users cannot change control statements. They cannot further delegate change authority or delete the rule set. If the same user matches entries in both %CHANGE and %RCHANGE, the higher authority (%CHANGE) is in effect for that user (optional).

Entry ___ of ___

Indicates the %CHANGE and %RCHANGE UIDs listed first for this screen and the total number of %CHANGE and %RCHANGE entries found.

Use your backward and forward PF keys to add additional entries.