Previous Topic: DELETE SubcommandNext Topic: X-RGP Record Samples

Maintaining Cross-Reference RecordsX-SGP Record Samples

X-SGP Record Samples

Suppose a site has terminals that are defined as LVxx where xx is a number from 00 to 99. The security administrator wants to ensure that users access a data set only from terminals LV20 through LV30 with the exception of terminal LV25. No one should use LV25 to access the data set. The security administrator needs to insert an X‑SGP record as follows:

acf
 ACF
set x(sgp)
 XREF
insert lterms source include(lv2*,lv30) exclude(lv2,lv25)
LTERMS

Is the record name. The record ID is the name that the security administrator assigns to this group of terminals.

LV2*

Is the masked ID that matches any existing terminal ID that begins with the characters LV2.

If this site also has terminals defined as LV2A, LV2B, LV2X and so forth, and the security administrator wants to restrict access, the situation is more complicated because LV2A, LV2B, and LV2X match the criteria specified in the above insert example. In this case, the only way to accomplish inclusion of the proper terminals is to specify the following:

acf
 ACF
set x(sgp)
 XREF
insert lterms source include(lv20,lv21,lv22,lv23,lv24,lv26,lv27,lv28,lv29,lv30)

Now suppose that the security administrator creates an X‑SGP record for a group of terminals and gives it the record ID LTERMS. And he creates another X‑SGP record for a different group of terminals called DTERMS. To let some users have access to both LTERMS and DTERMS terminals, he can insert an X‑SGP record as follows:

acf
 ACF
set x(sgp)
 XREF
insert groupa group include(lterms,dterms)
GROUPA

Is the record name of this X‑SGP record, which is the name of the set of X‑SGP records to which this X‑SGP record is cross‑referenced

LTERMS

Is the record name of the individual X‑SGP records that belong to this set of
X‑SGP records identified as GROUPA

DTERMS

Is the record name of the individual X‑SGP records that belong to this set of
X‑SGP records identified as GROUPA.

The security administrator must specify LTERMS in the SOURCE field of the data set access rule entry to refer to users who access the data set from the LTERMS group of terminals and DTERMS in the SOURCE field of the data set access rule entry to refer to users who can access the data set from the DTERMS group of terminals. Also, the security administrator must specify GROUPA in the SOURCE field of the data set access rule entry to refer to users who are permitted access to the data set from both terminal groups (LTERMS and DTERMS).