Structured infostorage records for ACFSERVE privileges now controls the ACFSERVE command. These records are similar to the VMO records. This section describes ACFSERVE privilege records and how to define them.
To define ACFSERVE privilege records, issue the SET CONTROL(ACFSERVE) subcommand of ACF. You can abbreviate this subcommand to a minimum of SET C(ACFS). ACFSERVE privilege records can override the default ACFSERVE authorizations and loggings CA ACF2 for VM supplies.
ACFSERVE privilege records are optional and you do not have to define them. You need these records only if you override the CA ACF2 for VM default authorizations. You can make changes to the ACFSERVE privilege records active dynamically with an ACFSERVE command.
The following is an example of an ACFSERVE privilege record:
ABC1 / RESET LAST CHANGED BY ADMISO ON 07/01/92‑14:52
AUTH(ACCOUNT SECURITY) AUTLOGIC(OR) LOG SCOPED
Each ACFSERVE privilege record consists of three components: the SYSID, the record name, and the record fields. In the above example,
Represents the SYSID associated with the ACFSERVE privilege record.
Represents the record name. This record defines the privileges for the ACFSERVE RESET command.
The data on the second line represents the actual record fields and their contents.
Specifies the authorization (logonid privilege) necessary to issue the specified command. Our example specifies ACCOUNT SECURITY.
Specifies that a logonid with the ACCOUNT or SECURITY privilege can issue the ACFSERVE RESET command.
Indicates that a scoped security administrator can also issue the command.
Indicates that CA ACF2 for VM writes an SMF record to log the command.
All ACFSERVE privilege records contain the same record fields. You must define separate records for each ACFSERVE command you need to override.
|
Copyright © 2009 CA Technologies.
All rights reserved.
|
|