This report generates two types of output, the Data Access Cross-Reference Report and the Resource Cross-Reference Report.
This report reflects all users who have access to the specified data set. You can specify three different formats: The full report, the rule record summary, or both. Samples of both reports follow.
CA ACF2 for z/VM SECURITY - TLCRPTXR - CROSS REFERENCE REPORT - PAGE 1 DATE 06/16/98 (98.168) TIME 11.32 --------------------------------------------------------------------------------------------------------------------------- DATASET: TLCNEWS.SCRIPT RKEY: TLCROZ STORED: 05/17/98-15:25 BY: VMISO LOGONIDS THAT HAVE ACCESS WITHOUT RULES $TLC2VM(NC) TLC2PBMS(NC) TLC2VBM(NC) CICSDVP(SE) DASDMRG(NC,SE) DATAMOVE(NC) DATAMV2(NC) DIRMAINT(NC) DIRMXA(NC) EXCRKE(SE) GABBY(RA) GARLY01(SE) MAINTXA(NC) MAINTXA2(NC) NCSC(NC) OPERATOR(NC) OPRANR(RA) PCEMBC(SE) PCEJBL(SE) QBCICS@(NC,SE) QBDAVDMA(NC) QBISO(SE) QBGRM(NC) QBVMSTT(NC,RA) QB20IDL2(NC) QB20IDL3(SE) QB20IDL6(SE) QB20IDL7(RA) QB20UDK9(SE) BX20T2(NC) BX20T3(SE) BX20T6(SE) BX20T7(RA) BX20T9(SE) RSSVC2(NC) RSSVC22(NC) SEDJSS(SE) SEDMFS(SE) SSERGL(SE) SVNKC(NC) SVNLC2(NC) SVNOED(SE) SVNPVD(RA) SVNPVD2L(RA,SE) SVNLBG(NC) SVNARM3(NC) SVNAPR(NC) SVNROZ(O,SE) TLC0XE(SE) TLCXE9(NC) TLC111(SE) TLC114(NC) TLC139(RA) TSTASFV(SE) TSTDB(NC,RA) TSTADF(SE) TSTADF1(NC) TSTSOI(SE) TSTLML(NC) TSTVLL2(RA) TSTLSFV(SE) TSTGRM(NC) TSTQSFV(SE) TSTMTR(NC) TSTSFV(SE) TSTSVFAW(SE) TSTSVFLQ(SE) TSTSVFQL(SE) TSTSVFWA(SE) TSTSVF31(SE) TSSVFL(NC) TSTTLW2L(NC) TSTWSFV(SE) TST330(RA) USERSC(SE) USERSG(SE) USSMRTX(SE) VMBMAP(SE) VMDSGGRM(NC) VMSOI(SE) VMPO(NC) VMPS5(SE) VSFSOUP(NC,SE) VSFPVD(RA,SE) VSFSRD(SE) VSFPOI(SE) VSFPOI2(SE) VSFSOI(SC) VSFBX2(SE) VSFSSK(SE) VFS2(SE) VTAMANGR(NC) XAGRM(NC) NO RULE MATCHED SPECIFIED DATASET/VOLUME
CA ACF2 for z/VM SECURITY - ACFRPTXR - RULE RECORD SUMMARY - PAGE 1 DATE 06/16/98 (98.168) TIME 11.32 --------------------------------------------------------------------------------------------------------------------------- DATASET KEY: TLCROZ STORED: 05/17/98-15:25 RULE USED, NO %CHANGE DATA LOGONIDS THAT CAN UPDATE THIS RULE CICDPVD(SE) DASDGRM(NC,SE) EXDRKE(SE) GREDY01(SE) PCEBMC(SE) PCEJBL(SE) QBCDIC9(NC,SE) QBSOI(SE) QB20IDL3(SE) QB20IDL6(SE) QB20IDL9(SE) BX20T3(SE) BX20T6(SE) BX20T9(SE) SECSSJ(SE) SECMFS(SE) SSDRGL(SE) SVNOED(SE) SVNPVD2L(RA,SE) TLCROZ(O,SE) TLCXX9(SE) TLC131(SE) TSTASEV(SE) TSTADF(SE) TSTSOI(SE) TSTLSEV(SE) TSTQSEV(SE) TSTSEV(SE) TSTVEASW(SE) TSTVELSQ(SE) TSTVEQSL(SE) TSTVESWA(SE) TSTSEV31(SE) TSTWSEV(SE) USECSR(SE) USEGSR(SE) USSMTRX(SE) VMBMAN(SE) VMSOI(SE) VMPS5(SE) VSFSOUP(NC,SE) VSEPVD(RA,SE) VSFRSD(SE) VSFPOI(SE) VSFPOI2(SE) VSFSOI(SC) VSFBX2(SE) VSFSSK(SE) VFS2(SE)
Lists the data set CA ACF2 for z/VM ran against for this report. Logonids in this report have access to this data.
Lists the last date and time this rule was updated.
Lists the logonids that can update the rule shown in the DATASET KEY field. Reason codes follow the logonid. These reason codes define why these users can update the rule. The report displays this reason code in parentheses immediately after the logonid.
NC
The logonid has the NON-CNCL attribute in the LID.
O
The user's prefix (PREFIX field in the logonid record) matches the high-level index for the file processed. This code is only valid for access rule processing.
RA
This logonid is not cancelable as defined by CA ACF2 for z/VM as long as the file is opened for input only (read only). User has the NON-CNCL and READALL attributes in the logonid record.
SC
The logonid is a scoped security officer whose DSNSCOPE matches the high level index of the file. User has SECURITY and DSNSCOPE or SCPLIST attributes in the logonid record.
SE
The logonid is an unrestricted security officer. User has SECURITY and no DSNSCOPE or SCPLIST attributes in the logonid record.
U
The UID string in the access rule set matches the UID of the user.
The name of the reported data set.
The $KEY value of the reported data set.
The date and time the rule set was last stored.
The logonid of the user who last stored the rule set.
Following is a list of users who have access to the specified rule set. These users do not have the access because of the rule entries, but due to special privileges.
The logonid of the user having access.
Displays individual matching rule entries. Possible fields that can appear in rule entries are shown below.
This report reflects all users who have access to the specified resource. You can specify three different formats: The full report, the rule record summary, or both. Following is a sample of both reports.
CA ACF2 for z/VM SECURITY - TLCRPTXR - CROSS REFERENCE REPORT - PAGE 1 DATE 06/16/98 (98.168) TIME 11.37 ----------------------------------------------------------------------- ---------------------------------------------------- RESOURCE TYPE: GRP RESOURCE NAME: MAINT- RULE KEY: RGRPMANTIXA STORED: 09/29/97-08:20 BY: VNSOI CONTROLS: %CHANGE DATA EXISTS LOGONIDS THAT HAVE ACCESS WITHOUT RULES $TLC2NV(NC) TLC2PSMB(NC) TLC2NBV(NC) CICTPVD(SE) DASDGRM(NC,SE) DATAMOTH(NC) DATMVA2(NC) DIRMOTHT(NC) DIRMAX(NC) EXDRKE(SE) GREAS01(SE) MPTJTXA(NC) MOTHTXA2(NC) NSCC(NC) OPERATOR(NC) PCEMBC(SE) PCEJBL(SE) BXCICT9(NC,SE) BXDAVADM(NC) BXISO(SE) BXMGR(NC) BXVNTST(NC) BX20IDL2(NC) BX20IDL3(SE) BX20IDL6(SE) BX20IDL9(SE) BX20T2(NC) BX20T3(SE) BX20T6(SE) BX20T9(SE) RSCVS2(NC) RSCVS22(NC) SEDSSJ(SE) SEDMFS(SE) SSERGL(SE) SVNKC(NC) SVNLC2(NC) SVNOED(SE) SVNPVD2L(SE) SVNLBG(NC) SVNARM3(NC) SVNPRA(NC) SVNROZ(SE) TLC011(SE) TLC019(NC) TLC111(SE) TLC114(NC) TSTASFV(SE) TSBDT(NC) TSTADF(SE) TSTADRF(NC) TSTSOI(SE) TSTLML(NC) TSTLSFV(SE) TSTGRM(NC) TSTQSFV(SE) TSTMTR(NC) TSTSFV(SE) TSTSVFAW(SE) TSTSFVLQ(SE) TSTSFVQL(SE) TSTSFVWA(SE) TSTSFV31(SE) TSTTWL(NC) TSTTWL2L(NC) TSTWSFV(SE) USECSR(SE) USEGSR(SE) USSMRTX(SE) VNBMAN(SE) VNDSGGRM(NC) VNSOI(SE) VNPO(NC) VNPS5(SE) VSFBACK(NC,SE) VSFPVD(SE) VSFRSD(SE) VSFPOI(SE) VSFPOI2(SE) VSFSOI(SC) VSFBX2(SE) VSFSSK(SE) VFS2(SE) VTAMOTHT(NC) XAGRM(NC) UID(*****SVNKC) ALLOW SVNKC(U,NC) UID(*****SVNLBG) ALLOW SVNLBG(U,NC) SVNLBGVN UID(*****SVNROD) ALLOW SVNROD SVNRODXA SVNROD2
CA ACF2 for z/VM SECURITY - TLCRPTXR - RULE RECORD SUMMARY - PAGE 1 DATE 06/16/98 (98.168) TIME 11.37 ------------------------------------------------------------------------------------------------------------------------------------ RESOURCE KEY: RGRPMAINTXA STORED: 09/29/97-08:20 %CHANGE DATA BEING PROCESSED LOGONIDS THAT CAN UPDATE THIS RULE WITHOUT ANY %CHANGE OR %RCHANGE AAUTHORITY CICTVPD(SE) DASDGRM(NC,SE) EXDKRE(SE) GDPSOI(SC) GROWL01(SE) PCEMBC(SE) PCEJBL(SE) BXCICT9(NC,SE) BXSOI(SE) BX20IDL3(SE) BX20IDL6(SE) BX20IDL9(SE) BX20T3(SE) BX20T6(SE) BX20T9(SE) SEDSSJ(SE) SEDMFS(SE) SSERGL(SE) SVNOED(SE) SVNPVD2L(SE) SVNROZ(SE) TLC011(SE) TLC111(SE) TSTASFV(SE) TSTADF(SE) TSTSOI(SE) TSTLSFV(SE) TSTQSFV(SE) TSTSFV(SE) TSTSFVAW(SE) TSTSFVLQ(SE) TSTSFVQL(SE) TSTSFVWA(SE) TSTSFV31(SE) TSTWSFV(SE) USECSR(SE) USEGSR(SE) USSSOI(SC) USSMRTX(SE) VNBMAN(SE) VNSOI(SE) VNPS5(SE) VSFBACK(NC,SE) VSFPVD(SE) VSFRSD(SE) VSFPOI(SE) VSFPOI2(SE) VSFSOI(SC) VSFBX2(SE) VSFSSK(SE) VFS2(SE) %CHANGE *****SVNROD SVNROD SVNRODXA SVNROD2 ------------------------------------------------------------------------------------------------------------------------------------ RESOURCE KEY: RGRPMOTHTXA2 STORED: 07/27/97-16:30 %CHANGE DATA BEING PROCESSED LOGONIDS THAT CAN UPDATE THIS RULE WITHOUT ANY %CHANGE OR %RCHANGE AUTHORITY CICTPVD(SE) DASDGRM(NC,SE) EXDKRE(SE) GDPSOI(SC) GROWL01(SE) PCEBMC(SE) PCEJBL(SE) BXCICT9(NC,SE) BXSOI(SE) BX20IDL3(SE) BX20IDL6(SE) BX20IDL9(SE) BX20T3(SE) BX20T6(SE) BX20T9(SE) SEDSSJ(SE) SEDMFS(SE) SSERGL(SE) SVNOED(SE) SVNPVD2L(SE) SVNROZ(SE) TLC011(SE) TLC111(SE) TSTASFV(SE) TSTADF(SE) TSTSOI(SE) TSTLSFV(SE) TSTQSFV(SE) TSTSFV(SE) TSTSFVAW(SE) TSTSFVLQ(SE) TSTSFVQL(SE) TSTSFVWA(SE) TSTSFV31(SE) TSTWSFV(SE) USECSR(SE) USEGSR(SE) USSSOI(SC) USSMTGX(SE) VNBMAN(SE) VNSOI(SE) VNPS5(SE) VSFBACK(NC,SE) VSFPVD(SE) VSFRSD(SE) VSFPOI(SE) VSFPOI2(SE) VSFSOI(SC) VSFBX2(SE) VSFSSK(SE) SFV2(SE) %CHANGE *****SVNROD SVNROD SVNRODXA SVNROD2
Lists the data set this report was run against. Logonids in this report have access to this data.
Lists the last date and time this rule was updated.
Lists the logonids that can update the rule shown in the DATASET KEY field. Reason codes follow the logonid. These reason codes define why these users can update the rule. This report displays this reason code in parentheses immediately after the logonid.
NC
The logonid has the NON-CNCL attribute in the logonid record.
O
The user's prefix (PREFIX field in the logonid record) matches the high level index for the file processed. This code is only valid for access rule processing.
RA
This logonid is not cancelable as defined by CA ACF2 for z/VM as long as the file is opened for input only (read only). User has the NON-CNCL and READALL attributes in the logonid record.
SC
The logonid is a scoped security officer whose DSNSCOPE matches the high level index of the file. User has SECURITY and DSNSCOPE or SCPLIST attributes in the logonid record.
SE
The logonid is an unrestricted security officer. User has SECURITY and no DSNSCOPE or SCPLIST attributes in the logonid record.
U
The UID string in the access rule set matches the UID of the user.
The three-character resource type.
The name of the resource.
The $KEY value of the resource.
The date and time the rule set was last stored.
The logonid of the user who last stored the rule set.
The control cards in this rule set.
The logonids of users who have access to this resource due to special logonid privileges.
Reflects the rule entry that allows access to the resource. The next line contains all the UIDs that have access due to this rule entry.
|
Copyright © 2009 CA Technologies.
All rights reserved.
|
|