|
|
|
The following sample definitions are for users running under CA Top Secret. The actual implementation in your environment may differ from these templates.
To implement security with CA Top Secret
TSS ADD(RDT) RESCLASS($LSRVDSN) RESCODE(02) ATTR(LONG,DEFPROT)
ACLST(CONTROL) DEFACC(CONTROL)
Note: For more information about the command syntax and features, see the CA Top Secret Reference Guide.
One approach is to issue commands to define the data sets that are under the control of CA‑L‑Serv:
TSS ADDTO(owner_acid) $LSRVDSN(prefix1) TSS ADDTO(owner_acid) $LSRVDSN(prefix2)
An alternative approach is to define a pseudo data set named 'ALL' that stands for all the data sets under CA‑L‑Serv control:
TSS ADDTO(owner_acid) $LSRVDSN(all)
Once the resources are protected, issue PERMIT commands to permit users access to these data sets using the $LSRVDSN resource class:
TSS PERMIT(user_acid1) $LSRVDSN(dsname1) ACCESS(CONTROL) TSS PERMIT(user_acid1) $LSRVDSN(dsname2) ACCESS(CONTROL) TSS PERMIT(user_acid2) $LSRVDSN(dsname1) ACCESS(CONTROL)
This can also be achieved using a generic prefix:
TSS PERMIT(user_acid) $LSRVDSN(prefix.) ACCESS(CONTROL)
Optionally, users may be permitted access to the 'ALL' resource:
TSS PERMIT(user_acid1) $LSRVDSN(all) ACCESS(CONTROL) TSS PERMIT(user_acid2) $LSRVDSN(all) ACCESS(CONTROL)
A user ID must be created for CA‑L‑Serv so it has access to its data sets. To do this, specify:
TSS CREATE(lserv_acid) TY(USER) DEPT(deptname) FAC(STC) ‑
NAME('name') PASS(NOPW,0) NOSUBCHK
CA‑L‑Serv must be given authority to access its data sets using the PERMIT command:
TSS PERMIT(lserv_acid) DSN(dsname1) ACCESS(CONTROL) TSS PERMIT(lserv_acid) DSN(dsname2) ACCESS(CONTROL)
This permission can also be achieved using a generic prefix:
TSS PERMIT(lserv_acid) DSN(prefix.) ACCESS(CONTROL)
| Copyright © 2011 CA. All rights reserved. | Tell Technical Publications how we can improve this information |