|
|
|
Authorization stage codes for security database administration events describe at which stage CA Access Control decided what action to take for the security database administration event.
The following codes apply to this event type:
300—Undefined CA Access Control user
301—An attempt to delete last ADMIN user
302—An attempt to delete user root
303—User trying to change their own password
304—Nonauditor user trying to set audit mode
305—Command allowed for ADMIN user
306—Showuser (myself) , Showxusr allowed
307—User trying to set categories they do not have
308—User trying to set a security-label they do not have
309—User trying to set security-level greater than the user's own
310—NonADMIN user trying to set user-mode
311—Command allowed for object owner
312—Native file owner can define it to CA Access Control
313—Command allowed for a GROUP-ADMIN user
314—GROUP-ADMIN user can join/join- to group
315—GROUP-AUDITOR/ADMIN can list the group
316—An auditor can list any object
317—An OPERATOR can list any object
318—A GROUP-AUDITOR can list objects in group scope
319—A GROUP-OPERATOR can list objects in group scope
320—Command allowed for CLASS-ADMIN user
321—Command allowed for PWMANAGER/ADMIN with access
322—There is no rule allowing this operation
324—User changing their own password using sepass
326—User created 'Login Information' for themselves
327—Command allowed for GROUP-PWMANAGER
329—A PWMANAGER enabled a user
330—Command allowed for DOMAIN change
331—Command allowed for PWMANAGER
332—Changing native flags allowed for PWMANAGER
333—Changing 'must change password next logon' attribute is allowed for PWMANAGER
334—Command allowed for GROUP-PWMANAGER
335—Editing 'Login Information' is allowed for PWMANAGER
336—Command allowed for auditor user
337—Failed to reconcile command with database information
338—Creating a command from an implicit request
339—SEOS_syscall module unload readiness check
| Copyright © 2012 CA. All rights reserved. |
|