A filter file consists of lines, each with six fields. The fields contain information on:
For example, READ or MODIFY
For example, AC or native
For example, USER or TERMINAL
For example, User1, AuditGroup, or TTY1
For example, OWNER and FULL_NAME in the filter line means that any command having those properties is filtered. You must enter each property exactly as it appears in the Reference Guide.
PASS or NOPASS
The following rules apply to each line in the filter file:
Example: Filter file
The following example describes a line from a filter file:
CREATE |
AC |
USER |
* |
FULL_NAME;OBJ_TYPE |
NOPASS |
---|---|---|---|---|---|
form of access |
environment |
class |
record name |
properties |
treatment |
In this example, if we name the file with this line TTY1_FILTER and edit the pmd.ini file for PMDB TTY1 so that filter=/opt/CA/AccessControl/TTY1_FILTER, then PMDB TTY1 will not propagate to its subscribers any records that create new users with the FULL_NAME and OBJ_TYPE property.
Copyright © 2013 CA Technologies.
All rights reserved.
|
|