Previous Topic: Enable STOPNext Topic: Protecting System Devices


Defining Day and Time Access Rules for Resources

CA ControlMinder can restrict TERMINAL access, SURROGATE requests, and user‑defined resources:

You can specify day‑of‑week and time‑of‑day restrictions for resource access. You can protect against substitution requests to highly authorized users outside work hours. You can implement restrictions for any protected resource, including user‑defined abstract classes that are used for implementing in‑house applications.

Example: day and time restrictions

The following rule completely disables the terminal ws3 on weekends and outside the 08:00‑19:00 time period every day:

chres TERMINAL ws3 restrictions(days(weekdays) time(0800:1900))

No login request from that station is accepted outside these periods.

Example: restrict substitution requests

User AcctMgr is the Accounting Manager, who is allowed to perform financial transactions. You restrict AcctMgr login to work hours and weekdays only. Intruders or unauthorized personnel may try to access the account of AcctMgr by invoking the command su AcctMgr. The following command makes it impossible to substitute the user name to AcctMgr outside the specified period:

chres SURROGATE USER.AcctMgr restrictions(days(weekdays) time(0800:1900))