Authorization stage codes for security database administration events describe at which stage CA ControlMinder decided what action to take for the security database administration event.
The following codes apply to this event type:
300—Undefined CA ControlMinder user
301—An attempt to delete last ADMIN user
302—An attempt to delete user root
303—User trying to change their own password
304—Nonauditor user trying to set audit mode
305—Command allowed for ADMIN user
306—Showuser (myself) , Showxusr allowed
307—User trying to set categories they do not have
308—User trying to set a security-label they do not have
309—User trying to set security-level greater than the user's own
310—NonADMIN user trying to set user-mode
311—Command allowed for object owner
312—Native file owner can define it to CA ControlMinder
313—Command allowed for a GROUP-ADMIN user
314—GROUP-ADMIN user can join/join- to group
315—GROUP-AUDITOR/ADMIN can list the group
316—An auditor can list any object
317—An OPERATOR can list any object
318—A GROUP-AUDITOR can list objects in group scope
319—A GROUP-OPERATOR can list objects in group scope
320—Command allowed for CLASS-ADMIN user
321—Command allowed for PWMANAGER/ADMIN with access
322—There is no rule allowing this operation
324—User changing their own password using sepass
326—User created 'Login Information' for themselves
327—Command allowed for GROUP-PWMANAGER
329—A PWMANAGER enabled a user
330—Command allowed for DOMAIN change
331—Command allowed for PWMANAGER
332—Changing native flags allowed for PWMANAGER
333—Changing 'must change password next logon' attribute is allowed for PWMANAGER
334—Command allowed for GROUP-PWMANAGER
335—Editing 'Login Information' is allowed for PWMANAGER
336—Command allowed for auditor user
337—Failed to reconcile command with database information
338—Creating a command from an implicit request
339—SEOS_syscall module unload readiness check
340—Command allowed for ADMIN group
341—Command allowed for AUDITOR group
342—Command allowed for OPERATOR group
343—Command allowed for PWMANAGER group
344—Command allowed for SERVER group
Copyright © 2013 CA Technologies.
All rights reserved.
|
|