To add a new user, begin by selecting the USERS option from the Administrative Menu, or typing USERS on the command line and pressing Enter. CA Dataquery then displays the Directory of CA Dataquery Users panel. To add a user, press <PF3> ADD. CA Dataquery displays the User Table as follows. Input the appropriate values for the new user. Each field is explained on the following pages.
User Table Maintenance (DQUU0)
=> Enter the user information and press the appropriate PF key ------------------------------------------------------------------------DQUU0 DATAQUERY: USER TABLE MAINTENANCE ----------------------------------------------------------------------------- USER NAME : PASSWORD : GROUPS: ACCOUNTING CODE : LEVEL 1: QUERY LANGUAGE : LEVEL 2: PRIVATE SQL AUTHID : LEVEL 3: DQ SYSTEM STATUS. DATA AUTHORIZED : ASSOCIATE USER : PERSONAL DATABASE : SUBMIT ALLOWED : EXPORT ALLOWED : : SQL AND DQL ALLOWED : SQL DATA DEF ALLOWED : SQL DATA MAINT ALLOWED : SYSTEM ADMINISTRATIVE MENU ITEMS AUTHORIZED FOR. CONDITIONS : RESTRICTIONS : PRINTER CONTROL : JCL MAINTENANCE : DIAGNOSTICS : LANGUAGE : USER MAINTENANCE : SAVED SET MAINT : QUERY LIBRARY MAINT : SECURITY : ACTIVE USER CONTROL : ----------------------------------------------------------------------------- <PF1> HELP <PF2> RETURN <PF3> ADD <PF4> ADDITIONAL OPTIONS
Panel Description
Default values appear on the User Table Maintenance panel and can be changed. Other options relating to overriding system defaults are also available by pressing <PF4> ADDITIONAL OPTIONS. When changes are complete, press <PF3> ADD to add the user.
(Required) Enter a unique 1- to 32-character alphanumeric user name. (The length must not exceed the PERSON entity name length in CA Datacom Datadictionary. See your Security Administrator for this length. Each CA Dataquery user has a matching PERSON entity-occurrence in CA Datacom Datadictionary that is generated automatically by CA Dataquery.)
(Optional) Enter a 1- to 9-character alphanumeric password. This field is used to assign an individual user password.
(Optional) Specify the CA Datacom/DB accounting code to be used with CA Datacom/DB accounting for CA Dataquery. See your Database Administrator for this information.
(Required) Analyze the language needs of your site. You can authorize use of SQL, DQL Language, or both. Since DQL Mode has security controls that SQL Mode does not offer, and vice versa, you need to ensure that users are authorized for the mode best suited to their job functions and that appropriate CA Datacom/DB security measures are implemented. The CA Dataquery Administrator specifies the query language when he adds or updates a user and designates if a user can switch between modes. You decide which users are allowed to perform SQL Data Definition statements and Data Maintenance statements, and which statements that the user is authorized to use when adding or updating a user.
SQL if SQL or DQL, the default, if DQL Language is authorized for this user. YES in the SQL AND DQL ALLOWED field authorizes the user to both query languages.
(Required if language authorized for this user is SQL, or if the user is authorized to use both SQL and DQL Language, or if personal database is authorized for this user.) Enter a 1- to 18-character authorization ID. This is the user's default authorization ID for personal database and for all SQL Mode. See the CA Datacom/DB SQL User Guide for further information.
Note: If a user changes his SQL authorization ID either by the PROFILE or AUTHID command, it changes only on the user profile, not on the User Table Maintenance. Therefore, if a user creates a table in PDB, his private SQL authorization ID will be attached to the table name regardless of the authid he was using when he created the table. When the DISPLAY or LIST, EXECUTE or CREATE functions are used, the profile authid is used by CA Dataquery.
(Optional) Enter a valid 1- to 15-character alphanumeric group level 1 name for CA Dataquery security control. See Assigning Group Levels for more information.
(Optional) Enter a valid 1- to 15-character alphanumeric group level 2 name as specified in CA Dataquery security control. If you enter a group level 2 name, you must also enter a group level 1 name. See Assigning Group Levels for more information.
(Optional) Specify a valid 1- to 15-character alphanumeric group level 3 name as specified in CA Dataquery security control. If you enter a group level 3 name, you must also enter a group level 1 and a group level 2 name. See Assigning Group Levels for more information.
CA Dataquery System Status
(Required) (Applies to DQL Mode only.) Authorizes the user to read-only access to all data available to CA Dataquery.
Y (yes), you allow the user read-only access to data. CA Dataquery does not perform any data security check. (External security and Database security will be applied to table access.)
N (no), the default, CA Dataquery qualifies this user's access to data by the data authorizations specified in security control. However, Conditions and Restrictions and profile codes are applied to the appropriate table. See Securing Data Access for DQL Use and Limiting Access to Columns and Rows for more information.
(Required) Decide whether to authorize each user as a associate user thereby limiting the user's ability to query the database. A associate user can only run queries created by others and cannot create or maintain queries. If you do not designate the user as an associate user, CA Dataquery assigns conventional user authorization to that user.
Note: A conventional user can create and edit queries.
Y (yes) specifies that this user can only perform associate user tasks.
N (no), the default, does not limit this user to associate user tasks. This enables this user to create and edit queries, view database information, use commands, and so on.
(Required) A user who has a need to create tables using the data retrieved by a query for his own use for forecasting is a good candidate for authorization of the Personal database facility. Both DQL Mode and SQL Mode users can be authorized for Personal database, but SQL must be installed at your site to use the Personal database facility. You specify which users can use personal tables and the area of the database where the tables are to be stored when adding or updating a user in CA Dataquery.
Y (yes) if this user is allowed to create and maintain personal tables using the personal database facility. This authorizes a user to create personal tables within his PRIVATE SQL authorization ID (schema) for his individual use. (See Using Schemas for more information.) Specify the area of the database where personal tables are to be stored on the Override System Defaults panel. See Overriding System Defaults for more information.
N (no), the default, prohibits the user from using the personal database facility.
(Required) Most queries are executed using online CA Dataquery. However, your site might choose to submit long-running queries to batch CA Dataquery to make better use of your system resources. Determine which users have a need to submit batch queries and authorize them to do so.
Batch CA Dataquery can also be initiated from other software packages. You can secure batch CA Dataquery in this type of environment by using security packages like CA ACF2 and optionally, by use of the Batch Signon Exit.
Indicate whether this user is allowed to submit batch queries from online CA Dataquery.
Y (yes), the default, permits the submission of batch queries
N (no) does not.
(Required) CA Dataquery provides the capability to build a batch export file whereby data accessed from the database is exported and saved on a sequential file for later use. A user's need for this capability is directly related to his job responsibilities. A data entry clerk most likely will not need to export data to fulfill a customer order. However, a systems programmer might need to export data to test complex queries or to compile statistics. The exported data is in either comma separated value format which can be accessed by a personal computer for those users with that specific need or fixed-length record format.
Note: You might want to consider limiting the use of the Export capability.
Y (yes), the default, allows the user to export data. This user is permitted to build a CA Dataquery batch export file whereby data accessed from the database is exported and saved for later use. It allows the user to use the EXPORT command while using batch CA Dataquery.
N (no) prohibits the user from exporting data.
(Optional)
Y (yes) to allow this user to change query languages on his profile.
N (no), the default, restricts the user from changing to the alternate language and restricts him to one query language.
(Optional) Consider limiting the use of SQL Data Definition to the CA Dataquery Administrator. This authorization can easily be misused and affect data integrity. Specify N for both SQL Data Definition and SQL Data Maintenance to limit the user to creating only SQL queries using the SELECT statement keywords.
Y (yes) to allow this user to use SQL Data definition statements.
N (no), the default, restricts the user from using CREATE, COMMENT ON, and DROP statements.
(Optional) Consider limiting the use of SQL Data Maintenance to the CA Dataquery Administrator. This authorization can easily be misused and affect data integrity. Specify N for both SQL Data Maintenance and SQL Data Definition fields to limit the user to creating only SQL queries using the SELECT statement keywords.
Y (yes) to allow this user to use SQL Data maintenance statements.
N (no), the default, restricts the user from using INSERT, UPDATE, and DELETE.
Y (yes) to allow this user to create, view, delete, or edit a condition.
N (no), the default, restricts this user from the CONDITIONS option on the Administrative Menu.
Y (yes) if this user is to have the administrative ability to create, delete, view, or edit a restriction.
N (no), the default, denies the user access to the RESTRICTIONS option on the Administrative Menu.
Y (yes) permits this user to start, stop, restart, and cancel spooled print jobs.
N (no), the default, restricts access to these spooled print job functions using the PRINTER CONTROL option on the Administrative Menu.
Y (yes) if this user is to create, delete, view, or edit a CA Dataquery JCL member.
N (no), the default, restricts this user from creating, modifying, or deleting a JCL member using the JCL option on the Administrative Menu.
Y (yes) to permit this user to request a CA Dataquery Request Table and/or a storage dump in the form of a transaction dump or a module dump.
N (no), the default, restricts the user from requesting a CA Dataquery Request Table or a storage dump through the DIAGNOSTICS option on the Administrative Menu.
Y (yes) if the user is to translate, edit, delete, or display CA Dataquery panels, the bulletin board, program literals, and vocabulary terms to another language.
N (no), the default, restricts access to the LANGUAGE option on the Administrative Menu.
Y (yes) if this user is to have the administrative function of adding, deleting, and maintaining users, as well as access to active users, passwords, and other users' profiles.
N (no), the default, prohibits this user from viewing and/or accessing the USERS option on the Administrative Menu. If a user is authorized for User Maintenance, that user cannot change his own authorization to N (no). :nt text='Caution'. Any user with authorization for this function has the ability to authorize anyone to perform administrative functions. Take care when deciding who and how many users may have this authority as this is a key to security.
Y (yes) to allow the creation, deletion, or modification of a set.
N (no), the default, prohibits access to set definitions using SETS on the Administrative Menu.
Y (yes) if you wish this user to create, maintain, execute, and/or submit queries listed on the Admin Directory of Queries and Terms panel.
N (no), the default, does not allow this user to select the LIBRARY option on the Administrative Menu.
Y (yes) if the user is to relate users to a table, tables to a user, or profile codes to a user. This field authorizes this user record and field security control functions.
N (no), the default, restricts this user from performing security control functions.
Y (yes), if this user is to have the administrative function of creating and sending messages, forcing another user off CA Dataquery, and cancel query processing during FIND.
Note: An administrator with user maintenance authority automatically has active user control authority but an administrator with active user control authority only may not add, update, or delete users or passwords, or view other users profiles.
N (no), restricts the user from active user administrative functions.
|
Copyright © 2015 CA Technologies.
All rights reserved.
|
|