When you enable the MUF, external security is called to determine the security status. The first determination made is the level of security that you are running. When CA Datacom implements new security features, it does so by implementing a new level of security in the DTSYSTEM resource class. The current highest level of support is LEVEL05. All other levels, that is levels 01 through 04, are still supported, but we recommend that you implement security at the highest supported level, that is, LEVEL05. Each higher level supports all the features contained in lower levels and new features.
A level consists of a pair of resource names in the DTSYSTEM resource class. The resource names are ACTIVATE.LEVELnn.PASS and ACTIVATE.LEVELnn.FAIL. A check is made at Multi-User startup for LEVEL05 using the user ID associated with the MUF. If access is allowed to the PASS resource and access is denied for the FAIL resource, the level is considered in force and further checks are made based on the level. If either of these is not true, CA Datacom/DB checks the PASS/FAIL resources at the next level, in this case level 04, until it either finds the correct combination or it exhausts all the levels.
All the following documentation pertains to the complete set of features available at level 05. Following is a list of features that are available at lower levels.
Is the same as level 05, except CA Dataquery path security is not checked for or allowed.
Is the same as level 04, except that view security is not checked for or allowed.
Is the same as level 03, except that the number of paths recognized is two:
Only two table classes are available at this level: DTTABLE and DXTABLE.
Is the same as level 02 except all paths are treated equally using DTTABLE for table access. External security for all of CA Datacom/DB is enabled by denying permission to DTSYSTEM resource cxxname.DB.
Note: XCF cannot be externally secured at level 01.
Before the appropriate level permissions are set, it is important that all desired information is stored in the other resource classes. That is, review the DTADMIN, the DCTABLE and DTUTIL classes and add required entries before securing the Directory with the DTSYSTEM resource.
|
Copyright © 2014 CA.
All rights reserved.
|
|