To add a new user, begin by selecting the USERS option from the Administrative Menu, or typing USERS on the command line and pressing Enter. CA Dataquery then displays the Directory of CA Dataquery Users panel. To add a user, press <PF3> ADD. CA Dataquery displays the User Table as follows. Input the appropriate values for the new user. Each field is explained on the following pages.
User Table Maintenance (DQUU0)
=> Enter the user information and press the appropriate PF key --------------------------------------------------------------------------DQUU0 DATAQUERY: USER TABLE MAINTENANCE ------------------------------------------------------------------------------- USER NAME : PASSWORD : GROUPS: ACCOUNTING CODE : LEVEL 1: QUERY LANGUAGE : LEVEL 2: PRIVATE SQL AUTHID : LEVEL 3: DQ SYSTEM STATUS. DATA AUTHORIZED : ASSOCIATE USER : PERSONAL DATABASE : SUBMIT ALLOWED : EXPORT ALLOWED : EMAIL ALLOWED : SQL AND DQL ALLOWED : SQL DATA DEF ALLOWED : SQL DATA MAINT ALLOWED : SYSTEM ADMINISTRATIVE MENU ITEMS AUTHORIZED FOR. CONDITIONS : RESTRICTIONS : PRINTER CONTROL : JCL MAINTENANCE : DIAGNOSTICS : LANGUAGE : USER MAINTENANCE : SAVED SET MAINT : QUERY LIBRARY MAINT : SECURITY : ACTIVE USER CONTROL : ------------------------------------------------------------------------------- <PF1> HELP <PF2> RETURN <PF3> ADD <PF4> ADDITIONAL OPTIONS
Panel Description
Default values appear on the User Table Maintenance panel and can be changed. Other options relating to overriding system defaults are also available by pressing <PF4> ADDITIONAL OPTIONS. When changes are complete, press <PF3> ADD to add the user.
(Required) Enter a unique 1- to 32-character alphanumeric user name. (The length must not exceed the PERSON entity name length in CA Datacom Datadictionary. See your Security Administrator for this length. Each CA Dataquery user has a matching PERSON entity-occurrence in CA Datacom Datadictionary that is generated automatically by CA Dataquery.)
(Optional) Enter a 1- to 9-character alphanumeric password. This field is used to assign an individual user password.
(Optional) Specify the CA Datacom/DB accounting code to be used with CA Datacom/DB accounting for CA Dataquery. See your Database Administrator for this information.
(Required) Analyze the language needs of your site. You can authorize use of SQL, DQL Language, or both. Since DQL Mode has security controls that SQL Mode does not offer, and vice versa, ensure that users are authorized for the mode best suited to their job functions and that appropriate CA Datacom/DB security measures are implemented. The CA Dataquery Administrator specifies the query language when they add or update a user and designates if a user can switch between modes. You decide which users are allowed to perform SQL Data Definition statements and Data Maintenance statements, and which statements that the user is authorized to use when adding or updating a user.
SQL if SQL or DQL, the default, if DQL Language is authorized for this user. YES in the SQL AND DQL ALLOWED field authorizes the user to both query languages.
(Required if language authorized for this user is SQL, or if the user is authorized to use both SQL and DQL Language, or if personal database is authorized for this user.) Enter a 1- to 18-character authorization ID. This is the default authorization ID of the user for personal database and for all SQL Mode. For more information, see the CA Datacom/DB SQL User Guide.
Note: If a user changes their SQL authorization ID either by the PROFILE or AUTHID command, it changes only on the user profile, not on the User Table Maintenance. Therefore, if a user creates a table in PDB, their private SQL authorization ID is attached to the table name regardless of the authid they were using when they created the table. When the DISPLAY or LIST, EXECUTE or CREATE functions are used, CA Dataquery uses the profile authid.
(Optional) Enter a valid 1- to 15-character alphanumeric group level 1 name for CA Dataquery security control. For more information, see Assigning Group Levels.
(Optional) Enter a valid 1- to 15-character alphanumeric group level 2 name as specified in CA Dataquery security control. If you enter a group level 2 name, you must also enter a group level 1 name. For more information, see Assigning Group Levels.
(Optional) Specify a valid 1- to 15-character alphanumeric group level 3 name as specified in CA Dataquery security control. If you enter a group level 3 name, you must also enter a group level 1 and a group level 2 name. For more information, see Assigning Group Levels.
CA Dataquery System Status
(Required) (Applies to DQL Mode only.) Authorizes the user to read-only access to all data available to CA Dataquery.
Y (yes), you allow the user read-only access to data. CA Dataquery does not perform any data security check. (External security and Database security is applied to table access.)
N (no), the default, CA Dataquery qualifies access to data for this user by the data authorizations specified in security control. However, conditions, restrictions, and profile codes are applied to the appropriate table.
(Required) Decide whether to authorize each user as an associate user which limits the ability of the user to query the database. An associate user can only run queries created by others and cannot create or maintain queries. If you do not designate the user as an associate user, CA Dataquery assigns conventional user authorization to that user.
Note: A conventional user can create and edit queries.
Y (yes) specifies that this user can only perform associate user tasks.
N (no), the default, does not limit this user to associate user tasks. This enables this user to create and edit queries, view database information, use commands, and so on.
(Required) A user who needs to create tables using the data retrieved by a query for their own use for forecasting is a good candidate for authorization of the Personal database facility. Both DQL Mode and SQL Mode users can be authorized for Personal database, but SQL must be installed at your site to use the Personal database facility. You specify which users can use personal tables and the area of the database where the tables are stored when adding or updating a user in CA Dataquery.
Y (yes) if this user is allowed to create and maintain personal tables using the personal database facility. This authorizes a user to create personal tables within their PRIVATE SQL authorization ID (schema) for their individual use. For more information, see Using Schemas for more information. Specify the area of the database where personal tables are to be stored on the Override System Defaults panel. For more information, see Overriding System Defaults.
N (no), the default, prohibits the user from using the personal database facility.
(Required) Most queries are executed using online CA Dataquery. However, your site can choose to submit long-running queries to batch CA Dataquery to make better use of your system resources. Determine which users need to submit batch queries and authorize them to do so.
Batch CA Dataquery can also be initiated from other software packages. You can secure batch CA Dataquery in this type of environment by using security packages like CA ACF2 and optionally, by use of the Batch Signon Exit.
Indicate whether this user is allowed to submit batch queries from online CA Dataquery.
Y (yes), the default, permits the submission of batch queries
N (no) does not.
(Required) CA Dataquery provides the capability to build a batch export file whereby data accessed from the database is exported and saved on a sequential file for later use. A need of the user for this capability is directly related to their job responsibilities. A data entry clerk most likely does not need to export data to fulfill a customer order. However, a systems programmer might need to export data to test complex queries or to compile statistics. The exported data is in either comma separated value format which is accessed by a personal computer for those users with that specific need or fixed-length record format.
Note: You might want to consider limiting the use of the Export capability.
Y (yes), the default, allows the user to export data. This user is permitted to build a CA Dataquery batch export file whereby data accessed from the database is exported and saved for later use. It allows the user to use the EXPORT command while using batch CA Dataquery.
N (no) prohibits the user from exporting data.
(Optional)
Y (yes) if the user is authorized to send reports to users at your site through CA eMail+.
N (no), the default, prohibits the user from sending reports through CA eMail+.
(Optional)
Y (yes) to allow this user to change query languages on their profile.
N (no), the default, restricts the user from changing to the alternate language and restricts them to one query language.
(Optional) Consider limiting the use of SQL Data Definition to the CA Dataquery Administrator. This authorization can easily be misused and affect data integrity. Specify N for both SQL Data Definition and SQL Data Maintenance to limit the user to creating only SQL queries using the SELECT statement keywords.
Y (yes) to allow this user to use SQL Data definition statements.
N (no), the default, restricts the user from using CREATE, COMMENT ON, and DROP statements.
(Optional) Consider limiting the use of SQL Data Maintenance to the CA Dataquery Administrator. This authorization can easily be misused and affect data integrity. Specify N for both SQL Data Maintenance and SQL Data Definition fields to limit the user to creating only SQL queries using the SELECT statement keywords.
Y (yes) to allow this user to use SQL Data maintenance statements.
N (no), the default, restricts the user from using INSERT, UPDATE, and DELETE.
System Administrative Menu Items Authorized
The following fields allow (or deny) the user access to any or all administrative functions. CA Dataquery automatically gives all users, except associate users, the ability to modify their own profiles. Associate users can do so if the Dataquery System Option Table parameter, ASUPPRO, is set to YES. All fields are required.
Y (yes) to allow this user to create, view, delete, or edit a condition.
N (no), the default, restricts this user from the CONDITIONS option on the Administrative Menu.
Y (yes) if this user is to have the administrative ability to create, delete, view, or edit a restriction.
N (no), the default, denies the user access to the RESTRICTIONS option on the Administrative Menu.
Y (yes) permits this user to start, stop, restart, and cancel spooled print jobs.
N (no), the default, restricts access to these spooled print job functions using the PRINTER CONTROL option on the Administrative Menu.
Y (yes) if this user is to create, delete, view, or edit a CA Dataquery JCL member.
N (no), the default, restricts this user from creating, modifying, or deleting a JCL member using the JCL option on the Administrative Menu.
Y (yes) to permit this user to request a CA Dataquery Request Table and/or a storage dump in the form of a transaction dump or a module dump.
N (no), the default, restricts the user from requesting a CA Dataquery Request Table or a storage dump through the DIAGNOSTICS option on the Administrative Menu.
Y (yes) if the user is to translate, edit, delete, or display CA Dataquery panels, the bulletin board, program literals, and vocabulary terms to another language.
N (no), the default, restricts access to the LANGUAGE option on the Administrative Menu.
Y (yes) if this user is to have the administrative function of adding, deleting, and maintaining users, as well as access to active users, passwords, and profiles of other users.
N (no), the default, prohibits this user from viewing and/or accessing the USERS option on the Administrative Menu. If a user is authorized for User Maintenance, that user cannot change his own authorization to N (no).
Caution Any user with authorization for this function is able to authorize anyone to perform administrative functions. Take care when deciding who and how many users may have this authority as this is a key to security.
Y (yes) to allow the creation, deletion, or modification of a set.
N (no), the default, prohibits access to set definitions using SETS on the Administrative Menu.
Y (yes) if you want this user to create, maintain, execute, and/or submit queries listed on the Admin Directory of Queries and Terms panel.
N (no), the default, does not allow this user to select the LIBRARY option on the Administrative Menu.
Y (yes) if the user is to relate users to a table, tables to a user, or profile codes to a user. This field authorizes this user record and field security control functions.
N (no), the default, restricts this user from performing security control functions.
Y (yes), if this user is to have the administrative function of creating and sending messages, forcing another user off CA Dataquery, and cancel query processing during FIND.
N (no), restricts the user from active user administrative functions.
Note: An administrator with user maintenance authority automatically has active user control authority but an administrator with active user control authority only may not add, update, or delete users or passwords, or view other users profiles.
|
Copyright © 2014 CA.
All rights reserved.
|
|