About System Profiles
The system profile resource represents a profile that is defined for a given system and can be associated with one or more users.
Although system profile is a resource that you can protect with CA IDMS centralized security, system profiles are not considered part of the security architecture because the scope of their influence on user session attributes is system-wide, not domain-wide.
Until you secure system profiles, any user can create and maintain a system profile.
How to Secure System Profiles
To secure system profiles internally, include an entry in the SRTT:
#SECRTT TYPE=ENTRY, X
RESTYPE=SPRF, X
SECBY=INTERNAL
To secure system profiles externally, include an entry in the SRTT:
#SECRTT TYPE=ENTRY, X
RESTYPE=SPRF, X
SECBY=EXTERNAL, X
Additional parameters required
Note: For more information, see #SECRTT.
Defining a System Profile
You define a system profile with a CREATE SYSTEM PROFILE statement, specifying the profile name and profile attributes.
Note: For more information about defining and maintaining system profiles, see the CA IDMS System Tasks and Operator Commands Guide.
Granting Definition Privileges on System Profiles
You grant definition privileges on systems profiles with a GRANT statement. You can specify any combination of CREATE, ALTER, DROP, and DISPLAY privileges, or you can specify all definition privileges (DEFINE). As a holder of DCADMIN privilege, you can specify WITH GRANT OPTION when you grant definition privileges to allow the recipient to grant the same privileges to another user.
Note: For more information about administering privileges on system profiles, see the following sections in the chapter Syntax for Securing System Resources:
|
Copyright © 2014 CA.
All rights reserved.
|
|