Initialization › Initialization Parameter Statement Descriptions › SECUOPT

SECUOPT

Syntax

SECUOPT=nn

Description

This parameter specifies special security options; these options change the way CA Spool performs security checking.

• In general, we recommend that you not use SECUOPT.
• The SECUEXT=SAF facility has been developed to support most of the functions that were provided by SECUOPT.
• The following options are available:
  • 1—Provides support for generic user IDs. The last four bytes of the user ID being checked are changed to spaces, and the request is checked again using the resulting value as user ID.
  • 6—Allows all externally SAF defined users to access all CA Spool groups; they are considered to have AUTH=1, and their default group is 1.
  • 8—Lets all users create files in all groups.
  • 9—Lets all users perform open output initial and open output modify to any file destination.
  • 10—Let ESFSECU4 use MSGSUPP=YES (suppress WTOs) on RACROUTE VERIFY and AUTH calls, where no password checking is being done. Using MSGSUPP=YES will not affect the logging of security violations to SMF.
  • 11—Enable access to the Virtual Printer Menu for non-authorized users. A usermod to update ESFHPARM to set OPT3 bit OPT3FEV is also required.
  • 12—Provide user ability to handle all reports that are queued for printers that the user has security authorization to handle. This is called User Related View.
  • 13—For printers defined with NJEDEST=NJE node use file's remote destination if valid as default file group.

There is no default value.