|
|
|
Use the RDEFINE command to define a default utility protection profile for CA Tape Encryption utilities. You can specify this profile globally for all BES subsystems or locally for a specified BES subsystem.
This command has the following format:
RDEF CA@BES BESn.UTILITIES.permissions
OWNER(username)
DATA('comments ')
Specifies the RDEFINE command.
Specifies the general resource class for CA Tape Encryption. This is always CA@BES.
Indicates the local BES subsystem number (1-8). If you specify BES without a subsystem identifier, the profile becomes a global profile and is applied to all BES subsystems.
Specifies that this statement defines the default utilities permissions for the specified BES subsystem.
Specifies the permission setting. Options for this parameter are as follows:
PERMIT
Specifies that the specified utility is permitted for all users on the specified BES subsystem unless otherwise defined.
PROTECT
Specifies that the specified utility is prohibited to all users on the specified BES subsystem unless otherwise defined.
Example: Define and restrict utilities globally on all BES subsystems for RACF
This example defines a global utilities protection profile to IBM Security Server RACF for all eligible utilities for all BES subsystems, indicated by BES with no subsystem identifier, and restricts all users from running these utilities, indicated by UTILITIES.PROTECT. These restrictions can be overridden by a permit option specified for a particular BES subsystem or a particular utility.
RDEF CA@BES BES.UTILITIES.PROTECT
| Copyright © 2011 CA. All rights reserved. | Tell Technical Publications how we can improve this information |