|
|
|
DATA authorities designate which portions of a Security Record the Security Administrator can display when he issues a TSS LIST command. Some of the operands used with the DATA keyword include:
Lists general ACID information, such as name, type and facility restrictions
Lists the session key used to verify that one LU is authorized to link to another LU for the purposes of APPC conversation processing
Lists the SYSOUT delivery and accounting information associated with the ACID
Lists resources PERMITted by an ACID within his scope, including information about what access levels are allowed and which ACID owns the resource
Lists information about resources owned by an ACID
Lists information about the ACID's input device restrictions (such as terminals or CPUs)
Lists information about the ACID's administrative authorities
Lists the ACID's password expiration date and interval
Lists the ACID's actual password as well as the expiration date and interval
Lists the profiles attached to the ACID
Lists the expiration date for a temporary profile or group.
In the case of the DATA keyword, the ALL operand does not confer, by itself, all of the associated authorities. You must also specify PASSWORD, PWVIEW, EXPIRE and SESSKEY (due to the sensitive nature of passwords and SESSKEY information) and PROFILE (because the profiles connected to an ACID may not fall under the scope of the Security Administrator). For example, to give the FINVCA security administrator the authority to list every possible item of Security Record information, you would have to issue the following command:
TSS ADMIN(FINVCA) DATA(ALL,PWVIEW,PROFILE,SESSKEY)
Note: The PWVIEW authority level is only honored if the PWVIEW control option is set to YES.
SESSKEY only applies to the APPCLU Record.
| Copyright © 2011 CA. All rights reserved. | Tell Technical Publications how we can improve this information |