|
|
|
Often, a group of users will need to use a set of identical resources in the same way. Since administrators should try to minimize the use of access authorizations made directly to users, it is a good idea, instead, that they define common resource access characteristics, or profiles, which can then be assigned to as many users as is appropriate. By using profiles, administrators can do away with redundant authorizations, thereby making it easier to administer the security database.
A maximum of 254 profiles may be attached to a single user. Profiles cannot be assigned passwords, nor can they be attached to other profiles.
In order to define a profile, the following keywords must be specified with the TSS CREATE command:
Note: The DEPT keyword is only used if the Control ACID issuing the command is an SCA, LSCA, ZCA, or VCA.
For example, if an administrator wants to create a Payroll Department profile, he would enter:
TSS CRE(PAYPR01) TYPE(PROF) NAME('PAYROLL DEPT PROF') DEPT(PAYROLL)
He could then use the PERMIT function to permit resource access authorizations to the profile:
TSS PERMIT(PAYPR01) VMMD(USER01) ACC(READ) TIME(08,19)
| Copyright © 2011 CA. All rights reserved. | Tell Technical Publications how we can improve this information |