DATA authorities designate which portions of a security record the security administrator can display when issuing a TSS LIST command. The following list describes some of the operands that are used with the DATA keyword:
Lists general ACID information, such as name, type and facility restrictions
Lists the session key used to verify that one LU is authorized to link to another LU for the purposes of APPC conversation processing
Lists the SYSOUT delivery and accounting information associated with the ACID
Lists resources PERMITted by an ACID within his scope, including information about what access levels are allowed and which ACID owns the resource
Lists information about resources owned by an ACID
Lists information about the ACID's input device restrictions (such as terminals or CPUs)
Lists information about the ACID's administrative authorities
Lists the ACID's password expiration date and interval
Lists the profiles attached to the ACID
Lists the expiration date for a temporary profile or group.
In the case of the DATA keyword, the ALL operand does not confer, by itself, all of the associated authorities. You must also specify PASSWORD, EXPIRE and SESSKEY (due to the sensitive nature of passwords and SESSKEY information) and PROFILE (because the profiles connected to an ACID may not fall under the scope of the security administrator). For example, to give the FINVCA security administrator the authority to list every possible item of security record information, you would have to issue the following command:
TSS ADMIN(FINVCA) DATA(ALL,PWVIEW,PROFILE,SESSKEY)
SESSKEY applies only to the APPCLU Record.
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|