Specific Control Options

Specific Control Options

This chapter provides the format, defaults, entry methods, and descriptions of the CA Top Secret control options.

This section contains the following topics:

ABEND—Terminate Server

ADABAS—ControlsSVC Numbers

ADMINBY—Record Administration Information

ADSP—Security Indicator

AUDFIL2—Identify the Alternate Audit/Tracking File

AUDFILE—Identify the Audit/Tracking File

AUDIT(SWITCH)—Switch to Alternate Audit Tracking File

AUDIT—Restart Audit Task

AUTH—Merge Records for Search

AUTOEDSN—Edit AUTOERASE Data

AUTOERASE—Control Automatic Data Erase

BACKUP—Backup the Security File

BATCHCAN—Cancel Batch Job

BKPFILE—Identify Backup File

BYPASS—Bypass Resource Checking

CACHE—Reserve Memory

CANCEL—Allow Operating System CANCEL

CCIVM—Identify Virtual Machine for CAICC

CHOWNURS—Allow CHOWN Command

CMDNUM—Number of Command Processors

CPF—Activate Command Propagation Facility at Startup

CPFFILE—Identify CPF Recovery File

CPFLOCAL—Identify CPF Node Name

CPFNODE—CPF Node Changes

CPFNODES—Identify Remote Nodes for CPF

CPFOUT—Identify Virtual Machine for CPF Journal Files

CPFRCVUND—Receive Commands from Undefined Nodes

CPFSTATUS—Display Status of CPF Options

CPFTARGET—TARGET Keyword Default

CPFTRACE—Debugging Tool

CPFWAIT—WAIT Keyword Default

DATE—Date Format

DB2FAC—Group and Protect DB2 Subsystems

DEBUG—Produce Dumps

DFLTRNGG—GID Default Range

DFLTRNGU—UID Default Range

DIAGTRAP—Produce Diagnostic Dump

DISPMASK—Display Attribute of MASK

DL1B—PSB and DBD Security

DOWN—Inactive Characteristics

DRC—Detailed Error Reason Code Characteristics

DUFPGM—Program to Use INSTDATA

DUMP—Dump Control Blocks

ETRLOG—Send Security Events

ETROPTS—Events Sent

EXIT—Installation Exit

EXPDAYS—Security File Expiration Interval

FACILITY—System Facility Processing

GOSETGID—SAF Callable Service

HFSACL—HFS File System

HFSSEC—HFS Security On or Off

HPBPW—Expired Password for Batch Job

IMS—Control IMS Security Processing

INACTIVE—Deny Use of Unused ACIDs

INSTDATA—Global Installation Area

IOTRACE—Trace Activity

JCT—JES2 JCT Offsets

JES—JES Subsystem Information

JESNODE—JES Local Node Name

KERBLVL—Highest Kerberos Encryption Level Available

LDAPNODE—LDAP Node

LDS—LDAP Outbound Processing

LDSRETRY—LDS Server Retry Count

LDSTIMEOUT—LDS Server Timeout

LDSTRACE—Control LDS Tracing

LMPCHECK—Verify LMP Key

LOG—Events to be Logged

LUUPDONCE—Force Statistics Update

MLACTIVE—Multilevel Security Checking

MLFSOBJ—UNIX Labels

MLIPCOBJ—UNIX IPC Labels

MLMODE—Multilevel Security Mode

MLNAME—Name Display

MLSECAUD—Multilevel Seclabel Auditing

MLWRITE—Data Write

MODE—Security Mode

MSUSPEND—MSCA ACID Protection

NEWPHRASE—Password Phrase Rules

NEWPW—Password Alterations

NJEUSR—NJE Store and Forward Nodes ACID

NPPTHRESH—Maximum Password Phrase Attempts

NPWRTHRESH—New Password Reverification Threshold

OMVSGRP—OMVSGRP Segment

OMVSTABS—UID and GID Tables

OMVSUSR—OMVS Segment for Extract

OPTIONS—Replace Old APARs

OPTIONS (z/VM)—Replace Fixes from Prior Product Releases

PASSCHAR—Password Valid Characters

PDSPROT—Protected PDSs

PER—Event Recording

POSIXMGRP—Enable OpenEdition

PPEXP—Days Before Password Phrase Expires

PPHIST—Number of Password Phrases Recorded

PPHRASE—Allow Password Phrases for z/VM

PPSCHAR—Special Characters in Password Phrases

PRODUCTS—Special Products

PROFINTERVAL—Profile Non-refreshable Period

PTHRESH—Password Violation Threshold

PTKRESCK—Pass Ticket Authorization

PWEXP—Password Expiration Interval

PWHIST—Number of Previous Passwords Retained

PWVERIFY—Force Password Verification

PWVIEW—(Obsolete)

RCACHE—Cache Hardening

RCQNAME—Caches Hardening Selection

RDT2BYTE—(Obsolete)

RECFILE—Identify Recovery File

RECOVER—Record Changes in Recovery File

REFRESH—Reinitialize CA—CAF Modules into CSA

REINIT—Control Blocks and Modules

RESETEOD—Restart After Z Stop

RESETSTATS—Reset Stats Counters

RPW—Restricted Password List

SECCACHE—Security Record Cache

SECFILE—Security File Name

SECTRACE—Security Trace

SHRFILE—Share Files

SHRPROF—Shared Profile Table

SHUTDOWN—Shutdown Server

SMA—Start SMA Dynamically

SMFTYPE—Change SMF Record Type

ST—Control Option Display

STATREC—Statistics Processed

STATS—Display Statistics

STATSLOG—Statistics Dataset Name

STATUS—Display Control Option Settings

SUBACID—Batch Job ACIDs

SVCDUMP—System Dump

SWAP—Program Shopping

SYNCH—Synchronize Tables

SYSOUT—Diagnostic Log

SYSPLEX—XES and XCF Availability

TAPE—Tape Protection

TEMPDS—Protect Temporary Data Sets

TEXTTSS—Report and Message Text

TIMELOCK—Lock Interval

TIMER—AUDIT/TRACKING File Write Interval

TNGMON—Error Messages

TSS—Console Prompts

TSSCMDOPT—z/VM Command Defaults

TSSCMDOPTION—Command Defaults

UNIXOPTS—Special Options for USS

UPCASE—Upper Case Messages

VERSION—Version Display

VMDEBUG—Internal Debugging

VMFAC—Group z/VM Systems

VMLOGID—Message Identifier

VMTRACE—Specify Trace Data

VSAMCAT—Catalog Volume Check

VTHRESH—Access Violation Response

XCF(*)—Information to Remote Systems

Copyright © 2013 CA. All rights reserved.