Valid on z/OS and z/VM.
Use the VTHRESH control option to:
This control option uses all entry methods.
This control option has the following format:
VTHRESH(nn,[NOT],[CAN],[WARN]),[SUS],[CAN],[WARN]
,[RES]
Sets the maximum number of resource access violations that a user may accumulate during an online session or job execution. This operand must be specified when changing any of the action operands. Specifying a value of 0, signifies that no violation threshold processing is performed.
Range: 0 to 254
Default: 5
(Default) CA Top Secret issues a message at the security console and the user's terminal to notify the security administrator of a security violation.
For TSO: CA Top Secret will O/S CANCEL the TSO session or batch job, and will issue this message:
TSS7191E JOB/SESSION CANCELLED EXCESSIVE VIOLATIONS
TSS7191E JOB/SESSION CANCELLED EXCESSIVE VIOLATIONS TSS7192E SESSION LOCKED ‑ EXCESSIVE VIOLATIONS: SIGNOFF
For TSO: CA Top Secret will O/S CANCEL the session and suspend the violator's ACID.
For non‑TSO online sessions: CA Top Secret will prevent further access of any kind. This forces the user to sign off.
Resets actions SUS, CAN or WARN to NOT.
Indicates that CAN and SUS is enforced for users operating in WARN mode as well as in FAIL or IMPL.
The VTHRESH option is in effect during WARN, FAIL, and IMPL modes. CA Top Secret will not, however, SUSPEND or CANCEL violators during WARN mode unless VTHRESH(WARN) is set.
TSO users who reach the VTHRESH limit while in ISPF browse or edit is not suspended or cancelled until they leave the screen. VTHRESH operands are not in effect when TSS LOCK is active. You must specify TSS UNLOCK first. Then the VTHRESH options take effect after the next user action. If you want to change the SUSPEND suboption to CANCEL, you must specify the RES suboption first. This resets SUSPEND and CANCEL actions to NOT.
|
Copyright © 2013 CA.
All rights reserved.
|
|