Prior to turning SFS ESM protection on the rules in place, using GRANT AUTHORITY, existing SFS commands should be transformed into CA Top Secret commands. Do this by executing the CAKVSFS EXEC. The CAKVSFS EXEC is installed on the CA-Activator disk that was specified as the disk that will contain CA Top Secret.
This exec must be invoked by an SFS administrator for each filepool to be ESM protected. It will generate one file for each filepool owner and that file will contain commands to be given to CA Top Secret to add external security protection to the directories and files in the filepools. The file name of each file is equal to the user ID of the directory owner; the file type is TSSCMDS. These command files should be reviewed for accuracy prior to being given to CA Top Secret. The value used for the ACID in each TSS ADD command defaults to SFSOWN. This can be changed if necessary.
This EXEC has the following format:
CAKVSFS AP outmode SFSOWN
Indicates the name of the SFS filepool to be examined.
Specifies the accessed disk to which the TSS commands is written.
Specifies the ACID to be used for TSS ADD commands.
|
Copyright © 2013 CA.
All rights reserved.
|
|