You can use the optional word OVER to narrow the scope of the authorization so that it is valid only when the user ID to whom you are granting authority uses the command on certain user ID. If you do not specify OVER, CA VM:Director treats the authorization as if you specified OVER *ALL, meaning the target of the command authorization can be anyone.
Examples:
This GRANT record allows WOODYB to grant access to the ENG:MISC file space for all users:
GRANT GRANT AUTHORITY ENG:MISC TO WOODYB
However, you want to authorize WOODYB to grant access for only FRAISERC. You can do that by giving WOODYB a narrow authorization for the GRANT AUTHORITY command, specifying the word OVER and FRAISERC as the only user ID over which WOODYB can use the command:
GRANT GRANT AUTHORITY ENG:MISC OVER FRAISERC TO WOODYB
Using the above authorization, WOODYB can give FRAISERC write access to the ENG:MISC.GENERAL directory. WOODYB enters the following command:
vmdirect grant authority eng:misc.general to fraiserc (write
|
Copyright © 2014 CA.
All rights reserved.
|
|