Use the RULEMAP command to display information about a rules file and lists members of security groups. You must have the Rules Facility installed to use this command.
RULEMAP ["Parms"] Parms:
USER [userid] [(PRINT] | ANY [groupname ] [(PRINT] | GROUP [groupname] [(PRINT] | TERM [groupname] [(PRINT] | MEMBERS [groupname] [(EXEC]
Lists all rules that refer to a user ID. If you specify userid, the command lists all the rules that apply to that user ID; if you do not specify a user ID, it lists all the rules that apply to your own user ID.
Lists all the rules that apply to all members of the specified security group. If you do not specify groupname, the command lists all the rules that apply to all members of the system.
Lists all the rules for a security group. If you specify groupname, the command lists all the rules that apply to that security group; if you do not specify a group name, it lists all the rules that apply to your security group—the one specified on the ACIGROUP statement in your directory entry.
Lists the members of a security group. If you specify groupname, the command lists the members of that security group; if you do not specify a group name, the command lists the members of your security group—the one specified on the ACIGROUP statement in your directory entry.
Users on HOLD will not be in the list for the ACIGROUP specified or the default ACI GROUP of the user issuing the command if an ACIGROUP is not specified.
Lists all the logon rules with specific terminal addresses that were created for members of the specified security group. If you do not specify groupname, the command lists the logon rules with specific terminal addresses for all members of the system.
Sends the rule references to your spooled printer instead of to your terminal.
Writes the output to a CMS EXEC file on your A‑disk.
The CMS EXEC file created with the EXEC option of the RULEMAP MEMBERS command contains a record for each user ID in the specified security group. The format of each record is:
&1 &2 &3 userid &4 &5
You can use the file with the CA VM:Secure RULEMAP USER command to map all rules for members of the security group.
The RULEMAP command displays different information for different types of users. It is available only when the Rules Facility is installed.
Information the RULEMAP command can display depends on how your user authorizations are set up, but typically includes the following:
|
These users: |
Can display: |
|---|---|
|
System administrators |
Rules file information at the system, security group, or user level |
|
Security group managers |
Rules file information for the security group they manage and for any member of their security group |
|
Users |
Rules file information about their own rules file and any security group of which they may be a member |
Example
To see which rules have been created that pertain to your user ID (SAM), enter:
vmsecure rulemap
CA VM:Secure responds:
ENTER YOUR LOGON PASSWORD:
Enter your password. CA VM:Secure displays the rules for your user ID:
DEFAULT SYSRULES: ACCEPT SAM AUTOLOG ( HISTORY OVERRIDE SYSRULES: ACCEPT SAM MEMBER JOHN USRRULES: ACCEPT SAM LINK * * ( HISTORY
You do not need to specify your user ID, since that is the default. In this example, a system default rule allows SAM to autolog other virtual machines, and places a history statement in the other user directory entry whenever this occurs. The system override rule allows SAM to become a temporary member of any security group. Finally, user ID JOHN has created a rule allowing SAM to link to any of his virtual devices in any link mode with a record of the links being entered in JOHN’s history information.
|
Copyright © 2014 CA.
All rights reserved.
|
|