|
|
|
If you use the GENACI command to assign a user ID to a security group, the ACIGROUP statement includes on it the name of the ACI security group you specify in the GENACI command, effectively adding that user to that security group.
A user ID can belong to only one security group at a time. If you assign the user ID to a security group and the user ID already belongs to one, the GENACI command replaces the ACIGROUP statement currently in that user directory entry with the one defined by this GENACI command. If the user ID did not already belong to a security group, the GENACI command simply adds the ACIGROUP statement defined by this GENACI command to that user directory entry.
If you remove a user ID from a security group, the GENACI command removes the ACIGROUP statement from that user directory entry.
The GENACI command always calls the GROUP user exit. This user exit is designed to:
If you specify an asterisk for the ACI group name and the GROUP user exit is not defined in the PRODUCT CONFIG file, a message displays indicating that an invalid group name was specified. If you specify any ACI group name, or omit it completely, and the GROUP user exit is not defined in the PRODUCT CONFIG file, the ACI group name is added or removed, as appropriate.
The security group you specify on this command must be defined on a GROUP record in the SECURITY CONFIG file.
Users can become members of another security group temporarily by using the GROUP command.
Examples
vmsecure genaci frasierc psych
vmsecure query users (manager carlat exec
copyfile cms exec a (spec
CMS prompts:
ENTER SPECIFICATION LIST:
Enter in upper case to add the group name PSYCH:
1‑15 1 /PSYCH/ 17
cms vmsecure genaci
vmsecure genaci frasierc patron
Note:
| Copyright © 2011 CA. All rights reserved. | Tell Technical Publications how we can improve this information |