Example Functional Authority Profiles

In the sample screens below, YES next to a command means that the security level is authorized to execute the command, NO means that the security level is not authorized to execute the command, and SUB means that the security level is authorized to execute the command only if the Process was submitted by the particular user.

The following example shows the User Authorization screen for the administration authority (ADMDSN=file name, ADMVOL=volser).

Note: You can access the User Authorization screen through the IBM® Connect:Direct® Primary Options Menu. This menu and its options are discussed in the chapter on the Interactive User Interface in IBM Connect:Direct for z/OS® User Guide. The User Authorization screen lists all the commands a particular user is authorized and not authorized to execute.

.

 node.name                   USER AUTHORIZATION                          13:30
 CMD ==>

            AUTH  COMMAND                       AUTH  COMMAND
         ---------------------------        ---------------------------
         1) YES - CHANGE PROCESS            15) YES - SELECT TASK
         2) YES - DELETE PROCESS            16) YES - SELECT TYPE
         3) YES - DELETE TYPE               17) YES - SELECT USER
         4) YES - DELETE USER               18) YES - SUBMIT PROCESS
         5) YES - FLUSH PROCESS             19) YES - SUBMIT WITHIN PROC
         6) YES - FLUSH TASK                20) YES - SUSPEND PROCESS
         7) Y/Y - INSERT/UPDATE TYPE        21) YES - STAT COMMAND
         8) Y/Y - INSERT/UPDATE USER        22) YES - EVENT COMMAND
         9) YES - MODIFY (TRACE)            23) YES - VIEW PROCESS
        10) YES - STOP Connect:Direct       24) YES - PERFORM CRC OVERRIDES
        11) YES - UPDATE NETWORK MAP        25) NO  - CONFIRM DELETE
        12) YES - SELECT NETWORK MAP        26) NO  - CONFIRM DEL OFF
        13) YES - SELECT PROCESS            27) Y/Y - SECURE+ ADMIN/CMDS
        14) YES - SELECT STATISTICS         28) NO  - UPDATE INITPARM

The following example shows the User Authorization screen for the DB2 data base administrator authority (DBADSN=file name, DBAVOL=volser).

 node.name                    USER AUTHORIZATION                          hh:mm
 CMD ==>

            AUTH  COMMAND                       AUTH  COMMAND
         ---------------------------        ---------------------------
         1) SUB - CHANGE PROCESS            15) SUB - SELECT TASK
         2) SUB - DELETE PROCESS            16) YES - SELECT TYPE
         3) YES - DELETE TYPE               17) NO  - SELECT USER
         4) NO  - DELETE USER               18) YES - SUBMIT PROCESS
         5) SUB - FLUSH PROCESS             19) YES - SUBMIT WITHIN PROC
         6) SUB - FLUSH TASK                20) SUB - SUSPEND PROCESS
         7) Y/Y - INSERT/UPDATE TYPE        21) NO  - STAT COMMAND
         8) N/N - INSERT/UPDATE USER        22) NO  - EVENT COMMAND
         9) NO  - MODIFY (TRACE)            23) SUB - VIEW PROCESS
        10) NO  - STOP Connect:Direct       24) YES - PERFORM CRC OVERRIDES
        11) NO  - UPDATE NETWORK MAP        25) NO  - CONFIRM DELETE
        12) NO  - SELECT NETWORK MAP        26) NO  - CONFIRM DEL OFF
        13) SUB - SELECT PROCESS            27) N/N - SECURE+ ADMIN/CMDS
        14) YES - SELECT STATISTICS         28) NO  - UPDATE INITPARM

The following example shows the User Authorization screen for the operator authority (OPRDSN=file name, OPRVOL=volser).

 node.name                    USER AUTHORIZATION                          hh:mm
 CMD ==>

            AUTH  COMMAND                       AUTH  COMMAND
         ---------------------------        ---------------------------
         1) YES - CHANGE PROCESS            15) YES - SELECT TASK
         2) YES - DELETE PROCESS            16) YES - SELECT TYPE
         3) YES - DELETE TYPE               17) NO  - SELECT USER
         4) NO  - DELETE USER               18) YES - SUBMIT PROCESS
         5) YES - FLUSH PROCESS             19) YES - SUBMIT WITHIN PROC
         6) YES - FLUSH TASK                20) YES - SUSPEND PROCESS
         7) Y/Y - INSERT/UPDATE TYPE        21) NO  - STAT COMMAND
         8) N/N - INSERT/UPDATE USER        22) NO  - EVENT COMMAND
         9) YES - MODIFY (TRACE)            23) YES - VIEW PROCESS
        10) YES - STOP Connect:Direct       24) YES - PERFORM CRC OVERRIDES
        11) NO  - UPDATE NETWORK MAP        25) NO  - CONFIRM DELETE
        12) NO  - SELECT NETWORK MAP        26) NO  - CONFIRM DEL OFF
        13) YES - SELECT PROCESS            27) N/N - SECURE+ ADMIN/CMDS
        14) YES - SELECT STATISTICS         28) NO  - UPDATE INITPARM

The following example shows the User Authorization screen for the general user authority (GENDSN=NULLFILE|filename, GENVOL=volser).

 node.name                    USER AUTHORIZATION                          hh:mm
 CMD ==>

            AUTH  COMMAND                       AUTH  COMMAND
         ---------------------------        ---------------------------
         1) SUB - CHANGE PROCESS            15) SUB - SELECT TASK
         2) SUB - DELETE PROCESS            16) YES - SELECT TYPE
         3) YES - DELETE TYPE               17) NO  - SELECT USER
         4) NO  - DELETE USER               18) YES - SUBMIT PROCESS
         5) SUB - FLUSH PROCESS             19) YES - SUBMIT WITHIN PROC
         6) SUB - FLUSH TASK                20) SUB - SUSPEND PROCESS
         7) Y/Y - INSERT/UPDATE TYPE        21) NO  - STAT COMMAND
         8) N/N - INSERT/UPDATE USER        22) NO  - EVENT COMMAND
         9) NO  - MODIFY (TRACE)            23) SUB - VIEW PROCESS
        10) NO  - STOP Connect:Direct       24) YES - PERFORM CRC OVERRIDES
        11) NO  - UPDATE NETWORK MAP        25) NO  - CONFIRM DELETE
        12) NO  - SELECT NETWORK MAP        26) NO  - CONFIRM DEL OFF
        13) SUB - SELECT PROCESS            27) N/N - SECURE+ ADMIN/CMDS
        14) YES - SELECT STATISTICS         28) NO  - UPDATE INITPARM