DSPSPCAUT2 -- Display Special Authority 2

DSPSPCAUT2 DISPLAY SPECIAL AUTHORITY 2 TAASEIQ
The Display Special Authority 2 command displays the combination of special authorities for a user. This includes the special authorities for the user, the group profile, and any supplemental group profiles. Selection can be made on the combined special authorities. DSPSPCAUT2 helps provide a better view of what an individual user can do. You must have ALLOBJ special authority to use DSPSPCAUT2. A typical command would be: DSPSPCAUT2 USER(ALL) SPCAUT(ALLOBJ SPLCTL) Only those users who have a combined authority of both ALLOBJ and SPLCTL would be listed with one line for each. The combined authority comes from the individual user, the group profile (if any) and all supplemental user profiles (if any). If the authorization comes from the user, a 'U' is displayed. If the authorization comes from one of the group or supplemental profiles, a 'G' is displayed. Another typical command would be to list where the special authorities are derived from for a specific user such as: DSPSPCAUT2 USER(xxx) OPTION(DETAIL) If OPTION(DETAIL) is specified, the SPCAUT parameter must be ALL. Using DETAIL will provide one line for the individual profile, one line for the group profile (if any), and one line for each supplemental profile (if any), and one line the combined authority line. The REFRESH parameter defaults to YES meaning the TAASECKP file in TAASECURE is refreshed with the output of all user profiles using DSPUSRPRF before processing. If you are trying different uses of DSPSPCAUT2, you should specify REFRESH(DAYCHG) after the initial use. This will eliminate the use of the long running DSPUSRPRF command and operate directly on the TAASECKP file in TAASECURE. DSPSPCAUT2 escape messages you can monitor for ---------------------------------------------- None. Escape messages from based on functions will be re-sent. DSPSPCAUT2 Command parameters CMD ----------------------------- USRPRF The name of the user profile to process. ALL is the default for all user profiles. A specific name or a generic name may also be entered. OPTION The type of output to be listed. TOTAL is the default to list one line per user with the combined special authorities for the user, the group profile (if any), and for each supplemental group profile (if any). DETAIL may be specified to list one line for the user profile, one line for the group profile (if any), one line for each supplemental group profile, and the combined line. SPCAUT The special authority to select. ALL is the default meaning no selection occurs and all named profiles would be listed. ALL must be specified for OPTION(DETAIL). One or more of the special values may be entered to mean the user must have all of the named values for a line to print. For example, if SAVSYS and SPLCTL are specified, only the users who have a combined set of authorities that includes SAVSYS and SPLCTL would be listed. REFRESH An option to determine if the DSPUSRPRF OUTFILE function is used to refresh the TAASECKP file in the TAASECURE library. The default is YES meaning the file will be refreshed. DAYCHG may be specified which means the file will be refreshed if the last time the file was output was on a different day. DAYCHG assumes that you are using the command repeatedly on the same day, you do not want to keep refreshing the information. NO may be specified to use the existing data. If no data exists, the file is output. OUTPUT How to output the results. * is the default to display the spooled file if the command is entered interactively. The spooled file is deleted after it is displayed. If the command is entered in batch or PRINT is specified, the spooled file is output and retained. Restrictions ------------ You must have ALLOBJ special authority to use DSPSPCAUT2. Prerequisites ------------- The following TAA Tools must be on your system: CHKALLOBJ Check ALLOBJ special authority CHKGENERC Check generic CVTDAT Convert date DSPSECRVW Display security review EXTLST2 Extract list 2 RTVDAT Retrieve date RTVSYSVAL3 Retrieve system value 3 SNDCOMPMSG Send completion message SNDESCINF Send escape information SNDESCMSG Send escape message SNDSTSMSG Send status message Implementation -------------- None, the tool is ready to use. Objects used by the tool ------------------------ Object Type Attribute Src member Src file ------ ---- --------- ---------- ---------- DSPSPCAUT2 CMD TAASEIQ QATTCMD TAASEIQC PGM CLP TAASEIQC QATTCL TAASEIQC2 PGM CLP TAASEIQC2 QATTCL TAASEIQR *PGM RPG TAASEIQR QATTRPG

DSPSPCAUT2      DISPLAY SPECIAL AUTHORITY 2            TAASEIQ


The Display  Special Authority  2 command  displays the combination  of
special   authorities  for  a   user.     This  includes   the  special
authorities  for  the user,  the  group profile,  and  any supplemental
group  profiles.   Selection  can  be  made  on  the  combined  special
authorities.    DSPSPCAUT2 helps  provide  a  better  view of  what  an
individual user can do.

You must have *ALLOBJ special authority to use DSPSPCAUT2.

A typical command would be:

             DSPSPCAUT2  USER(*ALL) SPCAUT(*ALLOBJ *SPLCTL)

Only  those users  who have  a combined authority  of both  *ALLOBJ and
*SPLCTL  would be  listed  with  one  line  for  each.    The  combined
authority comes  from the individual user,  the group profile  (if any)
and all supplemental user profiles (if any).

If the  authorization comes from the user, a 'U'  is displayed.  If the
authorization comes from one of  the group or supplemental profiles,  a
'G' is displayed.

Another  typical   command  would   be  to   list  where  the   special
authorities are derived from for a specific user such as:

             DSPSPCAUT2  USER(xxx) OPTION(*DETAIL)

If  OPTION(*DETAIL) is specified,  the SPCAUT  parameter must  be *ALL.
Using  DETAIL will  provide one  line for  the individual  profile, one
line  for  the  group   profile  (if  any),  and  one  line   for  each
supplemental  profile (if  any), and  one line  the  combined authority
line.

The  REFRESH parameter  defaults to *YES  meaning the  TAASECKP file in
TAASECURE is  refreshed with  the  output of  all user  profiles  using
DSPUSRPRF  before processing.   If  you  are trying  different uses  of
DSPSPCAUT2,  you  should  specify  REFRESH(*DAYCHG)  after the  initial
use.   This  will eliminate  the  use  of the  long  running  DSPUSRPRF
command and operate directly on the TAASECKP file in TAASECURE.

DSPSPCAUT2 escape messages you can monitor for
----------------------------------------------

None.  Escape messages from based on functions will be re-sent.

DSPSPCAUT2 Command parameters                         *CMD
-----------------------------

   USRPRF        The name  of the  user profile  to process.   *ALL  is
                 the default  for all user  profiles.  A  specific name
                 or a generic name may also be entered.

   OPTION        The type of output to be listed.

                 *TOTAL  is the default to list  one line per user with
                 the combined  special authorities  for  the user,  the
                 group  profile (if  any),  and  for each  supplemental
                 group profile (if any).

                 *DETAIL  may be  specified  to list  one line  for the
                 user profile,  one  line  for the  group  profile  (if
                 any), one  line for  each supplemental  group profile,
                 and the combined line.

   SPCAUT        The special authority to select.

                 *ALL  is the default  meaning no  selection occurs and
                 all named  profiles would  be listed.   *ALL  must  be
                 specified for OPTION(*DETAIL).

                 One or more  of the special  values may be  entered to
                 mean the  user must have  all of the  named values for
                 a  line  to  print.    For  example,  if  *SAVSYS  and
                 *SPLCTL  are specified,  only  the  users who  have  a
                 combined  set  of  authorities that  includes  *SAVSYS
                 and *SPLCTL would be listed.

   REFRESH       An  option  to  determine  if  the  DSPUSRPRF  OUTFILE
                 function is used to refresh  the TAASECKP file in  the
                 TAASECURE library.   The default  is *YES  meaning the
                 file will be refreshed.

                 *DAYCHG  may be  specified which  means the  file will
                 be refreshed  if the  last time  the file  was  output
                 was on  a  different day.   *DAYCHG  assumes that  you
                 are  using the  command  repeatedly on  the  same day,
                 you  do not  want to keep  refreshing the information.

                 *NO may  be specified to  use the  existing data.   If
                 no data exists, the file is output.

   OUTPUT        How  to output  the  results.   *  is  the default  to
                 display  the spooled  file if  the command  is entered
                 interactively.  The spooled  file is deleted after  it
                 is displayed.

                 If  the  command is  entered  in  batch or  *PRINT  is
                 specified,  the spooled  file is output  and retained.


Restrictions
------------

You must have *ALLOBJ special authority to use DSPSPCAUT2.

Prerequisites
-------------

The following TAA Tools must be on your system:

     CHKALLOBJ       Check *ALLOBJ special authority
     CHKGENERC       Check generic
     CVTDAT          Convert date
     DSPSECRVW       Display security review
     EXTLST2         Extract list 2
     RTVDAT          Retrieve date
     RTVSYSVAL3      Retrieve system value 3
     SNDCOMPMSG      Send completion message
     SNDESCINF       Send escape information
     SNDESCMSG       Send escape message
     SNDSTSMSG       Send status message

Implementation
--------------

None, the tool is ready to use.

Objects used by the tool
------------------------

   Object        Type    Attribute      Src member    Src file
   ------        ----    ---------      ----------    ----------

   DSPSPCAUT2    *CMD                   TAASEIQ       QATTCMD
   TAASEIQC      *PGM       CLP         TAASEIQC      QATTCL
   TAASEIQC2     *PGM       CLP         TAASEIQC2     QATTCL
   TAASEIQR      *PGM       RPG         TAASEIQR      QATTRPG

Added to TAA Productivity tools January 15, 2011

Home Page

Up to Top