RTVSYSSEC -- Retrieve System Security

RTVSYSSEC Retrieve System Security TAASEHV
The Retrieve System Security command retrieves the overall system security values including the current and pending security level, current and pending password level, whether changes can be made to security system values, whether to allow digital certificates to be added, and whether the service tools password can be changed. The QSYRTVSA API is used. A typical series of commands would be: DCL &ALWSECCHG CHAR LEN(4) . RTVSYSSEC ALWSECCHG(&ALWSECCHG) YES is returned if CHGSYSVAL can be used on the security system values. NO is returned if the security system values are locked down. One or more return variables must be specified. RTVSYSSEC escape messages you can monitor for --------------------------------------------- None. Escape messages from based on functions will be re-sent. RTVSYSSEC Command parameters CMD ---------------------------- CURSECLVL The current security level. This is the same value as the QSECURITY system value. This is an optional return variable that if used must be specified as CHAR LEN(2). PNDSECLVL The pending security level. This is the security level the system will use after the next IPL. This is an optional return variable that if used must be specified as CHAR LEN(2). CURPWDLVL The current password level. This is the same value as the QPWDLVL system value. This is an optional return variable that if used must be specified as CHAR LEN(1). PNDPWDLVL The pending password level. This is the password level the system will use after the next IPL. This is an optional return variable that if used must be specified as CHAR LEN(1). ALWSECCHG A YES/NO return value for whether security system values can be changed. YES indicates that CHGSYSVAL may be used. NO indicates that the security system values have been locked using DST or SST. This is an optional return variable that if used must be specified as CHAR LEN(4). ALWDGTCERT A YES/NO return value for whether digital certificates can can be added to the certificate store. YES indicates that they may be added. NO indicates that they may not be added. This is an optional return variable that if used must be specified as CHAR LEN(4). ALWSRVPWD A YES/NO return value for whether the service tools user ID with a default password that is expired can change its own password. YES indicates that they may make a change. NO indicates that they may not make a change. This is an optional return variable that if used must be specified as CHAR LEN(4). Restrictions ------------ Because RTVSYSSEC returns variables, the command may only be used in a CL program. Prerequisites ------------- The following TAA Tools must be on your system: SNDESCINF Send escape information SNDESCMSG Send escape message Implementation -------------- None, the tool is ready to use. Objects used by the tool ------------------------ Object Type Attribute Src member Src file ------ ---- --------- ---------- ---------- RTVSYSSEC CMD TAASEHV QATTCMD TAASEHVC *PGM CLP TAASEHVC QATTCL

RTVSYSSEC       Retrieve System Security               TAASEHV


The  Retrieve System  Security  command  retrieves the  overall  system
security  values  including the  current  and  pending security  level,
current  and pending  password level,  whether changes  can be  made to
security system  values, whether to  allow digital  certificates to  be
added,  and whether the  service tools  password can  be changed.   The
QSYRTVSA API is used.

A typical series of commands would be:

             DCL        &ALWSECCHG *CHAR LEN(4)
              .
             RTVSYSSEC  ALWSECCHG(&ALWSECCHG)

*YES  is  returned if  CHGSYSVAL  can be  used on  the  security system
values.   *NO is  returned if  the security  system  values are  locked
down.

One or more return variables must be specified.

RTVSYSSEC escape messages you can monitor for
---------------------------------------------

None.  Escape messages from based on functions will be re-sent.

RTVSYSSEC Command parameters                         *CMD
----------------------------

   CURSECLVL     The current  security level.   This is the  same value
                 as  the QSECURITY system  value.  This  is an optional
                 return variable  that if  used  must be  specified  as
                 *CHAR LEN(2).

   PNDSECLVL     The  pending security  level.   This  is the  security
                 level the  system will use  after the next  IPL.  This
                 is  an optional return  variable that if  used must be
                 specified as *CHAR LEN(2).

   CURPWDLVL     The current password  level.  This  is the same  value
                 as  the QPWDLVL  system value.   This  is  an optional
                 return  variable  that if  used must  be  specified as
                 *CHAR LEN(1).

   PNDPWDLVL     The pending  password level.    This is  the  password
                 level the  system will use after  the next IPL.   This
                 is  an optional return  variable that if  used must be
                 specified as *CHAR LEN(1).

   ALWSECCHG     A *YES/*NO return  value for  whether security  system
                 values  can   be   changed.     *YES  indicates   that
                 CHGSYSVAL  may  be  used.    *NO  indicates  that  the
                 security  system values have been  locked using DST or
                 SST.   This is  an  optional return  variable that  if
                 used must be specified as *CHAR LEN(4).

   ALWDGTCERT    A   *YES/*NO   return   value  for   whether   digital
                 certificates  can  can  be  added  to  the certificate
                 store.  *YES  indicates that they may  be added.   *NO
                 indicates that  they may  not be  added.   This is  an
                 optional   return  variable  that  if   used  must  be
                 specified as *CHAR LEN(4).

   ALWSRVPWD     A  *YES/*NO  return  value  for  whether  the  service
                 tools  user  ID  with  a   default  password  that  is
                 expired can  change its own password.   *YES indicates
                 that  they  may make  a  change.   *NO  indicates that
                 they may  not  make a  change.   This  is an  optional
                 return  variable that  if  used must  be specified  as
                 *CHAR LEN(4).


Restrictions
------------

Because  RTVSYSSEC returns variables,  the command may only  be used in
a CL program.

Prerequisites
-------------

The following TAA Tools must be on your system:

     SNDESCINF       Send escape information
     SNDESCMSG       Send escape message

Implementation
--------------

None, the tool is ready to use.

Objects used by the tool
------------------------

   Object        Type    Attribute      Src member    Src file
   ------        ----    ---------      ----------    ----------

   RTVSYSSEC     *CMD                   TAASEHV       QATTCMD
   TAASEHVC      *PGM       CLP         TAASEHVC      QATTCL

Added to TAA Productivity tools January 15, 2009

Home Page

Up to Top