ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzam4_5.4.0.1/rzam4spcfyauthlist.htm

68 lines
4.4 KiB
HTML
Raw Normal View History

2024-04-02 14:02:31 +00:00
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="concept" />
<meta name="DC.Title" content="Specify an authorization list" />
<meta name="abstract" content="This topic explains how to secure volumes with an authorization list during the import process." />
<meta name="description" content="This topic explains how to secure volumes with an authorization list during the import process." />
<meta name="DC.Relation" scheme="URI" content="rzam4mngoptsectyaud.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2004, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2004, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzam4spcfyauthlist" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Specify an authorization list </title>
</head>
<body id="rzam4spcfyauthlist"><a name="rzam4spcfyauthlist"><!-- --></a>
<img src="./delta.gif" alt="Start of change" /><!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Specify an authorization list </h1>
<div><p>This topic explains how to secure volumes with an authorization
list during the import process.</p>
<p>The authorization list (AUTL) parameter on the Add Optical Cartridge (ADDOPTCTG)
command allows the volumes being imported into an optical media library to
be automatically secured with an authorization list as part of the import
processing.</p>
<p>If no authorization list is specified for a new optical volume (one that
has not been removed with the VOLOPT(*KEEP) option), the default optical authorization
list (QOPTSEC) is used to secure the volume. If the volume was removed with
the VOLOPT(*KEEP) option, the authorization list that previously secured the
volume is used to secure the volume.</p>
<p>The user that adds the optical cartridge does not need to have any authority
to the data on the volume being secured by the authorization list, as long
as the user is not overriding the authorization list that previously secured
a volume that was removed with the VOLOPT(*KEEP) option.</p>
<p>This method is different from the way authorization lists are used to secure
system objects. For example, a system operator should be able to add the PAYROLL
optical disk to the optical media library and secure it with the PAYROLL authorization
list, but not be able to access the data on the PAYROLL optical disk.</p>
<p>To change the authorization list used to secure an optical volume that
was previously removed with the VOLOPT(*KEEP) option, the user issuing the
ADDOPTCTG command must have either *AUTLMGT authority to the authorization
list that previously secured the volume or *ALLOBJ special authority.</p>
<div class="section"><h4 class="sectiontitle">Use authorization list assignment and the Add Optical Server
(ADDOPTSRV) command</h4><p>The Add Optical Server (ADDOPTSRV) command secures
all volumes in the server with the default optical authorization list (QOPTSEC).
The default optical authorization list is used unless a volume
was previously secured with a different authorization list and then removed
using the VOLOPT(*KEEP) option on the Remove Optical Server (RMVOPTSVR) command.</p>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzam4mngoptsectyaud.htm" title="You can secure information on optical media by using i5/OS security functions.">Manage optical security and auditing</a></div>
</div>
</div>
<img src="./deltaend.gif" alt="End of change" /></body>
</html>