Change Managed System Atr (CHGMGDSYSA)

Where allowed to run: All environments (*ALL)
Threadsafe: No 		Parameters
Examples
Error messages

The Change Managed System Attributes (CHGMGDSYSA) command updates the system wide configuration attributes that are unique to the Managed System Services licensed program.

These attributes enable the user to control which activities are accepted by the managed system and under which user profile the activity is run.

If the change control server attributes are changed while the managed system functions are active, you must do the following:

  1. End the managed system functions (ENDMGDSYS command).
  2. Start the managed system functions (STRMGDSYS command).

Restrictions:

  1. The distribution security program, the default user profile, and the remote command security program must exist when the command is processed.
  2. You must have *ALLOBJ special authority to the security program, the default user profile, and the remote command security program.
Top

Parameters

Keyword Description Choices Notes
ACCRCVCRQA Accept received activities *SAME, *NO, *YES Optional, Positional 1
SECPGM Distribution security pgm Single values: *SAME, *DFT, *NONE
Other values: Qualified object name		 Optional
Qualifier 1: Distribution security pgm Name
Qualifier 2: Library Name, *LIBL, *CURLIB
DFTUSRPRF Default user profile Simple name, *SAME, *NONE, *REQUESTER Optional
INACTITV Inactive user time-out 0-999, *SAME, *NONE Optional
SNDINTRSP Send intermediate responses *SAME, *NO, *YES Optional
PFXTOKEN Global name prefix tokens Single values: *SAME, *NONE
Other values (up to 4 repetitions): Character value, *SAME, *NONE		 Optional
RMTSECPGM Remote command security pgm Single values: *SAME, *DFT
Other values: Qualified object name		 Optional
Qualifier 1: Remote command security pgm Name
Qualifier 2: Library Name, *LIBL, *CURLIB
MAXDTA Maximum return data 1-99999, *SAME, *NOMAX Optional
DLTSPLF Delete spool file *SAME, *YES, *NO, *SUCCESS Optional
KEY Remote command key Character value, *SAME, *NONE Optional
Top

Accept received activities (ACCRCVCRQA)

Specifies whether change request activities are to be accepted for processing.

*SAME
The value does not change.
*YES
Change request activities received from remote systems are accepted.
*NO
Change request activities are not accepted.
Top

Distribution security pgm (SECPGM)

Specifies the distribution security program to be used. The specified program is run when a request is received to determine which requests are accepted.

*SAME
The value does not change.
*DFT
The default distribution security program is used. This distribution security program allows PTFs and products to be received but not applied to the system. The program does not allow other objects to be manipulated.
*NONE
No distribution security program is specified. All activities are accepted when ACCRCVACT(*YES) is specified. The default user profile is used to process the activity.

The name of the object can be qualified by one of the following library values:

*LIBL
All libraries in the job's library list are searched until the first match is found.
*CURLIB
The current library for the job is searched. If no library is specified as the current library for the job, the QGPL library is used.
library-name
Specify the name of the library to be searched.
program-name
Specify the name of the distribution security program.
Top

Default user profile (DFTUSRPRF)

Specify the default user profile used for the change request activity if no distribution security program has been specified. The user profiles QSECOFR, QSPL, QDOC, QDBSHR, QRJE, QSYS, QLPAUTO, QLPINSTALL, QTSTRQS, and QDFTOWN are not valid entries for this parameter.

*SAME
The value does not change.
*REQUESTER
Activities will be processed using the same user profile that initiated the request at the central site system. If the originating user profile does not exist in this managed system, the activities are not accepted.
*NONE
No default user profile is specified for processing requests. A distribution security program must be specified and must indicate the name of the user profile to use if activities are to be processed.
user-profile-name
Specify the name of the user profile object to be used.
Top

Inactive user time-out (INACTITV)

Specifies the number of minutes jobs should wait to receive a remote command request or a change request activity. If no activity is received during the specified time period, the job processing the activity is ended. A new job is started when a new activity is received.

*SAME
The value does not change.
*NONE
No time-out value is specified.
time-out interval
Specify the number of minutes for an inactive job to wait for additional requests. Valid values range from 0 through 999.
Top

Send intermediate responses (SNDINTRSP)

Specifies whether intermediate responses are sent to the central site system. Intermediate responses may require activation of a switched communication link.

*SAME
The value does not change.
*YES
Intermediate responses are sent.
*NO
Intermediate responses are not sent.
Top

Global name prefix tokens (PFXTOKEN)

Specifies the set of tokens which, when found at the beginning of a global name, indicate a standard iSeries object name can be found in the global name. In order to use standard iSeries object names for distribution, a consistent set of tokens must be used on all systems in the network. Token names must be unique to ensure they are not used in global names being added to the distribution catalog.

You can enter multiple values for this parameter.

*SAME
The value does not change.
*NONE
No prefix tokens are used. All objects to be changed are identified in the catalog.
prefix-token-value
Specifies a set of tokens which indicate a standard iSeries name can be found in the global name. The SystemView Distribution catalog is not used for objects with global names starting with these prefix tokens. One to four tokens may be specified with a total length not to exceed 20 characters. The first token is recommended to be an enterprise ID or network ID.
Top

Remote command security pgm (RMTSECPGM)

Specifies the remote command security program to be used. The specified program is run when a request to run a command is received from a central site system. This program determines if the request is accepted and under which user profile it should be run.

*SAME
The value does not change.
*DFT
The default remote command security program is used. This security program allows all commands to be received and run on the system.

The name of the object can be qualified by one of the following library values:

*LIBL
All libraries in the job's library list are searched until the first match is found.
*CURLIB
The current library for the job is searched. If no library is specified as the current library for the job, the QGPL library is used.
library-name
Specify the name of the library to be searched.
program-name
Specify the name of the security program.
Top

Maximum return data (MAXDTA)

Specifies the limitation in Kbytes for the maximum amount of data that can be returned to the central site system when a remote command request is processed.

*SAME
The value does not change.
*NOMAX
No limitation for the amount of returned data.
number-of-kilobytes
Specify the number of kilobytes for the amount of data that can be returned to the central site system when a remote command request is processed. Valid values range from 1 through 99999.
Top

Delete spool file (DLTSPLF)

Specifies whether the spooled file is deleted after a remote command request is completed.

*SAME
The value does not change.
*YES
The spooled file is deleted.
*NO
The spooled file is not deleted.
*SUCCESS
The spooled file is deleted only when the request completes successfully. The request is successful if no escape messages are received while running the command.
Top

Remote command key (KEY)

Specifies the key that is used for encoding or decoding the remote command request. The values must be the same for the system that sends the remote command and for the system that receives the remote command.

*SAME
The value does not change.
*NONE
No encoding or decoding key is used.
key
Specify a 64-byte character string as a character string or hexadecimal string.
Top

Examples

Example 1: Configuring the Central Site System 

CHGMGDSYSA   ACCRCVACT(*YES)  SECPGM(*NONE)  DFTUSRPRF(QUSER)
             INACTITV(30)  SNDINTRSP(*YES)
             PFXTOKEN(ABCCO AUTOMAP)

This command configures the central site system to support change request activities and run them under the QUSER user profile. Intermediate responses are sent. Global names beginning with ABCCO AUTOMAP are reserved for sending objects using standard i5/OS object names. If a request is not received for 30 minutes, any jobs waiting to process requests are ended.

Example 2: Configuring the Remote Command Function 

CHGMGDSYSA   RMTSECPGM(*DFT)  DLTSPLF(*SUCCESS)
             MAXDTA(*NOMAX)  KEY(*NONE)

This command configures the remote command function to use the default remote command security program, deletes spooled files when the request is run successfully, and specifies no limitation for the amount of returned data.

Top

Error messages

*ESCAPE Messages

MSS0413
Default user profile &1 not found.
MSS0414
Program &1 in library &2 not found.
MSS0415
Managed system attributes not found or damaged.
MSS0417
Global name prefix token length &1 too long.
MSS0418
*NONE not valid for both DFTUSRPRF and SECPGM.
MSS0419
Global name prefix token &1 not valid.
MSS041A
*ALLOBJ special authority required.
Top