Save Security Data (SAVSECDTA)

Where allowed to run: All environments (*ALL)
Threadsafe: No
Parameters
Examples
Error messages

The Save Security Data (SAVSECDTA) command saves all security information without requiring a system in a restricted state. The SAVSECDTA command saves the same security information that is saved when a Save System (SAVSYS) command is run including the following:

Information saved with the SAVSYS or SAVSECDTA command can be restored using the Restore User Profiles (RSTUSRPRF) and Restore Authority (RSTAUT) commands.

Restrictions:

Top

Parameters

Keyword Description Choices Notes
DEV Device Single values: *SAVF
Other values (up to 4 repetitions): Name
Required, Positional 1
VOL Volume identifier Single values: *MOUNTED
Other values (up to 75 repetitions): Character value
Optional
SEQNBR Sequence number 1-16777215, *END Optional
EXPDATE File expiration date Date, *PERM Optional
ENDOPT End of media option *REWIND, *LEAVE, *UNLOAD Optional
USEOPTBLK Use optimum block *YES, *NO Optional
SAVF Save file Qualified object name Optional
Qualifier 1: Save file Name
Qualifier 2: Library Name, *LIBL, *CURLIB
OPTFILE Optical file Path name, * Optional
ASPDEV ASP device Name, *ALLAVL, *, *SYSBAS, *CURASPGRP Optional
CLEAR Clear *NONE, *ALL, *AFTER, *REPLACE Optional
PRECHK Object pre-check *NO, *YES Optional
DTACPR Data compression *DEV, *NO, *YES, *LOW, *MEDIUM, *HIGH Optional
COMPACT Data compaction *DEV, *NO Optional
OUTPUT Output *NONE, *PRINT, *OUTFILE Optional
OUTFILE File to receive output Qualified object name Optional
Qualifier 1: File to receive output Name
Qualifier 2: Library Name, *LIBL, *CURLIB
OUTMBR Output member options Element list Optional
Element 1: Member to receive output Name, *FIRST
Element 2: Replace or add records *REPLACE, *ADD
Top

Device (DEV)

Specifies the name of the device used for the save operation. The device name must already be known on the system by a device description.

This is a required parameter.

Single values

*SAVF
The save operation is done using the save file specified for the Save file (SAVF) parameter.

Other values

optical-device-name
Specify the name of the optical device used for the save operation.
tape-media-library-device-name
Specify the name of the tape media library device used for the save operation.
tape-device-name
Specify the names of one or more tape devices used for the save operation. If a virtual tape device is used, it must be the only device specified. If multiple tape devices are used, they must have compatible media formats and their names must be specified in the order in which they are used. Using more than one tape device permits one tape volume to be rewound and unloaded while another tape device processes the next tape volume.
Top

Volume identifier (VOL)

Specifies the volume identifiers of the volumes, or the cartridge identifiers of tapes in a tape media library device, on which the data is saved. The volumes must be placed in the device in the same order as specified for this parameter.

Single values

*MOUNTED
The data is saved on the volumes placed in the device. For a media library device, the volume to be used is the next cartridge in the category mounted by the Set Tape Category (SETTAPCGY) command.

Note: This value cannot be specified when using an optical media library device.

Other values (up to 75 repetitions)

character-value
Specify the identifiers of one or more volumes in the order in which they are placed in a device and used to save the data.
Top

Sequence number (SEQNBR)

Specifies, when tape is used, the sequence number to use as the starting point for the save operation.

*END
The save operation begins after the last sequence number on the first tape. If the first tape is full, an error message is issued and the operation ends.
1-16777215
Specify the sequence number of the file to be used for the save operation.
Top

File expiration date (EXPDATE)

Specifies the expiration date of the file created by the save operation. If a date is specified, the file is protected and cannot be overwritten until the specified expiration date.

Notes:

  1. This parameter is valid for tape and optical files.
  2. Specifying this parameter does not protect against a later save operation specifying CLEAR(*ALL).
*PERM
The file is protected permanently.
date
Specify the date when protection for the file ends.
Top

End of media option (ENDOPT)

Specifies the operation that is automatically done on the tape or optical volume after the save operation ends. If more than one volume is used, this parameter applies only to the last volume used; all other volumes are unloaded when the end of the volume is reached.

Note: This parameter is valid only if a tape or optical device name is specified for the DEV parameter. For optical devices, *UNLOAD is the only special value supported, *REWIND and *LEAVE will be ignored.

*REWIND
The tape is automatically rewound, but not unloaded, after the operation has ended.
*LEAVE
The tape does not rewind or unload after the operation ends. It remains at the current position on the tape drive.
*UNLOAD
The tape is automatically rewound and unloaded after the operation ends. Some optical devices will eject the volume after the operation ends.
Top

Use optimum block (USEOPTBLK)

Specifies whether or not the optimum block size is used for the save operation.

Note: Specifying USEOPTBLK(*YES) may result in a tape that can be duplicated only to a device that supports the same block size.

*YES
The optimum block size supported by the device is used for Save commands. If the block size that is used is larger than a block size that is supported by all device types, then:
  • Performance may improve.
  • The tape file that is created is only compatible with a device that supports the block size used. Commands such as Duplicate Tape (DUPTAP) do not duplicate files unless the files are being duplicated to a device which supports the same block size that was used.
  • The value for the DTACPR parameter is ignored.
*NO
The optimum block size supported by the device is not used. Save commands use the default block size supported by all device types. The tape volume can be duplicated to any media format using the Duplicate Tape (DUPTAP) command.
Top

Save file (SAVF)

Specifies the save file that is used to contain the saved data. The save file must be empty, unless *ALL is specified for the Clear (CLEAR) parameter.

Note: A value must be specified for this parameter if *SAVF is specified for the Device (DEV) parameter.

Qualifier 1: Save file

name
Specify the name of save file to be used.

Qualifier 2: Library

*LIBL
All libraries in the library list for the current thread are searched until the first match is found.
*CURLIB
The current library for the thread is used to locate the save file. If no current library entry exists in the library list, the QGPL library is used.
name
Specify the name of the library where the save file is located.
Top

Optical file (OPTFILE)

Specifies the path name of the optical file that is used for the save operation, beginning with the root directory of the volume.

For more information on specifying path names, refer to "Object naming rules" in the CL concepts and reference topic in the iSeries Information Center at http://www.ibm.com/eserver/iseries/infocenter.

*
The system generates an optical file name in the root directory of the optical volume.
'optical-directory-path-name/*'
The system generates an optical file name in the specified directory of the optical volume.
Top

ASP device (ASPDEV)

Specifies the auxiliary storage pool (ASP) device from which private authorities are to be saved.

*ALLAVL
The private authorities from the system ASP (ASP number 1), all basic user ASPs (ASP numbers 2-32), and all available independent ASPs are saved.
*
The private authorities from the system ASP, all basic user ASPs, and, if the current thread has an ASP group, all independent ASPs in the ASP group are saved.
*SYSBAS
The private authorities from the system ASP and all basic user ASPs are saved.
*CURASPGRP
If the current thread has an ASP group, the private authorities from all independent ASPs in the ASP group are saved.
name
Specify the ASP device name from which private authorities are to be saved.
Top

Clear (CLEAR)

Specifies whether active data on the media is automatically cleared or replaced. Active data is any file on the media that has not expired. For saves to tape, clearing active data will make any files on the tape volume beyond the last file written by the save operation no longer accessible. For saves to optical, the files written by the save operation can be automatically replaced while other files on the volume remain active, or all active files can be automatically cleared. Clearing does not erase the data, it just makes the files no longer accessible.

Notes:

  1. Clearing a tape does not initialize it. You should initialize tapes to a standard label format before the save command is issued by using the Initialize Tape (INZTAP) command and specifying a value for the NEWVOL parameter.
  2. Clearing an optical volume does initialize it.
  3. If a volume that is not initialized is encountered during the save operation, an inquiry message is sent and an operator can initialize the volume.
*NONE
None of the media is automatically cleared. If the save operation encounters active data on a tape volume or in a save file, an inquiry message is sent, allowing the operator to either end the save operation or clear the media. If the save operation encounters the specified optical file, an inquiry message is sent, allowing the operator to either end the save operation or replace the file.
*ALL
All of the media is automatically cleared.

If tapes are used and a sequence number is specified for the SEQNBR parameter, the first tape is cleared beginning at that sequence number. All tapes following that first tape are completely cleared. To clear the entire first tape, SEQNBR(1) must be specified.

*AFTER
All media after the first volume is automatically cleared. If the save operation encounters active data on the first tape volume, an inquiry message is sent, allowing the operator to either end the save operation or clear the media. If the save operation encounters the specified optical file on the first volume, an inquiry message is sent, allowing the operator to either end the save operation or replace the file.

Note: The *AFTER value is not valid for save files.

*REPLACE
Active data on the media is automatically replaced. Optical volumes are not initialized. Other media is automatically cleared in the same way as the *ALL value.
Top

Object pre-check (PRECHK)

Specifies whether the save operation should end if all objects specified by this command do not satisfy the following conditions of the save operation: (1) the objects exist, (2) they were not previously found to be damaged, (3) they are not locked by another job, and (4) the requester of the save operation has authority to save the objects.

*NO
The save operation continues, saving only those objects that can be saved.
*YES
If, after all specified objects are checked, one or more objects cannot be saved, the save operation ends before any data is written.
Top

Data compression (DTACPR)

Specifies whether data compression is used. If the save is running while other jobs on the system are active and software compression is used, the overall system performance may be affected.

Note: If *DEV is specified for both this parameter and the Data compaction (COMPACT) parameter, only device data compaction is performed if device data compaction is supported on the device. Otherwise, data compression is performed.

If *YES is specified for this parameter and *DEV is specified for the COMPACT parameter, both device data compaction and device data compression are performed if supported on the device.

*DEV
If the save is to tape and the target device supports compression, hardware compression is performed. Otherwise, no data compression is performed.
*NO
No data compression is performed.
*YES
If the save is to tape and the target device supports compression, hardware compression is performed. If compression is not supported, or if the save data is written to optical media or to a save file, software compression is performed. Low software compression is used for all devices except optical DVD, which uses medium software compression.
*LOW
If the save operation is to a save file or optical, software data compression is performed with the SNA algorithm. Low compression is usually faster and the compressed data is usually larger than if medium or high compression is used.

Note: This value is not valid for tape.

*MEDIUM
If the save operation is to a save file or optical, software data compression is performed with the TERSE algorithm. Medium compression is usually slower than low compression but faster than high compression. The compressed data is usually smaller than if low compression is used and larger than if high compression is used.

Note: This value is not valid for tape.

*HIGH
If the save operation is to a save file or optical, software data compression is performed with the LZ1 algorithm. High compression is usually slower and the compressed data is usually smaller than if low or medium compression is used.

Note: This value is not valid for tape.

Top

Data compaction (COMPACT)

Specifies whether device data compaction is performed.

*DEV
Device data compaction is performed if the data is saved to tape and all tape devices specified for the Device (DEV) parameter support the compaction feature.

Note: If *DEV is specified for both the Data compression (DTACPR) parameter and this parameter, only device data compaction is performed if device data compaction is supported on the device. Otherwise, data compression is performed if supported on the device.

If *YES is specified for the DTACPR parameter and *DEV is specified for this parameter, both device data compaction and device data compression are performed if supported on the device.

*NO
Device data compaction is not performed.
Top

Output (OUTPUT)

Specifies whether a list with information about the saved objects is created. The information can be printed with the job's spooled output or directed to a database file.

*NONE
No output listing is created.
*PRINT
The output is printed with the job's spooled output.
*OUTFILE
The output is directed to the database file specified for the File to receive output (OUTFILE) parameter.

Note: You must specify a database file name for the File to receive output (OUTFILE) parameter when OUTPUT(*OUTFILE) is specified.

Top

File to receive output (OUTFILE)

Specifies the database file to which the information is directed when *OUTFILE is specified for the Output (OUTPUT) parameter. If the file does not exist, this command creates a database file in the specified library. If a new file is created, the system uses QASAVOBJ in QSYS with the format name QSRSAV as a model.

Qualifier 1: File to receive output

name
Specify the name of the database file to which output from the command is directed. If this file does not exist, it is created in the specified library.

Qualifier 2: Library

*LIBL
All libraries in the library list for the current thread are searched until the first match is found.
*CURLIB
The current library for the thread is used to locate the file. If no library is specified as the current library for the job, the QGPL library is used.
name
Specify the name of the library to be searched.
Top

Output member options (OUTMBR)

Specifies the name of the database file member to which the output is directed when *OUTFILE is specified for the Output (OUTPUT) parameter.

Element 1: Member to receive output

*FIRST
The first member in the file receives the output. If OUTMBR(*FIRST) is specified and the member does not exist, the system creates a member with the name of the file specified for the File to receive output (OUTFILE) parameter.
name
Specify the name of the file member that receives the output. If OUTMBR(member-name) is specified and the member does not exist, the system creates it.

If the member exists, you can add records to the end of the existing member or clear the existing member and add the records.

Element 2: Replace or add records

*REPLACE
The existing records in the specified database file member are replaced by the new records.
*ADD
The new records are added to the existing information in the specified database file member.
Top

Examples

Example 1: Automatically Clearing Uncleared Tapes

SAVSECDTA   DEV(TAP01)  CLEAR(*ALL)

This command saves the security information, including user profiles, authorization lists, authority holders. They are saved on the TAP01 tape drive. CLEAR(*ALL) automatically clears all uncleared tapes when they are encountered.

Example 2: Sending Message When Storage Capacity Exceeded

SAVSECDTA   DEV(TAP01)  VOL(ABC)

This command saves the security information on the TAP01 tape drive, starting on the tape volume labeled ABC. If the save operation exceeds the storage capacity of one tape, a message requesting that another volume be put on the TAP01 tape drive is shown to the operator.

Top

Error messages

*ESCAPE Messages

CPF2206
User needs authority to do requested function on object.
CPF222E
&1 special authority is required.
CPF370A
Not all security objects saved to save file &3.
CPF3709
Tape devices do not support same densities.
CPF3727
Duplicate device &1 specified on device name list.
CPF3728
Device &1 specified with other devices.
CPF3731
Cannot use &2 &1 in library &3.
CPF3733
&2 &1 in &3 previously damaged.
CPF3735
Storage limit exceeded for user profile &1.
CPF3737
Save and restore data area &1 not found.
CPF3738
Device &1 used for save or restore is damaged.
CPF3767
Device &1 not found.
CPF3768
Device &1 not valid for command.
CPF3782
File &1 in &2 not a save file.
CPF3793
Machine or ASP storage limit reached.
CPF3794
Save or restore operation ended unsuccessfully.
CPF3812
Save file &1 in &2 in use.
CPF384E
USEOPTBLK(*YES) not valid for CD-ROM premastering.
CPF388B
Optical file path name not valid.
CPF3893
Not all security objects saved.
CPF3894
Cancel reply received for message &1.
CPF38A4
ASP device &1 not correct.
CPF5729
Not able to allocate object &1.
CPF9809
Library &1 cannot be accessed.
CPF9812
File &1 in library &2 not found.
CPF9814
Device &1 not found.
CPF9833
*CURASPGRP or *ASPGRPPRI specified and thread has no ASP group.
CPF9845
Error occurred while opening file &1.
CPF9846
Error while processing file &1 in library &2.
CPF9847
Error occurred while closing file &1 in library &2.
CPF9850
Override of printer file &1 not allowed.
CPF9851
Overflow value for file &1 in &2 too small.
CPF9860
Error occurred during output file processing.
CPFB8ED
Device description &1 not correct for operation.
Top