The MODIFY-FT-ADMISSION-SET command can be used to modify the admission set for your user ID. You may access two components of the admission set:
You can define a password to be entered for almost all subsequent FTAC commands (exception: the /SHOW... commands). This prevents other users who are working with your user ID from entering FTAC commands.
It is not possible to have an FTAC password output. If an FTAC user forgets his/her FTAC password, only the FTAC administrator can delete or modify the password.
You can modify the limiting values for the maximum security levels (the MAX-USER-LEVELS) that can be accessed from your user ID. The limiting values set by the FTAC administrator (MAX-ADM-LEVELS) cannot be disabled.
The MAX-USER-LEVELS only work if they are higher (i.e. more restrictive) than the MAX-ADM-LEVELS.
If you call HELP for the SDF command syntax shown below, you may also see some operands that are not indicated here. This is because only the operands relevant for FTP are described in this section.
MODIFY-FT-ADMISSION-SET - showing operands relevant for FTP | ||||||||||||||||||||||||||||
| ||||||||||||||||||||||||||||
Operands
USER-IDENTIFICATION=
Specifies the user ID whose admission set is to be modified.
USER-IDENTIFICATION=*OWN
The admission set for the user ID under which you are currently working is to be modified.
USER-IDENTIFICATION=<alphanum-name 1..8>
The admission set for this user ID is to be modified. As an FTAC user, you can only enter your own user ID here.
SELECT-PARAMETER=*ALL
In later FTAC versions, it will be possible to enter additional selection criteria here.
MAX-LEVELS=
With this operand, you determine which security level(s) can be reached with which basic functions from the user ID of this admission set. You may optionally set one security level for all basic functions or different security levels for each basic function. The MAX-USER-LEVELS for this admission set are defined by the FTAC user; the MAX-ADM-LEVELS are defined by the FTAC administrator. FTAC runs authorization checks on the basis of the lowest specified security level in each case. FTAC users may reduce but not exceed the values set for them by the FTAC administrator.
MAX-LEVELS=*UNCHANGED
The security levels defined in this admission set are to remain unchanged.
MAX-LEVELS=*STD
With this setting, you specify that the values of the default admission set are to be used for for this admission set. This causes the admission set to be deleted from the admission file. This is possible even if the user ID has already been deleted.
MAX-LEVELS=<integer 0..100>
With this value, you can set a maximum security level for all basic functions. A value less than the security level specified by the system administrator or the default value of 100 means that no FTP access checked via FTAC is possible on this user ID until further notice (i.e. until the admission set is modified again).
MAX-LEVELS=*PARAMETERS(...)
With this structure, you can set a maximum security level for each of the basic functions. FTP partners always have the security level specified by the system administrator, which is 100 by default.
INBOUND-SEND=
Sets the maximum security level for the basic function “inbound send”. All partner systems with this security level or lower can request files from the owner of the admission set.
INBOUND-SEND=*UNCHANGED
The value for INBOUND-SEND remains unchanged.
INBOUND-SEND=*STD
For INBOUND-SEND, the value from the default admission set is used.
INBOUND-SEND=<integer 0..100>
For INBOUND-SEND, this maximum security level is entered in the admission set. A value less than the security level specified by the system administrator or the default value of 100 means that INBOUND-SEND is not possible on this ID. In this case, the retr server command is not permitted.
INBOUND-RECEIVE=
Sets the maximum security level for the basic function “inbound receive”. All partner systems with this security level or lower may send files to the owner of the admission set.
INBOUND-RECEIVE=*UNCHANGED
The value for INBOUND-RECEIVE remains unchanged.
INBOUND-RECEIVE=*STD
For INBOUND-RECEIVE, the value from the default admission set is used.
INBOUND-RECEIVE=<integer 0..100>
For INBOUND-RECEIVE, this maximum security level is entered in the admission set. A value less than the security level specified by the system administrator or the default value of 100 means that INBOUND-RECEIVE is not possible on this ID. In this case, the following server commands are not permitted: stor, stou, appe, rnfr, dele, site file.
INBOUND-MANAGEMENT=
Sets the maximum security level for the basic function “inbound file management”. All partner systems with this security level or lower may include the modification of file attributes and the querying of directories as part of their FTP request.
INBOUND-MANAGEMENT=*UNCHANGED
The value for INBOUND-MANAGEMENT remains unchanged.
INBOUND-MANAGEMENT=*STD
For INBOUND-MANAGEMENT, the value from the default admission set is used.
INBOUND-MANAGEMENT=<integer 0..100>
For INBOUND-MANAGEMENT, this maximum security level is entered in the admission set. A value less than the security level specified by the system administrator or the default value of 100 means that INBOUND-MANAGEMENT is not possible on this ID. In this case, the following server commands are not permitted: cwd, xcwd, list, mlsd, mlst, nlst, mkd, xmkd, rmd, xrmd, pwd, xpwd, cdup, xcup, rnfr, size.
Example
Donald needs information on his admission sets:
/SHOW-FT-ADMISSION-SET
Short form:
/SHOW-FT-ADM
He receives the following output:
% MAX. USER LEVELS MAX. ADM LEVELS ATTR % USER-ID OBS OBR IBS IBR IBP IBF OBS OBR IBS IBR IBP IBF % DUCKTAIL 100 100 100 100 100 100 80 80 100 100 80 100
Donald now wants to deny access to the basic function “inbound send” and thus prevent files from being read on his user ID.
/MODIFY-FT-ADMISSION-SET MAX-LEVELS=*PARAMETERS(INBOUND-SEND=99)
The short form of this command is:
/MOD-FT-ADM MAX-LEV=(IN-SEND=99)
To verify the new setting, Donald now displays his admission again:
/SHOW-FT-ADM % MAX. USER LEVELS MAX. ADM LEVELS ATTR % USER-ID OBS OBR IBS IBR IBP IBF OBS OBR IBS IBR IBP IBF % DUCKTAIL 100 100 99 100 100 100 80 80 100 100 80 100
Command return codes
(SC2) | SC1 | Maincode | Meaning |
| 0 | 0 | FTC0050 | The set security level exceeds the administrator‘s limit and will remain invalid until the administrator's limit is raised accordingly. |
| 0 | 64 | FTC0150 | Authorization password is missing. |
| 0 | 64 | FTC0151 | Only the administrator or owner is permitted to make this modification. |
| 0 | 64 | FTC0152 | The user ID entered is not the user‘s own. |
| 0 | 64 | FTC0175 | The operand “NEW-PASSWORD” may not be entered for *STD. |
| 0 | 64 | FTC0176 | The user ID entered does not exist in the system. |
| 0 | 64 | FTC0255 | A system error occurred. |
SC1/2 = Subcode 1/2 in decimal form
More information can be found in the manual “openFT - Command Interface”.