Domain: | SECURITY-ADMINISTRATION, USER-ADMINISTRATION |
Privileges: | STD-PROCESSING, USER-ADMINISTRATION |
The command checks whether and under what conditions a user ID is authorized to perform a personal logon under another user ID.
SHOW-PERSONAL-LOGON-ADMISSION | ||||||||||||||||||||||||||||||||
| ||||||||||||||||||||||||||||||||
PERSONAL-USER-ID =
Specifies the user IDs whose authorization to perform a personal logon to the IDs specified in the LOGON-USER-ID operand is to be checked.
PERSONAL-USER-ID = *OWN
The authorization for the user’s own user ID is checked.
PERSONAL-USER-ID = *ALL
All the user IDs are checked.
PERSONAL-USER-ID = <name 1..8>
The authorization for the specified user ID is checked.
LOGON-USER-ID =
Specifies the user IDs that are to be checked for whether and under what conditions they allow a personal logon to the user IDs specified in the PERSONAL-USER-ID operand.
LOGON-USER-ID = *ALL
All the user IDs are checked
LOGON-USER-ID = *OWN
The check is performed for the user’s own ID.
LOGON-USER-ID = <name 1..8>
The specified user IDs are checked.
PUBSET =
Specifies the pubset affected by the checks. In general, the only purposeful specification is *HOME (default value).
PUBSET = *HOME
Only the home pubset is checked.
PUBSET = *ALL
All the pubsets are checked.
PUBSET = <cat-id 1..4>
The specified pubsets are checked.
INFORMATION =
Specifies the scope of the output.
INFORMATION = *ATTRIBUTES
The personal user IDs are logged together with the time conditions that apply to the logon user ID. The output is equivalent to that of the /SHOW-ACCESS-ADMISSION command.
INFORMATION = *USER-LIST
A list of user IDs is logged.
OUTPUT =
Specifies the destination for output.
OUTPUT = *SYSOUT
Output is sent to SYSOUT.
OUTPUT = *SYSLST(...)
Output is sent to SYSLST.
SYSLST-NUMBER = *STD / <integer 0..99>
Output to SYSLST (specification *STD) or to a SYSLST file from the set SYSLST01 to SYSLST99.
LINES-PER-PAGE = 64 / <integer 20..255>
Defines after how many output records a new page is to begin. By default, a new page begins after 64 output records.
Note
If PERSONAL-USER-ID=*ALL and/or LOGON-USER-ID=*ALL are specified then the set of user IDs for output depends on the privilege assigned to the caller. The same applies if PERSONAL-USER-ID and/or LOGON-USER-ID are used to select a specific user ID:
A user administrator (USER-ADMINISTRATION privilege) receives information about all user IDs.
Group administrators see only those user IDs that correspond to the logon user IDs of their group members.
All other users see all the information that affects them personally, i.e:
PERSONAL-USER-ID must be either the user’s own logon or personal user ID. LOGON-USER-ID can be any user ID to which the user’s own logon or personal user ID has access authorization.
Command return codes
(SC2) | SC1 | Maincode | Meaning |
0 | CMD0001 | Command executed without errors | |
2 | 0 | SRM6001 | Command executed with a warning |
1 | SRM6010 | Syntax error in the command | |
32 | CMD2009 | System error on output of S variables | |
32 | SRM6020 | System error during command processing | |
64 | OPS0002 | Output of S variables was interrupted | |
64 | SRM6040 | Semantic error during command processing | |
130 | CMD2009 | OPS not available | |
130 | OPS0001 | Not possible to output S variables | |
130 | SRM6030 | Command cannot be processed at the present time |
Output in S variables
The command’s INFORMATION operand specifies the S variables for which values must be entered. The following values are possible for INFORMATION:
Notation in command | Condition in table |
INFORMATION = *ATTRIBUTES | 1 |
INFORMATION = *USER-LIST | 2 |
Output information | Name of the S variable | T | Contents | Condition |
Personal user ID | Var(*LIST).PERSID | S | <name 1..8> | 1 |
Pubset | Var(*LIST).PUBSET | S | <cat-id 1..4> | 1, 2 |
Logon user ID | Var(*LIST).USERID | S | <name 1..8> | 1 |
Logon user IDs | Var(*LIST).USERID(*LIST) | S | <name 1..8> | 2 |
Access permission for the subject | Var(*LIST).USER.ADMIS | S | *NO | 1 |
Definition of the time condition | Var(*LIST).USER.TIME-KIND | S | *ANY | 1 |
Start of the time interval | Var(*LIST).USER.TIME(*LIST).FROM | S | ‘‘ | 1 |
End of the time interval | Var(*LIST).USER.TIME(*LIST).TO | S | ‘‘ | 1 |
Definition of the date condition | Var(*LIST).USER.DATE-KIND | S | *ANY | 1 |
Start of the date interval | Var(*LIST).USER.DATE(*LIST).FROM | S | ‘‘ | 1 |
End of the date interval | Var(*LIST).USER.DATE(*LIST).TO | S | ‘‘ | 1 |
Definition of the weekday condition | Var(*LIST).USER.WEEKDAY-KIND | S | *ANY | 1 |
Weekdays | Var(*LIST).USER.WEEKDAY(*LIST) | S | ‘‘ | 1 |
Access condition for | Var(*LIST).WHEN.ADMIS | S | ‘‘ | 1 |
Definition of the time condition | Var(*LIST).WHEN.TIME-KIND | S | *ANY | 1 |
Start of the time interval | Var(*LIST).WHEN.TIME(*LIST).FROM | S | ‘‘ | 1 |
End of the time interval | Var(*LIST).WHEN.TIME(*LIST).TO | S | ‘‘ | 1 |
Definition of the date condition | Var(*LIST).WHEN.DATE-KIND | S | *ANY | 1 |
Start of the date interval | Var(*LIST).WHEN.DATE(*LIST).FROM | S | ‘‘ | 1 |
End of the date interval | Var(*LIST).WHEN.DATE(*LIST).TO | S | ‘‘ | 1 |
Definition of the weekday condition | Var(*LIST).WHEN.WEEKDAY-KIND | S | *ANY | 1 |
Weekdays | Var(*LIST).WHEN.WEEKDAY(*LIST) | S | ‘‘ | 1 |
Examples
Conditions have been specified in a guard which permit personal logon under the user ID HUGO as follows.
|
The conditions which permit a personal identification with the user ID OTTO under the user ID HUGO are displayed as follows:
|
The corresponding S variables have the following contents:
OPS(*LIST).PERSID = 'OTTO' OPS(*LIST).USERID = 'HUGO' OPS(*LIST).PUBSET = 'A' OPS(*LIST).USER.ADMIS = '*PAR' OPS(*LIST).USER.TIME-KIND = '*ANY' OPS(*LIST).USER.TIME(*LIST).FROM = '' OPS(*LIST).USER.TIME(*LIST).TO = '' *END-OF-VAR OPS(*LIST).USER.DATE-KIND = '*INTERVAL' OPS(*LIST).USER.DATE(*LIST).FROM = '2018-01-01' OPS(*LIST).USER.DATE(*LIST).TO = '2018-12-31' *END-OF-VAR OPS(*LIST).USER.WEEKDAY-KIND = '*INTERVAL' OPS(*LIST).USER.WEEKDAY(*LIST) = '*MONDAY' OPS(*LIST).USER.WEEKDAY(*LIST) = '*TUESDAY' OPS(*LIST).USER.WEEKDAY(*LIST) = '*WEDNESDAY' OPS(*LIST).WHEN.ADMIS = '*PAR' OPS(*LIST).WHEN.TIME-KIND = '*INTERVAL' OPS(*LIST).WHEN.TIME(*LIST).FROM = '07:00' OPS(*LIST).WHEN.TIME(*LIST).TO = '20:00' *END-OF-VAR OPS(*LIST).WHEN.DATE-KIND = '*ANY' OPS(*LIST).WHEN.DATE(*LIST).FROM = '' OPS(*LIST).WHEN.DATE(*LIST).TO = '' *END-OF-VAR OPS(*LIST).WHEN.WEEKDAY-KIND = '*INTERVAL' OPS(*LIST).WHEN.WEEKDAY(*LIST) = '*MONDAY' OPS(*LIST).WHEN.WEEKDAY(*LIST) = '*TUESDAY' OPS(*LIST).WHEN.WEEKDAY(*LIST) = '*WEDNESDAY' OPS(*LIST).WHEN.WEEKDAY(*LIST) = '*THURSDAY' OPS(*LIST).WHEN.WEEKDAY(*LIST) = '*FRIDAY' *END-OF-VAR