TAA Tools

The  Revoke   Duplicate  IFS  Authority   command  checks   or  revokes
duplicate  authorities to the  *PUBLIC user of  IFS objects.   You must
first  run CVTIFSAUT  to create an  outfile of authorizations.   If the
authorization for  a user is  the same  as the *PUBLIC  profile, it  is
considered a  duplicate (except  for the owner).   If the  *PUBLIC user
is  specified as  *AUTL, the  authorizations from  the *AUTL  are used.
Duplicates because of Group Profiles  are not considered.  The  default
is to 'check' (a listing if produced).

*ALLOBJ special authority is required.

A typical series of commands would be:

             CVTIFSAUT   OBJ('/xxx') OUTLIB(QTEMP)
             RVKDUPIFSA  LIB(yyy)

Because  the  default  for  the OPTION  parameter  is  *CHECK,  only  a
listing  would be  produced.   After reviewing  the listing,  you could
remove the duplicates with:


If  you  want  to   follow  OPTION(*REVOKE)  with  another   RVKDUPIFSA
command, you  must  first run  CVTIFSAUT again  to get  the outfile  of
current authorities.

RVKDUPIFSA escape messages you can monitor for

      TAA9891    The IFSAUTP file does not exist.

Escape messages from based on functions will be re-sent.

RVKDUPIFSA Command parameters                         *CMD

   OPTION        The  option  to  be  used.    The  default  is  *CHECK
                 meaning  that  no  authorizations  are  changed  and a
                 listing is output.

                 *REVOKE  may  be specified  to  revoke  the  duplicate
                 authorizations.    Only the  duplicate  authorizations
                 to the object are revoked.

                 Only  duplicate  authorizations  for  a specific  user
                 (other than  the owner)  are compared  to the  *PUBLIC
                 user.   If  the *PUBLIC  user is  specified as  *AUTL,
                 the  authorizations  from the  *AUTL  are  used.   Not
                 considered are duplicates for group profiles.

   PRTPUBLIC     An  option  for  whether  the  *PUBLIC  user  of  each
                 object will  always be  listed.   The default is  *ALL
                 to  list the  *PUBLIC user.    This provides  at least
                 one line per object.

                 *DUP  may be  specified to  list the  *PUBLIC user for
                 only those objects which have duplicates.

   PRTDETAIL     An option  for  whether  to list  just  the  duplicate
                 user  authorizations or  all  authorized  users.   The
                 default  is  *DUP  to  print  a  single  line  for  an
                 authorized user if duplicate authorities exist.

                 *ALL may  be  specified to  print  all users  who  are

   LIB           The library where  the IFSAUTP file exists.   The file
                 must  have  been  created  by  the CVTIFSAUT  command.
                 *LIBL is the default.   A specific library or  *CURLIB
                 may be specified.

   MBR           The  member of  the  IFSAUTP file  to  be used.    The
                 default is  IFSAUTP.  A  specific member may  be named
                 if it was output by the CVTIFSAUT command.

   OUTPUT        How  to  output  the results.    * is  the  default to
                 display the  spooled file  if the  command is  entered
                 interactively.   The spooled file is  deleted after it
                 is displayed.

                 If  the  command  is entered  in  batch  or  *PRINT is
                 specified, the spooled  file is  output and  retained.


  **   *ALLOBJ special authority is required.

  **   Group profiles are not considered.

  **   The maximum path length processed is 5000 bytes.


The following TAA Tools must be on your system:

     CHKALLOBJ       Check *ALLOBJ special authority
     RTVSYSVAL3      Retrieve system value 3
     SNDCOMPMSG      Send completion message
     SNDESCINF       Send escape information
     SNDESCMSG       Send escape message


None, the tool is ready to use.

Objects used by the tool

   Object        Type    Attribute      Src member    Src file
   ------        ----    ---------      ----------    ----------

   RVKDUPIFSA    *CMD                   TAAIFTO       QATTCMD
   TAAIFTOC      *PGM       CLP         TAAIFTOC      QATTCL
   TAAIFTOC2     *PGM       CLP         TAAIFTOC2     QATTCL
   TAAIFTOR      *PGM       RPG         TAAIFTOR      QATTRPG

Added to TAA Productivity tools August 1, 2008

Home Page Up to Top