Bruce Hewson wrote:
>A query for the ICETOOL/RACFICE experts,
>I have been asked to extract all RACF commands issued relating to a specific
>USERID.
>I am not knowledgable enough with ICETOOLS to code this myself quickly.
You will have to learn it. Or post your queries on RACF-L. Perhaps someone from
DFSORT support chimes in here.
This is a two step thing. You first use RACF SMF Unload and then you use the
ICETOOL job.
This process is hungry hungry HUNGRY on disk space, because the compressed SMF
records are expanded. Bit fields are expanded in a full 4 bytes per bit. say
x'01' is expanded into 'YES ' and x'00' to 'NO '.
Or you can go the DB2 way. I have not done that way.
>The current RACFICE examples do not provide a sample for this.
I am not surprised, but I started my life from that RACFICE examples and moved
on.
Perhaps there are DB2 samples for that, I simply don't know or just don't care.
>Extract and report all commands, ADDUSER/ALTUSER/PASSWORD/PERMIT that
>reference USER(xyzzy)
Please note: There are two USER fields involved in a RACF command - Issuer and
subject of the id.
Issuer is on a specific column, but the subject Userid is in a specific column
or specific field depending on the command used.
For commands like PERMIT, you won't get a specific id, but you will need to
examine the 'Keywords Used' and then there you examine the field.
Example for ADDUSER, I have this:
//TOOLIN DD *
SORT FROM(INDD) TO(TEMP0001) USING(ADD1)
DISPLAY FROM(TEMP0001) LIST(PRINT1) -
NOCC -
WIDTH(500) -
TITLE('RACF ADDUSER Report') -
DATE(4MD/) -
TIME(24:) -
PAGE -
BLANK -
ON(63,8,CH) HEADER('Issuer') -
ON(295,20,CH) HEADER('User Name') -
ON(72,8,CH) HEADER('Group') -
ON(32,10,CH) HEADER('Date') -
ON(23,8,CH) HEADER('Time') -
ON(508,8,CH) HEADER('User Id') -
ON(43,4,CH) HEADER('SMFID') -
ON(175,8,CH) HEADER('Terminal') -
ON(184,8,CH) HEADER('Jobname ') -
ON(14,8,CH) HEADER('Result') -
ON(517,200,CH) HEADER('Keywords')
//ADD1CNTL DD *
SORT FIELDS=(5,8,CH,A)
INCLUDE COND=(5,8,CH,EQ,C'ADDUSER ',AND,
32,10,CH,GE,C'2017-01',AND,
508,3,CH,EQ,C'ABC')
OPTION VLSHRT
For ALTUSER I have this example:
SORT FROM(INDD) TO(TEMP0001) USING(ULDF)
DISPLAY FROM(TEMP0001) LIST(PRINT) -
NOCC -
WIDTH(500) -
TITLE('Group Special Users Activity') -
DATE(4MD/) -
TIME(24:) -
PAGE -
BLANK -
ON(63,8,CH) HEADER('Issuer') -
ON(295,20,CH) HEADER('User Name') -
ON(72,8,CH) HEADER('Group') -
ON(32,10,CH) HEADER('Date') -
ON(23,8,CH) HEADER('Time') -
ON(522,8,CH) HEADER('User Id') -
ON(43,4,CH) HEADER('SMFID') -
ON(175,8,CH) HEADER('Terminal') -
ON(184,8,CH) HEADER('Job Name') -
ON(286,8,CH) HEADER('Owner ') -
ON(14,8,CH) HEADER('Result') -
ON(531,200,CH) HEADER('Keywords Used')
//ULDFCNTL DD *
SORT FIELDS=(5,8,CH,A)
INCLUDE COND=(5,8,CH,EQ,C'ALTUSER ',AND,
32,7,CH,GE,C'2017-01',AND,
522,3,CH,EQ,C'ABC')
OPTION VLSHRT
... and so on ...
Good luck. You will really need it! Just shout again if you need more help.
Groete / Greetings
Elardus Engelbrecht
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
