Perry,
I am to publish an article in IBM Knowledge Base on this topic. Here are
the details that might help you :
The format of an "UV.ACCESS" record is :
AMC Column Label S/M Comment
--------------------------------------------------------------------------------------------------------------------
0 @ID Function Single a String recognized by the
UniVerse administration tool concerned (1)
1 Users Users Multivalued System login authorized for the
corresponding Function with the privileges
listed in field "Privileges"
2 Privileges Privileges Multivalued value = "READ" or "WRITE" : a
unique pair of character strings mentionning
the SQL rights granted for the
corresponding administrative Function for
the administrators listed in the
"Users" field
--------------------------------------------------------------------------------------------------------------------
(1) This string is hard coded in the product tools for these processes,
which are setup by default in the "UV.ACCESS" file
The good point you ask about is regarding the number of multivalues in the
2nd field of the record.
Per my understanding, the actual logic of the internal function querying
the special permissions appears someway curious in that it does not give an
option to setup access rights per user, but only for all the users listed
in field #1.
In your example, if you want to add to a specific user (I'll name it
"UVTLRADM") the ability to Activate-Deactivate files for logging, the
following would be sufficient :
>CT UV.ACCESS LOG_ACT
LOG_ACT
0001 uvadm}root}NT AUTHORITY\system}UVTLRADM
0002 READ}WRITE
But, it you want to revoke the "NT AUTHORITY\system" user this right, you
would have :
>CT UV.ACCESS LOG_ACT
LOG_ACT
0001 uvadm}root}UVTLRADM
0002 READ}WRITE
====
Hope this will help.
Hervi BALESTRIERI
Support Technique Avanci - Produits "U2"
-------
u2-users mailing list
u2-users@listserver.u2ug.org
To unsubscribe please visit http://listserver.u2ug.org/
