Perry, I am to publish an article in IBM Knowledge Base on this topic. Here are the details that might help you :
The format of an "UV.ACCESS" record is : AMC Column Label S/M Comment -------------------------------------------------------------------------------------------------------------------- 0 @ID Function Single a String recognized by the UniVerse administration tool concerned (1) 1 Users Users Multivalued System login authorized for the corresponding Function with the privileges listed in field "Privileges" 2 Privileges Privileges Multivalued value = "READ" or "WRITE" : a unique pair of character strings mentionning the SQL rights granted for the corresponding administrative Function for the administrators listed in the "Users" field -------------------------------------------------------------------------------------------------------------------- (1) This string is hard coded in the product tools for these processes, which are setup by default in the "UV.ACCESS" file The good point you ask about is regarding the number of multivalues in the 2nd field of the record. Per my understanding, the actual logic of the internal function querying the special permissions appears someway curious in that it does not give an option to setup access rights per user, but only for all the users listed in field #1. In your example, if you want to add to a specific user (I'll name it "UVTLRADM") the ability to Activate-Deactivate files for logging, the following would be sufficient : >CT UV.ACCESS LOG_ACT LOG_ACT 0001 uvadm}root}NT AUTHORITY\system}UVTLRADM 0002 READ}WRITE But, it you want to revoke the "NT AUTHORITY\system" user this right, you would have : >CT UV.ACCESS LOG_ACT LOG_ACT 0001 uvadm}root}UVTLRADM 0002 READ}WRITE ==== Hope this will help. Hervi BALESTRIERI Support Technique Avanci - Produits "U2" ------- u2-users mailing list u2-users@listserver.u2ug.org To unsubscribe please visit http://listserver.u2ug.org/