The AAFCMD tool provides operation and reporting functions for Adabas SAF Security v8.4.1 running in an Adabas nucleus, an Adabas Audit Server, an Adabas Event Replicator Server, or an Adabas System Coordinator daemon.
AAFCMD is invoked using Natural in batch mode.
Note:
This documentation frequently refers to a “database” as being the target of AAFCMD
requests. Please note that this can be an instance of an Adabas nucleus, an Adabas Audit
Server, an Adabas Event Replicator Server, or an Adabas System Coordinator daemon.
In a batch Natural environment
use AAFCMD as the program name;
define the Natural printer CMPRT01
;
execute the utility from the required SYSMXvrs library.
The syntax of the AAFCMD service commands is as follows:
command [keyword(s)]
Each line of input to the Natural batch program must contain at least a command and the
DBID
keyword. The DBID
keyword must refer to a database running
Adabas SAF Security version 8.4.1. Some commands require the use of additional keywords. All
combinations are defined later in this section.
The commands and keywords can be entered in any order. Extra, unnecessary keywords are ignored and listed with a warning. In the event of missing keywords, the command is not executed and the missing keywords are listed.
Note:
Depending on the configuration parameter AAFCMD
on the target DBID, the AAFCMD functions may be subject
to a security check on the target to make sure the user ID has access to perform the desired
function. Resource names are the same as when protecting SYSAAF Online Services using a
System Coordinator daemon (except that a daemon is not required here, the checking is done
on the target DBID). For more information, see Resource Names for
ADASAF.
The following commands can be used:
STATS |
Displays overview information about security activity in the selected database.
If the optional |
LIST |
Displays all SAF user IDs that are stored in the security server for the selected database. |
FILES |
Displays cached file information for the client session associated with a given SAF user ID in the selected database. |
RESET |
Reset statistics and discard cached authorizations for a given SAF user ID in the selected database. |
LOGOFF |
Log off a given SAF user ID from the security system in the selected database. All security information is discarded. |
RESTART |
Restart the security service in the selected database. All cached security information is discarded and the security service is restarted. |
PARMS |
Displays the security parameters currently in effect for the selected database. |
FIXES |
Displays the applied Adabas SAF Security fixes to the selected database. |
The following keywords are available:
Keyword | Description |
---|---|
DBID |
Mandatory for all requests and actions. The database number of the database running Adabas SAF Security for which statistics or actions are required. |
USERID |
Optional. The SAF user ID in the selected database that is the subject of the action or query. |
NUCID |
Optional. For use when the target DBID is an Adabas Cluster Services or Adabas Parallel Services instance and a specific nucleus ID is required. |
The STATS
command provides statistics at the database or daemon
security service level. It is the equivalent of SYSAAF Menu option 1, System Statistics. For
more information about SYSAAF option 1, see System
Statistics.
If used in conjunction with the USERID
keyword,
STATS
provides functionality equivalent to SYSAAF Menu option
2, SAF User ID statistics, sub-function S (statistics). For more information about SYSAAF
Menu option 2, see SAF User ID
Statistics.
COMMAND | EXPLANATION |
---|---|
STATS DBID=12345 |
Display security service level statistics for database 12345. |
STATS DBID=12345 USERID=USER1 |
Display SAF user ID level statistics for USER1 on database 12345. |
The LIST
command displays all SAF user IDs currently active on a
database. It is the equivalent of SYSAAF Menu option 2, SAF User ID statistics.
For more information about SYSAAF Menu option 2, see SAF User ID Statistics.
COMMAND | EXPLANATION |
---|---|
LIST DBID=12345 |
Display all active SAF user IDs on database 12345. |
The FILES
command displays the internal communication ID for the
Adabas client session, the Cross Level ID under which the client session is operating, the
effectiveness of ADASAF's cache for this client session, and the cached files and access
levels currently held for the selected database for the given SAF user ID.
A SAF user ID may have more than one cache entry, for example when accessing a database from different jobs.
It is the equivalent of SYSAAF Menu option 2, SAF User ID statistics, sub-function C (cached files). For more information, see SAF User ID Cached Files (for databases)
COMMAND | EXPLANATION |
---|---|
FILES DBID=12345 USERID=USER2 |
Display all cached file information for USER2 on database 12345. |
The RESET
command resets a SAF user ID’s statistics and discards
cached authorizations.
It is the equivalent of SYSAAF Menu option 2, SAF User ID statistics, sub-function R (reset).
COMMAND | EXPLANATION |
---|---|
RESET DBID=12345 USERID=USER3 |
Reset statistics and discard cached authorizations for USER3 on database 12345. |
The LOGOFF
command logs the SAF user ID off from the security
system, completely discarding all security information.
It is the equivalent of SYSAAF Menu option 2, SAF User ID statistics, sub-function L (logoff).
COMMAND | EXPLANATION |
---|---|
LOGOFF DBID=12345 USERID=USER4 |
Log USER4 completely off the security system on database 12345. |
The RESTART
command restarts your security service in the
specified nucleus or daemon. All cached security information is discarded and security
operation is restarted.
It is the equivalent of SYSAAF Menu option 6, Server Restart. For more information about SYSAAF Menu option 6, see Server Restart
COMMAND | EXPLANATION |
---|---|
RESTART DBID=12345 |
Restart the security service in database 12345. |
The PARMS
command displays the System Parameters in effect for
the security service.
It is the equivalent of SYSAAF Menu option 8, System Parameters. For more information about SYSAAF Menu option 8, see System Parameters
COMMAND | EXPLANATION |
---|---|
PARMS DBID=12345 |
Display the System Parameters in effect for database 12345. |
The FIXES
command displays the applied to the database Adabas
SAF Security maintenance fixes.
It is the equivalent of SYSAAF Menu option 3, Fix Display. For more information about SYSAAF Menu option 3, see Fix Display
COMMAND | EXPLANATION |
---|---|
FIXES DBID=12345 |
Display Adabas SAF Security fixes applied to database 12345. |
The following table lists all AAFCMD command and keyword combinations, along with the Natural program that performs the function. Natural security can be applied as required.
Command | Keywords | Program |
---|---|---|
STATS |
DBID= |
A15110P |
DBID= NUCID= |
A15110P |
|
DBID= USERID= |
A15110P |
|
DBID= USERID= NUCID= |
A15110P |
|
LIST |
DBID= |
A15200P |
DBID= NUCID= |
A15200P |
|
FILES |
DBID= USERID= |
A15300P |
DBID= USERID= NUCID= |
A15300P |
|
RESET |
DBID= USERID= |
A15400P |
DBID= USERID= NUCID= |
A15400P |
|
LOGOFF |
DBID= USERID= |
A15500P |
DBID= USERID= NUCID= |
A15500P |
|
RESTART |
DBID= |
A15600P |
DBID= NUCID= |
A15600P |
|
PARMS |
DBID= |
A15700P |
DBID= NUCID= |
A15700P |
|
FIXES |
DBID= |
A15800P |
DBID= NUCID= |
A15800P |