This function is used to maintain Adabas SAF Security system settings.
To display the System Settings menu:
Select service 0 from the main menu.
17:38:21 ***** A D A B A S SAF SECURITY SERVICES 8.2.1 ***** 2011-03-03 - System Settings - A10000M1 Code Service ---- --------------------- 1 LFILE 152 Maintenance 2 SAF Security Settings . Exit ---- --------------------- Code..: _ Command ==> Enter-PF1---PF2---PF3---PF4---PF5---PF6---PF7---PF8---PF9---PF10--PF11--PF12--- Help Exit Menu |
Select option 1 to view or modify the current configuration file.
Select option 2 to view or modify the SAF Security settings for SYSAAF when using this configuration file.
To customize the use of LFILE 152:
Select service 1 from System Settings menu or enter the command 0.1 on a command line.
17:55:48 ***** A D A B A S SAF SECURITY SERVICES 8.2.1 ***** 2011-03-03 - System Settings - A10000M1 +----------------------------------------------------------------+ | 17:55:49 LFILE 152 Maintenance 2011-03-03 | | U1LFILM2 | | | | Current Settings for LFILE 152: | | | | Original LFILE = ( 152 , 135 , 157 ) | | Current LFILE = ( 152 , 135__ , 157__ ) | | (effective only for this Natural session) | | | | Default pop-up settings: | | Do you want to see this window again ? | | - for the current SYSAAF session... Y | | - for future SYSAAF sessions....... Y | | | | PF3 Exit PF5 Update/Confirm | | | +----------------------------------------------------------------+ Command ==> Enter-PF1---PF2---PF3---PF4---PF5---PF6---PF7---PF8---PF9---PF10--PF11--PF12--- Help Exit Menu |
The LFILE 152 Maintenance window appears.
In the Original LFILE field, the database and file number are displayed for the configuration file that was allocated to LFILE 152 at the start of your current SYSAAF session.
These values were allocated to LFILE 152 using the static Natural parameter NTLFILE 152,.. or the dynamic Natural parameter LFILE=(152,..). For more information about specifying LFILE 152, see the installation instructions relevant to your operating system.
In the Current LFILE field, you can change the database and file number to access a different configuration file. Specify the new configuration file database and file number, if necessary.
Review the default settings.
The LFILE 152 Maintenance window is displayed whenever an online services function is selected that accesses the configuration file, making it possible for the user to access multiple configuration files from within a single Natural session.
You may choose to deactivate the LFILE 152 Maintenance window and thus the possibility of changing the configuration file for just the current session or for all future sessions.
Regardless of the options you choose, you can always modify those choices by invoking the LFILE 152 Maintenance function from System Settings.
To customize SAF Security settings:
Select service 2 from System Settings menu or enter the command 0.2 on a command line.
18:39:45 ***** A D A B A S SAF SECURITY SERVICES 8.2.1 ***** 2011-03-03 - Main Menu - A1MAINM1 +----------------------------------------------------------------+ | 18:39:47 SAF Security Settings 2011-03-03 | | U1SAFSM1 | | | | Protect SYSAAF with SAF Security: Y (Y/N) | | System Coordinator Daemon Group : CORGROUP | | | | Action if no daemon available (mark one): | | Disallow all functions: _ | | Allow read functions only: _ | | Allow all functions: X | | | | | | | he | | by | PF3 Exit PF5 Update/Confirm | COR Syste | | - +----------------------------------------------------------------+ Command ==> 0.2 Enter-PF1---PF2---PF3---PF4---PF5---PF6---PF7---PF8---PF9---PF10--PF11--PF12--- Help Exit Prods Vers |
The SAF Security Settings screen appears.
By default, "Protect SYSAAF with SAF Security" appears as N. To activate SAF protection for SYSAAF:
Set "Protect SYSAAF with SAF Security" to Y
Specify the name of the System Coordinator group that contains the daemon configured for Adabas SAF Security. The group and daemon must already be defined (see the Adabas System Coordinator documentation section Maintain Daemon Groups).
Select the desired behavior when no daemon is available or the security service in the daemon is not available:
Disallow all functions:
SYSAAF cannot be used until a the daemon security service is available
Allow read functions only:
SYSAAF activity displays can be used, but functions that require update access, such as server restart, are not allowed
Allow all functions:
SYSAAF can be used without restriction.
You must restrict who has update access to AAF.SETTINGS. Anyone with update access can deactivate SAF security checking, or switch to a configuration file with no SAF security settings.
In an emergency (for example, wrong security definitions or the daemon is unexpectedly unavailable and you selected "Disallow all functions"), you can sign on to Natural as user DBA and set "Protect SYSAAF with SAF Security" to N until the emergency has passed. Security checking of SAF Security Settings is bypassed for user DBA. Obviously you should restrict access to user DBA.