This document describes the Natural Security features supported by Natural Advanced Facilities and how these features can be used.
Under Natural Security, there are three types of Natural Advanced Facilities users:
A NATSPOOL
system administrator is either an owner of the
library SYSPOOL
, as defined in Natural Security, or, if no owner
has been defined for SYSPOOL
, a user defined as administrator
(user type A) in Natural Security.
System administrators can access all NATSPOOL
functions,
unless certain restrictions have been imposed within NATSPOOL
itself.
If any owners are defined in Natural Security for library
SYSPOOL
, users defined as administrators (user type
A
) but not defined as owners are group administrators.
Group administrators can perform administrative functions, too, but only within the group(s) they belong to. The Natural Security administrator must define valid group IDs and define which users are members of which groups by using the User Maintenance functions of Natural Security (see the Natural Security documentation). The group administrator must be a member of the corresponding group(s).
End-users are users who are neither defined as system administrators nor as group administrators.
Depending on which user type invokes NATSPOOL
with startup
program MENU
, different menus are displayed.
Time 12:31:03 *** Natural Spool Administration *** Date 2002-10-17 User SAG M e n u File 7/411 Administration Information 10 Reports/Queues 20 Cross-Reference 11 Devices 21 Statistics 12 Abstracts 22 Look at Spool File 13 Applications 23 CALLNAT Handling 14 Change Spool File Maintenance Control Functions 30 Spool File Properties 40 Check Spool File 31 Objects 41 Logging Data 32 Mass Update 42 Create Test Reports 33 Hardcopy Allocations 43 Delete Reports by Date 34 Transfer Objects Enter function, mark with cursor, or press a PF-key. Command ===> Enter-PF1---PF2---PF3---PF4---PF5---PF6---PF7---PF8---PF9---PF10--PF11--PF12--- Help Exit Repor Devic Flip Abstr Appli Cross Stati Look Canc |
The NATSPOOL
menu for system administrators under Natural
Security corresponds to the NATSPOOL
menu without Natural
Security.
If Natural Security has not been installed, all users of Natural Advanced Facilities are system administrators.
For users defined as group administrators or end-users, the
NATSPOOL
menu provides only a subset of the functions available
for the system administrator.
Time 12:34:25 *** Natural Spool Administration *** Date 2002-10-17 User SAG M e n u File 7/411 10 Reports/Queues 11 Devices 12 Abstracts 13 Applications Enter function, mark with cursor, or press a PF-key. Command ===> Enter-PF1---PF2---PF3---PF4---PF5---PF6---PF7---PF8---PF9---PF10--PF11--PF12--- Help Exit Repor Devic Abstr Appli |
When accessing objects, such, as printers or reports, the
corresponding subfunctions are restricted. The restrictions imposed by Natural
Security can be further restricted by NATSPOOL
itself.
If Natural Security is installed, it is possible to use different
NATSPOOL
user profiles for different libraries without leaving the
Natural session. This is accomplished by entering a SPOOL
parameter (a user profile name) in the SPOOL
profile field in the
library security profile in Natural Security.
The user profile specified in the SPOOL
parameter of the
library security profile should contain the same number of printers as used for
the NTPRINT
macro or PRINT
parameter. At the beginning of a Natural session, Natural executes a
GETMAIN (REQM)
for the number of printers specified. If the
default is 3 (for example, NTPRINT (1-3),AM=NAF)
and a library
which has a user profile with 4 printers specified is accessed, only 3 can be
used. This is because GETMAIN (REQM)
is only executed at the
beginning of the Natural session.
At logon time it is checked whether a SPOOL
parameter has been specified for the library. A blank value for the
SPOOL
parameter causes the usage of the user profile
which was activated at the start of the Natural session. If the SPOOL parameter
is different from the previous one, the corresponding logical printers are
re-initialized.
The maximum number of logical printers contained in the
NTPRINT
macro or PRINT
parameter
at Natural startup time is taken into account. Therefore, during the
initialization by using the user profile specified with Natural Security, there
are three possibilities as to how many printer profiles will be changed:
If the new number of logical printers is equal to the old number of logical printers, all logical printers will be re-initialized.
If the new number of logical printers is less than the old number of logical printers, only the new number of logical printers will be re-initialized. All the other logical printers will be deleted.
If the new number of logical printers is greater than the old number of logical printers, all numbers of logical printers will be initialized.
Any attempt to write to a printer which has a number greater than those initialized results in error message NAT0361 (printer number not allocated).
Usage of the functions provided on the NATSPOOL
menu can
be restricted by disallowing the appropriate Natural modules in the library
security profile of library SYSPOOL
.
The modules can be restricted on a global basis by modifying the
library security profile of SYSPOOL
. Further control can be
exercised on an individual basis by defining individual special links
to SYSPOOL
for individual users.
The NATSPOOL
functions are contained in the following
Natural modules:
NATSPOOL Function | Function Code | Natural Module |
---|---|---|
Reports/Queues | 10 | SPPREP* |
Devices | 11 | SPPPSE* |
Abstracts | 12 | SPPSES* |
Applications | 13 | SPPAPC* |
Change Spool File | 14 | SPPCSF* |
Entire Output Management | 15 | SPPEOM01 |
Cross-Reference | 20 | SPPCR* |
Statistics | 21 | SPPSTA* |
Look at Spool File | 22 | SPPLOO* |
CALLNAT Handling | 23 | SPPUSP* |
Layout of Spool File | 30 | SPPFIL* SPPFOR* |
Objects | 31 | SPPUSE* SPPSEL01 SPPHCO01 |
Mass Update | 32 | SPPMA* |
Hardcopy Allocations | 33 | SPPHC* |
Transfer Objects | 34 | SPPTRF* |
Check Spool File | 40 | SPPCHE* |
Logging Data | 41 | SPPLGG* |
Create Test Report(s) | 42 | SPPTREP* |
Delete Reports by Date | 43 | SPPRBT* |
Regardless of whether Natural Security is installed, the following
NATSPOOL
internal security features apply:
- Report Protection
Reports can be protected both when being displayed in online mode and when being printed. See Function 31.2.
- Object Protection
Objects can be protected both when being modified or used. See Function 31.7.