This section covers the following topics:
The Retrieval subsystem of Natural Security can be used to retrieve information on the objects defined to Natural Security and on the existing relationships between these objects. It allows you to review the existing security profile definitions and their effects.
With Retrieval, you cannot do any Natural Security maintenance; you may only look at things.
To invoke retrieval functions:
On the Main Menu, select Retrieval.
A window will be displayed.
In this window, mark an object type with a character or with the cursor (and, if you wish, use the Start Value and Type/Status options as described in the section Finding Your Way In Natural Security).
The selection list for that object type will be displayed.
The list can be scrolled as described under Finding Your Way In Natural Security.
From the list, you can invoke the following retrieval functions (possible code abbreviations are underlined):
| Code | Function | Explanation |
|---|---|---|
DI |
Display | These functions are the same as those described in the appropriate maintenance sections for each object type. |
XR |
Cross-Reference | These functions are described below for each object type. |
To invoke a specific function for an object, you mark the object with the appropriate function code in column Co on the selection list.
You may select various objects for various functions at the same time; that is, you can mark several objects on the screen with a function code. For each object marked, the appropriate processing screen will be displayed. You may then perform for one object after another the selected functions.
This function allows you to obtain the following information about a user:
a list of all base and compound applications to which a user is linked;
a list of all libraries available to a user;
a list of all DDMs/files a user's private library is linked to;
a list of all groups a user belongs to;
a list of all users contained in a given group;
a list of all security profiles owned by a user;
a list of all DDM/file security profiles where the user is "DDM Modifier";
a list of all external objects to which a user is linked;
the user-specific functional security specifications for the command processors for which functional security is defined for the user.
a list of all utility profiles defined for a user.
To do so:
On the User Retrieval selection list, mark the
user in question with function code XR.
A window will be displayed, in which you can select one or more of the following items by marking them with any character:
| Applications | Displays a list of all base and compound applications to which the user is linked. |
|---|---|
| Libraries | Displays a list of all libraries available to the user. |
| Linked Libraries | Displays a list of all libraries to which the user is linked (directly or via a group). |
| DDMs / Files | Displays a list of all DDMs to which the user's private library is linked. |
| Groups / Members | Displays a list of all groups to which the user belongs; if the user is a group, a list of all users contained in that group will be displayed. |
| Owned Objects | Displays a list of all security profiles of which the user is an owner. |
| DDM Modifier | Displays a list of all DDM/file security profiles in which the user is specified as "DDM Modifier". |
| External Objects | Displays a list of all external objects to which the user is linked. |
| Command Processors | Displays the functional security specifications for each command processor for which functional security is defined for the user. |
| Utilities | Displays a list of all user-specific and user-library specific utility profiles defined for the user. |
This function allows you to obtain the following information about a library:
a list of all DDMs a library is linked to;
a list of all users linked to a library;
the functional security specifications for the command processors in the library.
a list of all utility profiles defined for a library.
To do so:
On the Library Retrieval selection list, mark
the library in question with function code XR.
A window will be displayed, in which you can select one or more of the following items by marking them with any character:
| DDMs / Files | Displays a list of all DDMs to which the library is linked. |
|---|---|
| Users | Displays a list of all users who are linked to the library. |
| Command Processors | Displays the functional security specifications for each command processor in the library for which functional security is defined. |
| Utilities | Displays a list of all library-specific and user-library specific utility profiles defined for the library. |
This function is only available on mainframe computers. It allows you to ascertain which libraries are linked to a file.
To do so:
On the File Retrieval selection list, mark the
file in question with function code XR.
A window will be displayed, in which you can select one or both of the following items by marking them with any character:
| Libraries | Displays a list of all libraries which are linked to the file. |
|---|---|
| Private Libraries | Displays a list of all users whose private libraries are linked to the file. |
This function allows you to ascertain which utility profiles exist for a utility.
To do so:
On the Utility Retrieval selection list, mark
the utility in question with function code XR.
A window will be displayed, in which you can select one or more of the following items by marking them with any character:
| Library-Specific Profiles | Displays a list of all library-specific profiles defined for this utility (as well as the utility's default profile). |
|---|---|
| User-Specific and User-Library-Specific Profiles | Displays a list of all user-specific profiles and user-library-specific profiles defined for this utility. |
| All Profiles | Displays a list of all user-specific profiles, library-specific profiles and user-library-specific profiles, as well as the default profile defined for this utility. |
This function allows you to ascertain which users are linked to an application.
To do so:
On the Application Retrieval selection list,
mark the application in question with function code XR.
A list of all users who are linked to the application will be displayed.
This function allows you to ascertain which users are linked to an external object.
To do so:
On the Retrieval selection list for a type of
external object, mark the object in question with function code
XR.
A list of all users who are linked to the external object will be displayed.
This function allows you to ascertain which users and libraries a mailbox is assigned to.
To do so:
On the Mailbox Retrieval selection list, mark
the mailbox in question with function code XR.
A window will be displayed, in which you can select one or both of the following items by marking them with any character:
| Libraries | Displays a list of all libraries to which the mailbox is assigned. |
|---|---|
| Users | Displays a list of all users to which the mailbox is assigned. |
You can obtain all retrieval information for all objects of a certain
object type at the same time. For this purpose, the library SYSSEC
provides the program RETRIEVE. This program performs the Display
and Cross-Reference functions for all objects of a certain object type; that
is, it shows Display and Cross-Reference information for all selected
objects.
The following information can be obtained:
Output 1: a list of all selected objects, with basic information about each object.
Output 2: display of security profiles of the selected objects.
Output 3: cross-reference information about the selected objects.
Output 4: display of security profiles of special links between users and libraries.
Various input parameters allow you to restrict the functions to a
certain range of objects, and to determine the sequence in which the
information is to be output. The input parameters for RETRIEVE
are:
| 1st Parameter |
Object type:
|
|
| 2nd Parameter |
|
|
| 3rd Parameter |
Start value: An object name (optionally with asterisk notation) to obtain information on a certain range of objects only. |
|
| 4th and 5th Parameters |
Date from/to: A range of dates to obtain information only on objects created/last modified within a specific period of time. |
|
| 6th Parameter |
Function: Determines which information is output, and the output sequence: |
|
S |
Output 1. | |
A |
Output 1, then Output 2 & 3 for one object, then Output 2 & 3 for the next object, etc. | |
AE |
Output 1, then Output 2, 3 & 4 for one object, then Output 2, 3 & 4 for the next object, etc. | |
X |
Output 3. | |
XE |
Output 3 & 4 for one object, then Output 3 & 4 for the next object, etc. | |
D |
Output 1, then Output 2 for every object. | |
Z |
Output 1, then Output 2 for every object, then Output 3 for every object. | |
ZE |
Output 1, then Output 2 for every object, then Output 3 for every object, then Output 4 for every object. | |
The program RETRIEVE is primarily intended for use in batch
mode. However, by issuing the direct command
RETRIEVE, you can also invoke it online: a menu will
be displayed for you to specify the selection options.