Hi Adam,
No, this use case is not currently possible.
FORALL support is limited to exactly what is described in the user reference manual. There is no special support for digital certificates.
It is interesting that you are thinking of !KEY_MODIFIERS, but I think you should simply submit your real requirement if you want us to consider how to best support this use case.
Regards,
--Jeroen
(In my mind, !KEY_MODIFIERS is there to ensure you target the right profile, when you might have multiple profiles with the same KEY, for example because you are looking at discrete profiles. I could see that there might also be a case for targeting field names (like DIGTCERT_LABEL) in the record in general. And there might be a third way to go about this. :-) )
------------------------------
Jeroen Tiggelman
Software Development and Level 3 Support Manager IBM Security zSecure Suite
IBM
Delft
------------------------------
Original Message:
Sent: Fri October 09, 2020 09:41 AM
From: Adam Klinger
Subject: zSecure "FORALL" Command in RA.5.1 (Certificates)
Greetings,
I'm trying to see if the "FORALL" zSecure Command can be used to generate RACDCERT DELETE commands based on the results of a query in RA.5.1 (RACF --> RACDCERT --> Certificates) and the "Digital certificate labels" field as it's needed for the commands.
When trying to use !KEY, this contains the serial number, etc. I believe !KEY_MODIFIERS would be needed to some degree, but I haven't figured out how to incorporate this so that the "digtcert_label" CARLa field is used.
Is this use-case currently possible, and if so how?
------------------------------
Adam Klinger
------------------------------