Original Message:
Sent: Wed March 27, 2024 05:35 PM
From: Rob van Hoboken
Subject: Carla - zSecure Network and Complex Identification on one line
define #HPW('PW',3,str$blank('HPW')) boolean where has_password=yes
results in a normal, non-statistic field, so SUMMARY shows unique combinations of profile and #HPW: if a user ID has a password on 5 systems, and no password on one, you will get 2 lines in the report.
If however you turn in into a statistic:
define #HPW('PW',3,str$blank('HPW')) max(has_password)
this field will show HPW if any of the user IDs has a password: True is stored as 1, False as 0, so the max( ) is 1 (True) if any profile has 1. It would not indicate on WHICH complexes a password was issued, but would indicate THAT there are some, maybe all.
Also, you could add a column COUNT to show how many instances of the user ID were found on all the complexes you accessed.
Original Message:
Sent: 3/27/2024 5:23:00 PM
From: Scott Lahner
Subject: RE: Carla - zSecure Network and Complex Identification on one line
Thanks Rob! Couple questions:
What if I defined a variable - define #HPW('Has_PW',6) boolean where has_password=yes and then added that to my sum - sum profile(8,"User ID") passdate(10,usdate,max) in_a in_b #hpw. And lets say in Complex A USERIDA has_password=yes but in Complex B USERIDA has_password=blank. How does Carla know what value to populate in #HPW?
And lets say I added has_password,max to my sum - sum profile(8,"User ID") passdate(10,usdate,max) in_a in_b has_password('Has_Pw',6,max) - would Carla always find the entry with YES because it's the highest value?
------------------------------
Scott Lahner
Original Message:
Sent: Wed March 27, 2024 12:49 PM
From: Rob van Hoboken
Subject: Carla - zSecure Network and Complex Identification on one line
The SUMMARY command can be used to get identically named profiles (users) on a single line. You can use boolean fields to add information about the complex where the profile originated. Suppose you have the RACF input sources tagged with ALLOC COMPLEX=A and ALLOC COMPLEX=B. Or, you omit the COMPLEX and the SYSTEM ID or RRSF NODE will be used as default complex.
newlist type=racf
define in_A(str$blank("A"),8,"A") boolean where complex=A
define in_B(str$blank("B"),8,"B") boolean where complex=B
select class=user segment=base HAS_PASSWORD=YES
sum profile(8,"User ID") passdate(10,usdate,max) in_a in_b
That means you have to tailor the define commands with the complex names you have in the system. The SUM command should have only one normal field (profile) and all other fields should be statistics, either by defining the fields as a boolean, or by adding modifier MAX after the field. If you mistakenly add a normal field to the SUM line-up, and the field has different values on the complexes, you will have multiple lines for the same user ID.
No, the complex names are not easily concatenated into a single field with commas.
Also, an ALL indicator does not easily come to mind.
------------------------------
Rob van Hoboken
------------------------------