IBM Security Z Security

 View Only
  • 1.  Reporting on the contents of the NAME field

    Posted Fri February 24, 2023 12:59 PM

    Two questions:

    1. I have some administration activity happening where when new User IDs are being created the NAME field is being set to the User ID itself, or the name field contains the User ID.    I have tried to code various SELECT statements to select when the NAME equals the User ID or the NAME contains the User ID.    But so far, I am unsuccessful.    Any tips?
    2. We use Command Verifier a lot to prevent unwanted administration activities.    I don't think there is a way to code up a Command Verifier profile to prevent this activity from happening?



    ------------------------------
    Linnea Sullivan
    ------------------------------


  • 2.  RE: Reporting on the contents of the NAME field

    Posted Sat February 25, 2023 06:04 AM
    Edited by Jeroen Tiggelman Sat February 25, 2023 06:05 AM

    Hi Linnea,

    As to the first, that seems to call for a field-field compare between KEY and NAME.

    Because KEY is also to a large extent treated as a keyword by SELECT in TYPE=RACF I think it is best to lead the clause with NAME.

    That is:

    N TYPE=RACF
    S C=USER S=BASE NAME==KEY
    SORTLIST KEY

    Regards,



    ------------------------------
    Jeroen Tiggelman
    Software Development and Level 3 Support Manager IBM Security zSecure Suite
    IBM
    Delft
    ------------------------------



  • 3.  RE: Reporting on the contents of the NAME field

    Posted Mon February 27, 2023 03:32 AM

    2) Indeed there is no policy to control the contents of the name field. There is a policy to restrict update the the name field, but nothing for the contents.



    ------------------------------
    Guus Bonnes
    ------------------------------