Safeguard Management Programming Manual Abstract This publication describes the Safeguard management programming interface. It is intended for programmers and security administrators. Product Version Safeguard G06, H04 Supported Release Version Updates (RVUs) This manual supports G06.21 and all subsequent G-series RVUs and H06.04 and all subsequent H-series RVUs until otherwise indicated by its replacement publication.
Document History Part Number Product Version Published 422086-008 Safeguard G06, H03 May 2006 422086-009 Safeguard G06, H03 July 2006 422086-010 Safeguard G06, H03 August 2006 422086-011 Safeguard G06, H03 November 2006 422086-012 Safeguard G06, H04 February 2007
Safeguard Management Programming Manual Glossary Index What’s New in This Manual ix Manual Information ix New and Changed Information Figures Tables ix About This Manual xiii Who Should Read This Manual xiii Organization of This Manual xiii Related Reading xiv Notation Conventions xiv 1. Introduction Objects Controlled by Safeguard 1-1 Safeguard Management Functions 1-1 Safeguard Architecture and Interfaces 1-4 2.
. Elements of SPI Messages (continued) Contents 4. Elements of SPI Messages (continued) Other Tokens 4-6 Constructs Involving Multiple Tokens 4-8 Components of a Command 4-8 Components of a Response 4-8 Components of an Event Message 4-8 5. SPI Programming Considerations Building the Command Buffer 5-1 Discontinuing a Command in Progress 5-2 Receiving and Decoding the Response Buffer Error Handling 5-3 Security 5-3 5-2 6.
7. Commands (continued) Contents 7.
7. Commands (continued) Contents 7. Commands (continued) SUSPEND ALIAS Command 7-191 SUSPEND PROTECTIONRECORD Command SUSPEND TERMINAL (LU) Command 7-195 SUSPEND USER Command 7-197 7-193 8.
8. Event Management (continued) Contents 8. Event Management (continued) ZSFG-EVT-EXIT-REPLY-ERROR 8-49 ZSFG-EVT-EXIT-REPLY-INV 8-51 ZSFG-EVT-SMON-LOST-SMP 8-54 ZSFG-EVT-CMON-MISSING 8-56 ZSFG-EVT-VIRT-OBJFILE-DOWN 8-58 ZSFG-EVT-FILE-LOCKED 8-60 ZSFG-EVT-SEGALLOC-ERR 8-62 ZSFG-EVT-POOLDEFINE-ERR 8-64 ZSFG-EVT-POOLGETSPACE-ERR 8-66 ZSFG-EVT-MAX-LIMIT-CON-UA-REQ 8-69 ZSFG-EVT-MAX-CON-UA-REQ-EXCEED 8-71 ZSFG-EVT-THRESHOLD-CON-UA-REQ 8-73 ZSFG-EVT-CONUA-BELOW-THRESHOLD 8-75 A.
Contents A. Error Numbers and Error Lists (continued) A.
Contents A. Error Numbers and Error Lists (continued) A.
Tables (continued) Contents Tables (continued) Table 2-1. Table 6-1. Table 6-2. Table 6-3. Table 7-1. Table 7-2. Table 8-1. Table 8-2. Table 8-3. Table 8-4. Table 8-5.
What’s New in This Manual Manual Information Safeguard Management Programming Manual Abstract This publication describes the Safeguard management programming interface. It is intended for programmers and security administrators. Product Version Safeguard G06, H04 Supported Release Version Updates (RVUs) This manual supports G06.21 and all subsequent G-series RVUs and H06.04 and all subsequent H-series RVUs until otherwise indicated by its replacement publication.
What’s New in This Manual • ° ° Changes to the H06.
What’s New in This Manual Changes to the H06.
What’s New in This Manual • Changes to the H06.06 Manual Updated to include support of the password encryption feature for G-series RVUs under: ° ° $SYSTEM.SAFE.CONFIGP on page 3-1 ° ° ° ° ZSFG-TKN-PSWD-MIN-LENGTH on page 7-90 ZSFG-TKN-PSWD-ALGTHM under the ALTER SUBSYSTEM command on page 7-88 and the INFO SUBSYSTEM command on page 7-155 ZSFG-TKN-PSWD-ENCRYPT on Page 7-90 ZSFG-TKN-PSWD-ALGORITHM on Page 7-99 Note on the EMS message on page 8-22 Changes to the H06.
About This Manual This manual describes the token-oriented programmatic interface for the Safeguard subsystem. This interface is based on the Subsystem Programmatic Interface (SPI).
Related Reading About This Manual Table i. Contents of this manual Section Title Contents (continued) 6 Common Definitions Provides standard definitions for SPI, EMS, and data communications. 7 Commands Describes Safeguard programmatic commands and responses. 8 Event Management Describes event messages issued by the Safeguard subsystem. Appendix A Error Numbers and Error Lists Lists the Safeguard error numbers and describes the corresponding error lists.
General Syntax Notation About This Manual This requirement is described under Backup DAM Volumes and Physical Disk Drives on page 3-2. General Syntax Notation This list summarizes the notation conventions for syntax presentation in this manual. UPPERCASE LETTERS. Uppercase letters indicate keywords and reserved words. Type these items exactly as shown. Items not enclosed in brackets are required. For example: MAXATTACH lowercase italic letters.
General Syntax Notation About This Manual braces on each side of the list, or horizontally, enclosed in a pair of braces and separated by vertical lines. For example: LISTOPENS PROCESS { $appl-mgr-name } { $process-name } ALLOWSU { ON | OFF } | Vertical Line. A vertical line separates alternatives in a horizontal list that is enclosed in brackets or braces. For example: INSPECT { OFF | ON | SAVEABEND } … Ellipsis.
Notation for Messages About This Manual !i and !o. In procedure calls, the !i notation follows an input parameter (one that passes data to the called procedure); the !o notation follows an output parameter (one that returns data to the calling program). For example: CALL CHECKRESIZESEGMENT ( segment-id , error ) ; !i !o !i,o. In procedure calls, the !i,o notation follows an input/output parameter (one that both passes data to the called procedure and returns data to the calling program).
Notation for Management Programming Interfaces About This Manual [ ] Brackets. Brackets enclose items that are sometimes, but not always, displayed. For example: Event number = number [ Subject = first-subject-value ] A group of items enclosed in brackets is a list of all possible items that can be displayed, of which one or none might actually be displayed.
Change Bar Notation About This Manual lowercase letters. Words in lowercase letters are words that are part of the notation, including Data Definition Language (DDL) keywords. For example: token-type !r. The !r notation following a token or field name indicates that the token or field is required. For example: ZCOM-TKN-OBJNAME !o. token-type ZSPI-TYP-STRING. !r The !o notation following a token or field name indicates that the token or field is optional.
Change Bar Notation About This Manual Safeguard Management Programming Manual—422086-012 xx
1 Introduction This manual describes the token-oriented programmatic interface to the Safeguard software. The Safeguard software is a group of programs that supplements the security features of the operating system. It is a powerful tool that provides a comprehensive security system using authentication, authorization, and auditing: • • • Authentication: Allows you to verify a user name and password when a user requests access to the system.
Safeguard Management Functions Introduction Table 1-1. Safeguard Subsystem Management Commands (page 2 of 3) Command (zcom-cmd- ) Object Type (zcom-obj-) Description (SAFECOM command) add user Adds user authentication records. alias Adds user alias authentication records. group Adds group definition records. prot Adds object protection records. rmtpassw Adds remote passwords. fileset Adds an audit pool. LU Adds a terminal definition. proc Adds an event-exit configuration record.
Safeguard Management Functions Introduction Table 1-1. Safeguard Subsystem Management Commands (page 3 of 3) Command (zcom-cmd- ) Object Type (zcom-obj-) Description (SAFECOM command) info user Retrieves attributes of a user. alias Retrieves attributes of an alias. group Retrieves group definition records prot Retrieves attributes of protection records. rmtpassw Retrieves attributes of remote passwords. subsystem Retrieves attributes of the Safeguard subsystem.
Introduction Safeguard Architecture and Interfaces Safeguard Architecture and Interfaces The Safeguard software consists of a number of processes and security database files. The processes cooperate to manage the contents of the security database, to authenticate users, and to authorize all attempts to access protected objects.
2 Management Programming for the Safeguard Subsystem As the previous section describes, there are interactive and programmatic interfaces to the Safeguard subsystem. In some situations, the programmatic interfaces are preferable to the interactive interfaces: • • It is efficient to transfer as many routine network-management tasks as possible to programs running on the network itself, freeing operators and other networkmanagement personnel to do other work.
Management Programming for the Safeguard Subsystem Communicating With the Safeguard Subsystem 1. Establishing communication with $ZSMP 2. Calling SPI procedures to build the desired message 3. Sending the message 4. Receiving the response to the message 5. Checking for error codes and handling any errors 6. Decoding the response 7. Taking appropriate action and returning to Step 2, if necessary 8.
Management Programming for the Safeguard Subsystem Event Messages Event Messages In addition to sending commands and receiving responses, a management application can obtain notification of events that occur in the Safeguard subsystem. This notification is in the form of event messages issued by the Safeguard subsystem. An event message describes an event such as a hardware or software error or the completion of an operation.
Management Programming for the Safeguard Subsystem Commands That a Management Application Can Issue Safeguard Management Programming Manual—422086-012 2 -4
3 Communicating With the Subsystem This section describes how an application communicates with the Safeguard subsystem through the Subsystem Control Point (SCP) or directly with the Safeguard manager process $ZSMP. The Safeguard subsystem does not receive event messages, but it does generate them. Section 8, Event Management, discusses event messages. For more information about the SCP, see the SPI Common Extensions Manual.
Communicating With the Subsystem Definition Files all the SMON processes with a priority of 199. The Safeguard software also creates audit files when they are needed. Note. The Safeguard SPI allows for, but does not require, the use of the Subsystem Control Point (SCP) process as the gateway to the programmatic interface. Thus, Safeguard SPI follows SCP implementation standards and uses the SCP ZCOM enumerated values for commands, object types, and some common errors.
Processes Addressed Communicating With the Subsystem • • The definition file for any other subsystems with which your Safeguard management application communicates. Other definition files used by a particular subsystem if your application needs them. An example of this type of file would be one defining tokens in pass-through error lists if the application examines these error lists.
Communicating With the Subsystem Safeguard Management Programming Manual—422086-012 3 -4 Processes Addressed
4 Elements of SPI Messages You can use the Subsystem Programmatic Interface (SPI) for sending commands to and decoding responses from the Safeguard subsystem and for obtaining event messages issued by the Safeguard subsystem (through EMS.) For the procedures used by an application to perform these tasks, see the SPI Programming Manual. For a description of using SPI messages to communicate with the Safeguard subsystem through SCP, see the SPI Common Extensions Manual.
Object Types Elements of SPI Messages The Safeguard subsystem supports the following commands: ACTIVATE GETVERSION RELEASE SWITCH ADD INFO SELECT SUSPEND ALTER LISTOBJECTS STATUS DELETE LISTOPENS STOP For more information about these commands, see Section 7, Commands. Object Types Every header also contains a token ZSPI-TKN-object-type, whose value is set to ZCOM-OBJ-object-type using SSINIT.
Elements of SPI Messages Object Names Users User objects are identified in one of three ways: • • • By their group name.member name By their group number,member number (ASCII character string) By their user ID in integer form. The integer user ID must be prefixed with the special delimiter two byte character string "==". The object name length is four bytes. TAL examples: ! the first word of the object name is the length INT .objectName[ 0:9 ]; ! user object name in the form .
Object Names Elements of SPI Messages • • • • SUBPROCESS DEVICE SUBDEVICE OBJECTTYPE (used for objecttypes and security groups) Some examples of names using the object type descriptor are DEVICE.$TAPE, PROCESS.$NULL, and SUBDEVICE.$SNAX.#LU1. You can use the object type descriptor with wild-card names. Some examples would be DISKFILE.*, OBJECTTYPE.*, and PROCESS.*. Using these examples, you can direct a command to a specific type of protection record; for example ALTER PROCESS.* or INFO DISKFILE.*.
Object Names Elements of SPI Messages returns the three diskfiles: DISKFILE.$DATA2.JATER.TEST DISKFILE.$DATA1.JATER.TEST DISKFILE.$DATA.JATER.TEST • INFO DISKFILE-PATTERN.$DATA.JATE?.T* returns the diskfile pattern $DATA.JATE?.T*. • INFO DISKFILE-PATTERN.*$DATA*.J*.T* (with the ZCOM-TKN-SUB token specified to ZCOM-VAL-SUB-ALL) returns the three diskfile patterns: $DATA2.J*.T* $DATA1.JA???.TEST $DATA.JATE?.T* For more information on diskfile patterns, see the Safeguard User’s Guide.
Elements of SPI Messages Event Numbers card character in either the subvolume or filename element of the filename, but the characters will be treated as exact characters, not search characters. • • The ZCOM-TKN-SUB must be used to indicate wild cards in a diskfile-pattern filename are to be treated as search characters. This token cannot be used with the ADD command.
Elements of SPI Messages Other Tokens Simple Tokens Simple tokens—tokens whose values are single fields or fixed structures—are identified by token codes. The token codes for the simple tokens used by the Safeguard subsystem are represented by symbolic names in the form ZSFG-TKNname, where name identifies the token code. For example, the token code ZSFG-TKNPASSWORD identifies a simple token that contains a password.
Elements of SPI Messages Constructs Involving Multiple Tokens Boolean data type. Throughout this manual, when a field is described, its field type is given. Constructs Involving Multiple Tokens The Safeguard subsystem supports data lists and error lists as described in the SPI Programming Manual. Components of a Command For each Safeguard command and the tokens it contains, see Section 7, Commands.
5 SPI Programming Considerations The SPI Common Extensions Manual discusses general programming considerations for writing applications that use the Subsystem Programmatic Interface (SPI) to communicate with subsystems like the Safeguard subsystem. This section discusses SPI programming considerations specific to the Safeguard subsystem. Building the Command Buffer These programming considerations apply when an application builds the command buffer for a Safeguard command.
SPI Programming Considerations • • • • • Discontinuing a Command in Progress ZSFG-MAP-REMOVE-OWNERS ZSFG-MAP-OWNERLIST ZSFG-TKN-AUDITFILENUMBER ZSFG-TKN-MEMBERNAME ZSFG-TKN-REMOVE-MEMBERNAME If any of the other tokens in a command appear more than once, the Safeguard subsystem returns the error ZCOM-ERR-TKN-DUP. Discontinuing a Command in Progress For a discussion of general programming considerations for discontinuing a command in progress, see the SPI Common Extensions Manual.
SPI Programming Considerations Error Handling no value is specified for this token, the Safeguard subsystem returns a response record for every object. Note. For commands such as the INFO command, whose purpose is to return information, using ZSPI-TKN-RESPONSE-TYPE to request the return only of those response records for objects for which errors or warnings occurred can result in no information being returned.
SPI Programming Considerations Safeguard Management Programming Manual—422086-012 5 -4 Security
6 Common Definitions This section introduces the definitions that apply to the multiple commands, responses, and event messages you can use in a management application that communicates with the Safeguard subsystem: • • • • SPI standard definitions EMS standard definitions Data communications standard definitions Safeguard specific standard definitions The SPI standard definitions and Safeguard definitions are the sources of definitions for tokens used in the programmatic interface to the Safeguard sub
SPI Standard Definitions Common Definitions Table 6-1.
EMS Standard Definitions Common Definitions Table 6-1. SPI Standard Definitions (page 2 of 2) ZSPI-TYP-TIMESTAMP ZSPI-TYP-UINT Value Names ZSPI-VAL-TRUE ZSPI-VAL-FALSE ZSPI-VAL-TANDEM ZSPI-VAL-ZSFG For more information about all the SPI standard definitions, see the SPI Programming Manual. EMS Standard Definitions Definitions whose names begin with ZEMS- are Event Management Service (EMS) standard definitions.
Data Communications Standard Definitions Common Definitions For more information about all the EMS standard definitions, see the EMS Manual. For information about EMS standard definitions specific to the Safeguard subsystem, see Section 8, Event Management. Data Communications Standard Definitions Definition names beginning with ZCOM- are data communications standard definitions.
Common Definitions Data Communications Standard Definitions Table 6-3. Data Communications Standard Definitions (page 2 of 2) ZCOM-CMD-LISTOBJECTS ZCOM-CMD-GETVERSION ZCOM-CMD-SWITCH ZCOM-CMD-RELEASE Table 6-3 does not list data communications error numbers or definitions used only in error lists. For a description of all data communications standard definitions and error numbers, refer to the SPI Common Extensions Manual.
Safeguard-Specific Standard Definitions Common Definitions Safeguard-Specific Standard Definitions Definition names beginning with ZSFG- are Safeguard definitions. These definitions consist of simple tokens and extensible structured tokens used in Safeguard commands and responses. These definitions are available to all Safeguard management applications and are located in the ZSPIDEF.ZSFGDDL definition files. For more information, see Definition Files on page 3-2.
Specifying Operands Common Definitions SEL-OPERAND tokens, with array elements matching the order in which the ZSPI-TKN-SEL-OPERAND tokens are listed. That is, the first such token is element 1 in the operand array, the second token is element 2 in the array, and so on. This exactly corresponds to the token index as defined for the SSGET procedure. (See the SPI Programming Manual.
Specifying Expressions Common Definitions If ZTKNCODE contains ZSPI-TKN-SEL-CONSTANT, that constant must be defined using the ZSPI-TKN-SEL-CONSTANT token. ZSPI-TKN-SEL-CONSTANT has the following format: ZSPI-TKN-SEL-CONSTANT token-type ZSPI-TYP-BYTESTRING For comparisons with the GROUPID or PRIMARY-GROUPID operands, the ZSPITKN-SEL-CONSTANT token always contains a group number. The token value consists of six bytes: • • The first two bytes contain the length of the constant value that follows.
Examples Common Definitions Examples This series of examples illustrates how to use the selection tokens to specify WHERE GROUP options. For simplicity, the diagrams do not show the first two bytes of ZSPITKN-SEL-EXPRESSION, which indicate the length of the expression.
Examples Common Definitions Constant Array Index (1) ZSPI-TKN-SEL-CONSTANT ZVALUE = 300 (2) ZSPI-TKN-SEL-CONSTANT ZVALUE = 364 ZSPI-TKN-SEL-EXPRESSION: 2 1 EQUAL-ANY 2 1 EQUAL-ANY OR EXAMPLE 3: WHERE (GROUP-ID = 300 AND GROUP-ID = 364) & OR PRIMARY-GROUP-ID =252 Operand Array Index (1) ZSPI-TKN-SEL-OPERAND ZTOKENCODE = ZSFG-TKN-GROUPID ZINDEX = 1 (2) ZSPI-TKN-SEL-OPERAND ZTOKENCODE = ZSFG-TKN-PRIMARYGROUPID ZINDEX = 1 (3) ZSPI-TKN-SEL-OPERAND ZTOKENCODE = ZSFG-TKN-CONSTANT INDEX =
7 Commands This section describes the syntax and semantics for all commands and responses in the programmatic control-and-inquiry interface.
Command Descriptions Commands Note. The Safeguard subsystem does not differentiate between sensitive and nonsensitive commands. Table 7-2 lists all the commands available in the programmatic control-and-inquiry interface to the Safeguard subsystem. This table also indicates the commands accepted by each object. Command Null Subsystem User Alias Group Protection Record Remote Pass-word Audit Pool (Fileset) Event Exit (Process) Terminal (LU) Table 7-2.
ACTIVATE ALIAS Command Commands Each required field of an extensible structured token must have a value other than its null value. Optional fields can have a value other than the field's null value, but it is not required. ACTIVATE ALIAS Command The ACTIVATE ALIAS command thaws a user alias authentication record.
ACTIVATE ALIAS Command Commands Tokens in Response Buffer For a description of the tokens present in the response buffer for the ACTIVATE ALIAS command, see Section 6, Common Definitions. Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), an informational warning, or an error.
ACTIVATE PROTECTIONRECORD Command Commands ZCOM-ERR-SSID-INV is returned if the subsystem ID is invalid. The error list identifies the invalid subsystem ID. ZCOM-ERR-SEL-CMPR-INV is returned if an invalid selection expression is specified. ACTIVATE PROTECTIONRECORD Command The ACTIVATE PROTECTIONRECORD command thaws object protection records.
ACTIVATE PROTECTIONRECORD Command Commands Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), an informational warning, or an error. These errors or warnings can occur in response to the ACTIVATE PROTECTION command: ZCOM-ERR-FS-ERR is returned when a file-system error occurs while accessing the $volume.SAFE.GUARD file, accessing the $SYSTEM.SAFE.
ACTIVATE TERMINAL (LU) Command Commands ZCOM-ERR-SSID-INV is returned if the subsystem ID is in error. The error list identifies the invalid subsystem ID. ZSFG-ERR-PAT-MISSING-ALL is returned if the ZCOM-TKN-SUB token value is not ZCOM-VAL-SUB-ALL for a diskfile-pattern protection record ALTER, DELETE, SUSPEND(FREEZE), INFO, LISTOBJECTS, or ACTIVATE(THAW) command that contains a wildcard in the pattern-spec volume name.
ACTIVATE TERMINAL (LU) Command Commands Tokens in Response Buffer For a description of the tokens present in the response buffer for the ACTIVATE TERMINAL command, see Section 6, Common Definitions. Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), an informational warning, or an error.
ACTIVATE USER Command Commands ZCOM-ERR-SSID-INV is returned if the subsystem ID is invalid. The error list identifies the invalid subsystem ID. ACTIVATE USER Command The ACTIVATE USER command thaws user authentication records.
ACTIVATE USER Command Commands Tokens in Response Buffer For a description of the tokens present in the response buffer for the ACTIVATE USER command, see Section 6, Common Definitions. Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), an informational warning, or an error.
ADD ALIAS Command Commands ZCOM-ERR-SEL-CMPR-INV is returned if an invalid selection expression is specified. ADD ALIAS Command The ADD ALIAS command adds a user alias (logical user) authentication record to the Safeguard database.
ADD ALIAS Command Commands ZSFG-MAP-DEFAULT-SECURITY def ZSFG-DDL-FILESECURITY 02 ZREAD 02 ZWRITE 02 ZEXECUTE 02 ZPURGE end.
ADD ALIAS Command Commands ZSFG-TKN-PSWD-EXPIRY-GRACE ZSFG-TKN-CI-XFNAME ZSFG-TKN-CI-LIB-XFNAME ZSFG-TKN-CI-NAME ZSFG-TKN-CI-PCPU ZSFG-TKN-CI-SWAP ZSFG-TKN-CI-PRI ZSFG-TKN-CI-PARAM-TEXT token-type token-type token-type token-type token-type token-type token-type token-type ZSPI-TYP-INT ZSPI-TYP-STRING ZSPI-TYP-STRING ZSPI-TYP-CHAR6 ZSPI-TYP-INT ZSPI-TYP-STRING ZSPI-TYP-INT ZSPI-TYP-STRING ZSFG-TKN-INIT-DIR ZSFG-TKN-INIT-PROGNAME ZSFG-TKN-INIT-PROGTYPE ZSFG-TKN-DESC-TXT ZSFG-TKN-DESC-BIN token-type tok
ADD ALIAS Command Commands ZSFG-MAP-USERID is a required structured token that specifies the user ID to be associated with the alias record being added. It contains the following fields: ZGROUPNUM the group number portion of the user ID. ZUSERNUM the member number portion of the user ID. ZSFG-MAP-OWNERID is an optional structured token that specifies the owner of the alias record being added.
ADD ALIAS Command Commands ZGROUPNUM is the group number portion of the owner ID. ZUSERNUM is the member number portion of the owner ID. ZNODENUM is the Expand node number portion of the owner ID. ZSFG-TKN-PASSWORD is an optional token that specifies 8 characters password of the alias being added. The default password is null, or no password. ZSFG-TKN-PASSWORD64 is an optional token that specifies 64 characters password of the alias being added. The default password is null, or no password.
ADD ALIAS Command Commands ZSFG-TKN-PSWD-EXPIRES is an optional token that establishes a date and time after which the password for this alias expires. The default expiration date is null, or no expiration date. ZSFG-TKN-PSWD-MUST-CHANGE is an optional token that specifies the maximum number of days that the alias can use the same password. The default is 0, which indicates that the password can be used indefinitely.
ADD ALIAS Command Commands ZSFG-VAL-AUDIT-LOCAL Only unsuccessful attempts from the local system are audited. ZSFG-VAL-AUDIT-REMOTE Not meaningful; remote authentication is not supported. ZSFG-VAL-AUDIT-NONE Unsuccessful attempts are not audited. The default is ZSFG-VAL-AUDIT-NONE. ZSFG-TKN-AUDIT-ACCESS-FAIL is the same as ZSFG-TKN-AUDIT-AUTHEN-FAIL. If you supply both tokens, ZSFG-TKN-AUDIT-AUTHEN-FAIL takes precedence.
ADD ALIAS Command Commands ZSFG-VAL-AUDIT-LOCAL Only unsuccessful management attempts from the local system are audited. ZSFG-VAL-AUDIT-REMOTE Only unsuccessful management attempts from a remote system are audited. ZSFG-VAL-AUDIT-NONE Unsuccessful management attempts are not audited. The default is ZSFG-VAL-AUDIT-NONE. ZSFG-TKN-AUDIT-USER-ACTN-PASS is an optional token that specifies the audit action taken for successful events performed by the alias.
ADD ALIAS Command Commands ZSFG-VAL-AUDIT-NONE Unsuccessful are not audited. The default is ZSFG-VAL-AUDIT-NONE. ZSFG-TKN-DEFAULT-FROZEN is an optional Boolean token that specifies a default state (frozen or thawed) applied for any files created by the alias. ZSFG-MAP-DEFAULT-OWNERID is an optional structured token that specifies the default owner of any default protection records created for the alias. It contains the same fields described earlier for ZSFG-MAP-OWNERID.
ADD ALIAS Command Commands ZSFG-TKN-CI-NAME is an optional token that specifies the CI's process name. ZSFG-TKN-CI-SWAP is an optional token that specifies the CI's SWAP volume. ZSFG-TKN-CI-PRI is an optional token that specifies the CI's priority. ZSFG-TKN-CI-PARAM-TEXT is an optional token that specifies the CI's startup parameter text. ZSFG-TKN-INIT-DIR is an optional token that specifies the name of the initial HP NonStop Open System Services (OSS) directory for the alias.
ADD ALIAS Command Commands ZSFG-TKN-DESC-BIN is an optional token that specifies a binary description to be associated with the alias record. This token is provided for documentation purposes only and has no affect on the alias. The binary description field can be up to 2048 bytes long. The binary description field is structured so that it can be shared by multiple vendors. See Appendix B, Example of Sharing a Binary Description Field, for an example.
ADD ALIAS Command Commands ZCOM-ERR-SECUR-VIOL is returned if the requestor's process access ID does not have authority to execute the ADD ALIAS command. The rules for who can manage alias security are defined in the Safeguard Reference Manual. ZCOM-ERR-SPI-ERR is returned if one of the procedures (for example, SSGETTKN) returned an error. The SPI error list defines the procedure in error, the error status, and the token involved. ZCOM-ERR-SSID-INV is returned if the subsystem ID is in error.
ADD ALIAS Command Commands The error list token ZSFG-TKN-MAX-ACES defines the currently supported maximum access control entries (ACEs). ZSFG-ERR-MAX-OWN-EXCEEDED Note. The ZSFG-ERR-MAX-OWN-EXCEEDED command is supported only on systems running G06.27 and later G-series RVUs and H06.07 and later H-series RVUs. is returned if the number of ZSFG-MAP-OWNER-LIST tokens exceeds the maximum allowed by Safeguard.
ADD ALIAS Command Commands • Space Safeguard Management Programming Manual—422086-012 7- 24
ADD AUDIT POOL (FILESET) Command Commands ADD AUDIT POOL (FILESET) Command The ADD AUDIT POOL command defines (adds) a new audit pool and optionally specifies disk allocation attributes that govern the number and size of audit files that can reside in the audit pool. These attributes can either be explicitly specified, or copied in their entirety from an existing audit pool. The ADD AUDIT POOL command fully allocates all of the files (MAXFILES) of the pool.
ADD AUDIT POOL (FILESET) Command Commands ZSFG-TKN-SECONDARYEXTENT is an optional token that specifies the secondary extent size, in 2048-byte pages, of the audit files that will be created in this audit pool. ZSFG-TKN-MAXEXTENTS is an optional token that specifies the maximum number of file extents that each audit file in this audit pool is to contain. ZSFG-TKN-MAXFILES is an optional token that specifies the maximum number of audit files that can reside in the audit pool being added.
ADD EVENT-EXIT-PROCESS (PROC) Command Commands ZCOM-ERR-FS-ERR is returned if a file-system error occurs. The file-system error list describes the file-system error, the file-system procedure, and the file in question. ZSFG-ERR-INTERNAL is returned when an internal error occurs within the Safeguard software. This error should never occur and is included here only for completeness.
ADD EVENT-EXIT-PROCESS (PROC) Command Commands Command-Specific Tokens in the Command Buffer ZCOM-TKN-OBJNAME is the name of the event exit for which this configuration record is being created. ZSFG-TKN-ENABLED is an optional token that specifies whether the event exit is to be started. The default is FALSE. If ZSFG-TKN-ENABLED is set to TRUE, ZSFG-TKN-PROGFNAME must contain the name of the object file to be run.
ADD EVENT-EXIT-PROCESS (PROC) Command Commands ZSFG-TKN-PROC-NAME is an optional token that specifies the process name to be assigned to the eventexit process. If no name is specified and ZSFG-TKN-ENABLED is set to TRUE, the Safeguard software generates a process name. The default is no process name. ZSFG-TKN-SWAP-FNAME is an optional token that specifies the swap volume to be used with the event-exit process. The default is the same volume that contains the object program file for the event-exit process.
ADD EVENT-EXIT-PROCESS (PROC) Command Commands structured token is greater than the subsystem version. The error list contains the subsystem version. ZCOM-ERR-FS-ERR is returned when a file-system error occurs. The file-system error list describes the file-system error, the file-system procedure, and the file in question. ZCOM-ERR-OBJ-ALRDY-DEF is returned if the specified event exit ZCOM-TKN-OBJNAME already exists. ZCOM-ERR-OBJNAME-INV is returned if the specified event exit ZCOM-TKN-OBJNAME is invalid.
ADD EVENT-EXIT-PROCESS (PROC) Command Commands ZCOM-ERR-TKN-REQ is returned when a required token is missing. ZSFG-ERR-CANT-START-PROCESS is returned when the event-exit process cannot be started because of a failure from Processs_Create_. ZSFG-ERR-MAX-PROC-EXCEEDED is returned if more than one event-exit process configuration record is specified. ZSFG-ERR-PROGFILE-REQUIRED is returned if an attempt is made to enable the event-exit process when no object program file name has been specified.
ADD GROUP Command Commands ADD GROUP Command The ADD GROUP command adds a group definition record to the Safeguard database. Command ZCOM-CMD-ADD Object Type ZCOM-OBJ-GROUP Tokens in Command Buffer ZSPI-TKN-MANAGER ZSPI-TKN-MAXRESP ZSPI-TKN-RESPONSE-TYPE ZSPI-TKN-ALLOW-TYPE ZSPI-TKN-COMMENT ZCOM-TKN-OBJNAME ZSFG-MAP-OWNERID def ZSFG-DDL-OWNERID 02 ZTYPEID 02 ZGROUPNUM 02 ZUSERNUM end.
ADD GROUP Command Commands ZCOM-TKN-OBJNAME is a required token that contains the group name of the new group to be added. ZSFG-MAP-OWNERID is an optional structured token that specifies the owner of the group record being added. It contains these fields: ZTYPEID specifies the type of user ID defined by ZGROUPNUM and ZUSERNUM. This field must contain one of these values: ZSFG-VAL-TYPEID-LOCALSPECIFIC ZSFG-VAL-TYPEID-REMOTESPECIFIC ZGROUPNUM is the group number portion of the owner ID.
ADD GROUP Command Commands the ADD GROUP command, an error list containing a warning can be returned even when ZSPI-TKN-RETCODE has the value ZCOM-ERR-OK. These errors or warnings can occur in response to the ADD GROUP command: ZCOM-ERR-OBJ-ALRDY-DEF is returned if the specified group name ZCOM-TKN-OBJNAME has already been defined. ZCOM-ERR-OBJNAME-INV is returned if the specified group name ZCOM-TKN-OBJNAME is invalid. ZCOM-ERR-TKN-VAL-INV is returned when a token's value is invalid.
ADD PROTECTIONRECORD Command Commands ZSFG-ERR-GROUP-ID-NOTFOUND is returned if an internal error occurs while attempting to update a member's group list. ZSFG-ERR-GROUP-NAME-NOTFOUND is returned if an internal error occurs while attempting to update a member's group list. ADD PROTECTIONRECORD Command This command adds an object protection record to the Safeguard database.
ADD PROTECTIONRECORD Command Commands ZSFG-MAP-ACCESS def ZSFG-DDL-ACCESS 02 ZDENY 02 ZTYPEID 02 ZGROUPNUM 02 ZUSERNUM 02 ZREAD 02 ZWRITE 02 ZEXECUTE 02 ZPURGE 02 ZCREATE 02 ZOWNER 02 ZNODENUM end.
ADD PROTECTIONRECORD Command Commands ZSFG-TKN-TYPE specifies the type of protection record. This field must contain one of these values: ZSFG-VAL-TYPE-VOLUME ZSFG-VAL-TYPE-SUBVOLUME ZSFG-VAL-TYPE-DISKFILE ZSFG-VAL-TYPE-PAT-DISKFILE ZSFG-VAL-TYPE-DEVICE ZSFG-VAL-TYPE-SUBDEVICE ZSFG-VAL-TYPE-PROCESS ZSFG-VAL-TYPE-SUBPROCESS ZSFG-VAL-TYPE-OBJECTTYPE ZSFG-VAL-TYPE-OBJECTTYPE is used for both OBJECTTYPE records and security group records.
ADD PROTECTIONRECORD Command Commands ZSFG-TKN-PERSIST is an optional token that is valid only for ZSFG-VAL-TYPE-DISKFILE. This token specifies the persistence attribute of a protection record that allows the protection record to persist even though the file is purged. The default value is FALSE. ZSFG-TKN-PROGID is an optional token that is valid only for ZSFG-VAL-TYPE-DISKFILE. This token specifies the PROGID attribute of a program object file. The default value is FALSE.
ADD PROTECTIONRECORD Command Commands ZSFG-TKN-AUDIT-MANAGE-PASS is an optional token that specifies the audit action taken for successful attempts to manage (update or view) a protection record. This field must contain one of these values: ZSFG-VAL-AUDIT-ALL All successful management attempts are audited. ZSFG-VAL-AUDIT-LOCAL Only successful management attempts from the local system are audited. ZSFG-VAL-AUDIT-REMOTE Only successful management attempts from a remote system are audited.
ADD PROTECTIONRECORD Command Commands ZSFG-VAL-TYPEID-REMOTEANYONE ZSFG-VAL-TYPEID-NODESPECIFIC ZSFG-VAL-TYPEID-NODEGROUP ZSFG-VAL-TYPEID-NODEANYONE • • • • • • • • • ZGROUPNUM specifies the group number of users who are granted or denied access to the object. ZUSERNUM specifies the member number of users who are granted or denied access to the object. ZREAD specifies read access authority. ZWRITE specifies write access authority. ZEXECUTE specifies execute authority.
ADD PROTECTIONRECORD Command Commands Tokens in Response Buffer For a description of the tokens present in the response buffer for the ADD PROTECTIONRECORD command, see Section 6, Common Definitions. Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), an informational warning, or an error.
ADD PROTECTIONRECORD Command Commands ZCOM-ERR-SSID-INV is returned if the subsystem ID is in error. The error list identifies the invalid subsystem ID. ZCOM-ERR-TKN-CODE-INV is returned if an invalid, foreign, or unsupported token was found. The error list identifies the invalid token. ZCOM-ERR-TKN-DUP is returned if the same token is invalidly specified more than once in the request buffer. The error list identifies the duplicate token. ZCOM-ERR-TKN-LEN-INV is returned when a token's length is invalid.
ADD REMOTEPASSWORD Command Commands ZSFG-ERR-ORPHANED-ACL is returned when the ACL is configured so that no owner has the authority to modify it. ZSFG-ERR-VOL-NONEXISTENT is returned when a specified volume does not exist. ZSFG-ERR-PAT-BAD-VOLNAME is returned when a pattern-spec volume name contains a wildcard for a diskfile-pattern protection record ADD command. ZSFG-ERR-TRUSTNONOBJ is returned when a TRUST operation is requested for a disk file that is not an object file.
ADD REMOTEPASSWORD Command Commands Command-Specific Tokens in the Command Buffer ZSPI-TKN-MANAGER ZSPI-TKN-MAXRESP ZSPI-TKN-RESPONSE-TYPE ZSPI-TKN-ALLOW-TYPE ZSPI-TKN-COMMENT are common standard tokens that are documented in the SPI Programming Manual. ZCOM-TKN-OBJNAME is a required token containing the user or alias name and system. If a user name is specified, its form is user-name\system-name. For example: USER1.
ADD REMOTEPASSWORD Command Commands ZCOM-ERR-OBJ-NOT-FOUND is returned if the specified user portion of ZCOM-TKN-OBJNAME does not exist. ZCOM-ERR-OBJNAME-INV is returned if the specified user name and system (ZCOM-TKN-OBJNAME) is invalid. ZCOM-ERR-SECUR-VIOL is returned if the requestor's process access ID does not have authority to perform the ADD REMOTEPASSWORD. For the rules for who can manage user records, see the Safeguard Reference Manual.
ADD TERMINAL (LU) Command Commands ADD TERMINAL (LU) Command The ADD TERMINAL (LU) command adds a terminal definition to the Safeguard database.
ADD TERMINAL (LU) Command Commands ZSFG-TKN-CI-LIB-XFNAME is an optional token that specifies the library (if any) associated with the aforementioned CI. ZSFG-TKN-CI-PCPU is an optional token that specifies the primary CPU where the CI is to be started. ZSFG-TKN-CI-NAME is an optional token that specifies the CI's process name. ZSFG-TKN-CI-SWAP is an optional token that specifies the CI's SWAP volume. ZSFG-TKN-CI-PRI is an optional token that specifies the CI's priority.
ADD TERMINAL (LU) Command Commands ZCOM-ERR-VSN-INCOMP is returned when the version of the command is greater than the subsystem version, and the command contains unknown tokens. Or a field in a structured token is greater than the subsystem version. The error list contains the subsystem version. ZCOM-ERR-FS-ERR is returned when a file-system error occurs. The file-system error list describes the file-system error, the file-system procedure, and the file in question.
ADD TERMINAL (LU) Command Commands ZCOM-ERR-TKN-VAL-INV is returned when a token's value is invalid. The ZSPI-TKN-PARM-ERR within the error list defines the token that has an invalid value. ZCOM-ERR-TKN-REQ is returned when a required token is missing. ZSFG-ERR-MAX-LUS-DEFINED is returned when the maximum number of terminals is already defined.
ADD USER Command Commands ADD USER Command The ADD USER command adds a user-authentication record to the Safeguard database. Command ZCOM-CMD-ADD Object Type ZCOM-OBJ-USER Tokens in Command Buffer ZSPI-TKN-MANAGER ZSPI-TKN-MAXRESP ZSPI-TKN-RESPONSE-TYPE ZSPI-TKN-ALLOW-TYPE ZSPI-TKN-COMMENT ZCOM-TKN-OBJNAME ZSFG-TKN-LIKE-OBJNAME token-type token-type token-type token-type token-type token-type token-type ZSFG-MAP-USERID def ZSFG-DDL-USERID 02 ZGROUPNUM 02 ZUSERNUM end.
ADD USER Command Commands ZSFG-MAP-DEFAULT-SECURITY def ZSFG-DDL-FILESECURITY 02 ZREAD 02 ZWRITE 02 ZEXECUTE 02 ZPURGE end.
ADD USER Command Commands ZSFG-TKN-CI-SWAP ZSFG-TKN-CI-PRI ZSFG-TKN-CI-PARAM-TEXT ZSFG-TKN-INIT-DIR ZSFG-TKN-INIT-PROGNAME ZSFG-TKN-INIT-PROGTYPE ZSFG-TKN-DESC-TEXT ZSFG-TKN-DESC-BIN token-type token-type token-type token-type token-type token-type token-type token-type ZSPI-TYP-STRING ZSPI-TYP-INT ZSPI-TYP-STRING ZSPI-TYP-STRING ZSPI-TYP-STRING ZSPI-TYP-ENUM ZSPI-TYP-STRING ZSPI-TYP-STRING token-type token-type token-type token-type token-type token-type token-type ZSPI-TYP-LIST.
ADD USER Command Commands ZGROUPNUM is the group number portion of the user ID. ZUSERNUM is the member number portion of the user ID. ZSFG-MAP-OWNERID is an optional structured token that specifies the primary owner of the user record being added. It contains these fields: ZTYPEID specifies the type of user ID defined by ZGROUPNUM and ZUSERNUM. This field must contain one of these values: ZSFG-VAL-TYPEID-LOCALSPECIFIC ZSFG-VAL-TYPEID-REMOTESPECIFIC ZGROUPNUM is the group number portion of the owner ID.
ADD USER Command Commands ZUSERNUM is the member number portion of the owner ID. ZNODENUM is the Expand node number portion of the owner ID. ZSFG-TKN-PASSWORD is an optional token that specifies 8 characters password of the user being added. The default password is null, or no password. ZSFG-TKN-PASSWORD64 is an optional token that specifies 64 characters password of the alias being added. The default password is null, or no password.
ADD USER Command Commands ZSFG-TKN-PSWD-EXPIRES is an optional token that establishes a date and time after which the password for this user expires. The default expiration date is null, or no expiration date. ZSFG-TKN-PSWD-MUST-CHANGE is an optional token that specifies the maximum number of days a user can use the same password. The default is 0, which indicates that the password can be used indefinitely.
ADD USER Command Commands ZSFG-VAL-AUDIT-LOCAL Only unsuccessful attempts from the local system are audited. ZSFG-VAL-AUDIT-REMOTE Not meaningful; remote authentication is not supported. ZSFG-VAL-AUDIT-NONE Unsuccessful attempts are not audited. The default is ZSFG-VAL-AUDIT-NONE. ZSFG-TKN-AUDIT-ACCESS-FAIL is the same as ZSFG-TKN-AUDIT-AUTHEN-FAIL. If you supply both tokens, ZSFG-TKN-AUDIT-AUTHEN-FAIL takes precedence.
ADD USER Command Commands ZSFG-VAL-AUDIT-LOCAL Only unsuccessful management attempts from the local system are audited. ZSFG-VAL-AUDIT-REMOTE Only unsuccessful management attempts from a remote system are audited. ZSFG-VAL-AUDIT-NONE Unsuccessful management attempts are not audited. The default is ZSFG-VAL-AUDIT-NONE. ZSFG-TKN-AUDIT-USER-ACTN-PASS is an optional token that specifies the audit action taken for successful operations performed by the user.
ADD USER Command Commands ZSFG-VAL-AUDIT-NONE Unsuccessful operations are not audited. The default is ZSFG-VAL-AUDIT-NONE. ZSFG-TKN-DEFAULT-FROZEN is an optional Boolean token that specifies a default state (frozen or thawed) that is applied for any files created by the user. ZSFG-MAP-DEFAULT-OWNERID is an optional structured token that specifies the default owner of any protection records created automatically for the user. It contains the same fields described previously for ZSFG-MAP-OWNERID.
ADD USER Command Commands ZSFG-TKN-CI-NAME is an optional token that specifies the CI's process name. ZSFG-TKN-CI-SWAP is an optional token that specifies the CI's SWAP volume. ZSFG-TKN-CI-PRI is an optional token that specifies the CI's priority. ZSFG-TKN-CI-PARAM-TEXT is an optional token that specifies the CI's startup parameter text. ZSFG-TKN-INIT-DIR is an optional token that specifies the name of the initial OSS directory for the user. The string may be up to 256 characters long.
ADD USER Command Commands ZSFG-TKN-DESC-BIN is an optional token that specifies a binary description to be associated with the user authentication record. This token is provided for documentation purposes and has no effect on the record. The binary description field can be up to 2048 bytes long. The binary description field is structured so that it can be shared by multiple vendors. See Appendix B, Example of Sharing a Binary Description Field, for an example.
ADD USER Command Commands ZCOM-ERR-SPI-ERR is returned if one of the procedures (for example, SSGETTKN) returned an error. The SPI error list defines the procedure in error, the error status, and the token involved. ZCOM-ERR-SSID-INV is returned if the subsystem ID is in error. The error list identifies the invalid subsystem ID. ZCOM-ERR-TKN-CODE-INV is returned if an invalid, foreign, or unsupported token was found. The error list identifies the invalid token.
ADD USER Command Commands ZSFG-ERR-SUBJGROUPNAME is returned when the group name portion of ZCOM-TKN-OBJNAME conflicts with previously defined users of the same group number. ZSFG-ERR-MAX-ACL-EXCEEDED is returned when the number of DEFAULT-SECURITY tokens exceeds the maximum allowed in the Safeguard software for the current product version. The error list token ZSFG-TKN-MAX-ACES defines the currently supported maximum Access Control Entries (ACEs). ZSFG-ERR-MAX-OWN-EXCEEDED Note.
ALTER ALIAS Command Commands ZSFG-ERR-TEXTDATA-INVALID is returned if a text description was specified that contained nonprintable characters. The printable characters are: • • • • • Lowercase letters a through z Uppercase letters A through Z Digits 0 through 9 Special characters { } ! @ # $ % ^ & * ( ) - _ + = { } ~ ‘ : ; ? / > . < , . Space ALTER ALIAS Command The ALTER ALIAS command alters a user alias authentication record.
ALTER ALIAS Command Commands ZSFG-MAP-OWNER-LIST def ZSFG-DDL-MULOWNENT 02 ZTYPEID 02 ZGROUPNUM 02 ZUSERNUM 02 ZNODENUM end. type ZSPI-TYP-MAP ZSFG-MAP-REMOVE-OWNERS def ZSFG-DDL-MULOWNENT 02 ZTYPEID 02 ZGROUPNUM 02 ZUSERNUM 02 ZNODENUM end. type ZSPI-TYP-MAP ZSFG-TKN-PASSWORD ZSFG-TKN-PASSWORD64 ZSFG-TKN-DEFAULT-VOLSUBVOL ZSFG-MAP-DEFAULT-SECURITY def ZSFG-DDL-FILESECURITY 02 ZREAD 02 ZWRITE 02 ZEXECUTE 02 ZPURGE end.
ALTER ALIAS Command Commands ZSFG-MAP-DEFAULT-ACCESS def ZSFG-DDL-ACCESS 02 ZDENY 02 ZTYPEID 02 ZGROUPNUM 02 ZUSERNUM 02 ZREAD 02 ZWRITE 02 ZEXECUTE 02 ZPURGE 02 ZCREATE 02 ZNODENUM end. type ZSPI-TYP-MAP ZSFG-MAP-REMOVE-DF-ACCESS def ZSFG-DDL-ACCESS 02 ZDENY 02 ZTYPEID 02 ZGROUPNUM 02 ZUSERNUM 02 ZREAD 02 ZWRITE 02 ZEXECUTE 02 ZPURGE 02 ZCREATE 02 ZOWNER 02 ZNODENUM end.
ALTER ALIAS Command Commands Tokens in Response Buffer ZSPI-TKN-DATALIST ZSPI-TKN-RETCODE ZCOM-TKN-OBJTYPE ZCOM-TKN-OBJNAME ZSPI-TKN-ERRLIST ZSPI-TKN-ENDLIST ZSPI-TKN-ENDLIST token-type token-type token-type token-type token-type token-type token-type ZSPI-TYP-LIST ZSPI-TYP-ENUM ZSPI-TYP-ENUM ZSPI-TYP-STRING ZSPI-TYP-LIST ZSPI-TYP-SSCTL ZSPI-TYP-SSCTL Command-Specific Tokens in the Command Buffer See the token descriptions under the ADD ALIAS command.
ALTER ALIAS Command Commands ZSFG-TKN-RESET-BIN-DESC is an optional token that resets the binary description field associated with the alias record to a zero length and null value. The default is FALSE. ZSFG-MAP-REMOVE-OWNERS is an optional structured token that specifies owners to be removed from the secondary owner list. It contains these fields: ZTYPEID specifies the type of user ID defined by ZGROUPNUM and ZUSERNUM.
ALTER ALIAS Command Commands ZCOM-ERR-FS-ERR is returned when a file-system error occurs. The file-system error list describes the file-system error, the file-system procedure, and the file in question. ZCOM-ERR-NO-MEM-SPACE is returned when the Security Manager Process (SMP) cannot obtain memory to service the ALTER request. Normally, this error should not occur, and it should be transient if it does occur. ZCOM-ERR-OBJ-NOT-FOUND is returned if the specified alias ZCOM-TKN-OBJNAME does not exist.
ALTER ALIAS Command Commands ZCOM-ERR-TKN-DUP is returned if the same token is invalidly specified more than once in the request buffer. The error list identifies the duplicate token. ZCOM-ERR-TKN-LEN-INV is returned when a token's length is invalid. ZSPI-TKN-PARM-ERR within the error list defines the token that has an invalid length. ZCOM-ERR-TKN-VAL-INV is returned when a token's value is invalid. ZSPI-TKN-PARM-ERR within the error list defines the token that has an invalid value.
ALTER ALIAS Command Commands ZSFG-ERR-MAX-OWN-EXCEEDED Note. The ZSFG-ERR-MAX-OWN-EXCEEDED command is supported only on systems running G06.27 and later G-series RVUs and H06.07 and later H-series RVUs. is returned if the number of ZSFG-MAP-OWNER-LIST tokens exceeds the maximum allowed by Safeguard. The error list token ZSFG-TKN-MAXOWNENTRIES defines the currently supported maximum owners in an OWNER-LIST. ZSFG-ERR-OWNER-LIST-INV-OWNER Note.
ALTER AUDIT POOL Command Commands ALTER AUDIT POOL Command The ALTER AUDIT POOL command alters the parameters that control disk space allocation in an existing audit pool.
ALTER AUDIT POOL Command Commands Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), an informational warning, or an error. These errors or warnings can occur in response to the ALTER AUDIT POOL command: ZCOM-ERR-SECUR-VIOL is returned if the requestor's process access ID does not have authority to perform the ALTER AUDIT POOL command.
ALTER EVENT-EXIT-PROCESS (PROC) Command Commands ALTER EVENT-EXIT-PROCESS (PROC) Command The ALTER EVENT-EXIT-PROCESS command alters a configuration record for an event-exit process.
ALTER EVENT-EXIT-PROCESS (PROC) Command Commands Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), a warning, or an error. These errors can occur in response to the ADD EVENT-EXIT-PROCESS command: ZCOM-ERR-SECUR-VIOL is returned if the requestor's process access ID does not have authority to execute the ALTER EVENT-EXIT-PROCESS command.
ALTER EVENT-EXIT-PROCESS (PROC) Command Commands ZCOM-ERR-TKN-CODE-INV is returned if an invalid, foreign, or unsupported token was found. The error list identifies the invalid token. ZCOM-ERR-TKN-DUP is returned if the same token is specified more than once in the request buffer. The error list identifies the duplicate token. ZCOM-ERR-TKN-LEN-INV is returned when a token's length is invalid. The ZSPI-TKN-PARM-ERR within the error list defines the token that has an invalid length.
ALTER GROUP Command Commands ALTER GROUP Command The ALTER GROUP command alters a group definition record.
ALTER GROUP Command Commands ZSFG-TKN-REMOVE-MEMBERNAME is an optional token that contains a user name or user alias to be removed from the group. Tokens in Response Buffer For a description of the tokens present in the response buffer for the ALTER GROUP command, see Section 6, Common Definitions. Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), an informational warning, or an error.
ALTER GROUP Command Commands ZSFG-ERR-MEMBER-UPDATE is returned if an attempt to update the group list for one or more group members fails. This warning indicates that the command was only partially successful. ZSFG-ERR-NO-MEMBER-UPDATE is returned if an attempt to update the group list for the all group members fails. This warning indicates the command was only partially successful. ZSFG-ERR-GROUP-SECVIOL is returned if an internal error occurs while attempting to update a member's group list.
ALTER PROTECTIONRECORD Command Commands ALTER PROTECTIONRECORD Command The ALTER PROTECTIONRECORD command alters an object protection record.
ALTER PROTECTIONRECORD Command Commands 02 ZPURGE 02 ZCREATE 02 ZOWNER 02 ZNODENUM end. ZSFG-MAP-REMOVE-ACCESS def ZSFG-DDL-ACCESS 02 ZDENY 02 ZTYPEID 02 ZGROUPNUM 02 ZUSERNUM 02 ZREAD 02 ZWRITE 02 ZEXECUTE 02 ZPURGE 02 ZCREATE 02 ZOWNER 02 ZNODENUM end.
ALTER PROTECTIONRECORD Command Commands ZSFG-VAL-TYPEID-NODESPECIFIC ZSFG-VAL-TYPEID-NODEGROUP ZSFG-VAL-TYPEID-NODEANYONE ZGROUPNUM specifies the group that identifies the ACL entry to be modified and possibly deleted. ZUSERNUM specifies the user that identifies the ACL entry to be modified and possibly deleted. ZREAD ZWRITE ZEXECUTE ZPURGE ZCREATE ZOWNER are booleans that specify the authorities to be deleted.
ALTER PROTECTIONRECORD Command Commands Tokens in Response Buffer For a description of the tokens present in the response buffer for the ALTER PROTECTIONRECORD command, see Section 6, Common Definitions. Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), an informational warning, or an error.
ALTER PROTECTIONRECORD Command Commands ZCOM-ERR-TKN-CODE-INV is returned if an invalid, foreign, or unsupported token was found. The error list identifies the invalid token. ZCOM-ERR-TKN-DUP is returned if the same token is invalidly specified more than once in the request buffer. The error list identifies the duplicate token. ZCOM-ERR-TKN-LEN-INV is returned when a token's length is invalid. The ZSPI-TKN-PARM-ERR within the error list defines the token that has an invalid length.
ALTER REMOTEPASSWORD Command Commands INFO, LISTOBJECTS, or ACTIVATE(THAW) command that contains a wildcard in the pattern-spec volume name. ZSFG-ERR-PAT-BAD-PATNAME is returned if the pattern-spec does not include at least one wildcard in either the subvolume or file name for a diskfile-pattern protection record command. ZSFG-ERR-TRUSTNONOBJ is returned if a TRUST operation is requested for a disk file that is not an object file.
ALTER REMOTEPASSWORD Command Commands Tokens in the Response Buffer See the token descriptions under the ADD REMOTEPASSWORD Command on page 7-43. Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), an informational warning, or an error. These errors or warnings can occur in response to the ALTER REMOTEPASSWORD command: ZCOM-ERR-FS-ERR is returned when a file-system error occurs.
ALTER REMOTEPASSWORD Command Commands ZCOM-ERR-TKN-CODE-INV is returned if an invalid, foreign, or unsupported token was found. The error list identifies the invalid token. ZCOM-ERR-TKN-DUP is returned if the same token is invalidly specified more than once in the request buffer. The error list identifies the duplicate token. ZCOM-ERR-TKN-REQ is returned when the required token ZSFG-TKN-REMOTEPASSWORD is missing. ZCOM-ERR-TKN-LEN-INV is returned when a token's length is invalid.
ALTER SUBSYSTEM Command Commands ALTER SUBSYSTEM Command The ALTER SUBSYSTEM command alters the Safeguard configuration attributes.
ALTER SUBSYSTEM Command Commands ZSFG-TKN-DIRECTION-DISKFILE ZSFG-TKN-COMBINATION-DISKFILE ZSFG-TKN-ACL-REQUIRED-DISKFILE ZSFG-TKN-CLEARONPURGE ZSFG-TKN-AUDIT-AUTHEN-PASS ZSFG-TKN-AUDIT-AUTHEN-FAIL ZSFG-TKN-AUDIT-USER-MAN-PASS ZSFG-TKN-AUDIT-USER-MAN-FAIL ZSFG-TKN-AUDIT-OBJECT-MAN-PASS ZSFG-TKN-AUDIT-OBJECT-MAN-FAIL ZSFG-TKN-AUDIT-OBJECT-ACC-PASS ZSFG-TKN-AUDIT-OBJECT-ACC-FAIL ZSFG-TKN-AUDIT-DEVICE-MAN-PASS ZSFG-TKN-AUDIT-DEVICE-MAN-FAIL ZSFG-TKN-AUDIT-DEVICE-ACC-PASS ZSFG-TKN-AUDIT-DEVICE-ACC-FAIL ZSFG-T
ALTER SUBSYSTEM Command Commands ZSFG-TKN-PSWD-REQ-UPCASE& ZSFG-TKN-PSWD-REQ-LOWCASE& ZSFG-TKN-PSWD-REQ-NUMERIC& ZSFG-TKN-PSWD-REQ-SPECIALCHAR& ZSFG-TKN-PSWD-SPACES-ALLOWED& ZSFG-TKN-PSWD-REQ-MIN-QUALITY& token-type token-type token-type token-type token-type token-type ZSPI-TYP-INT ZSPI-TYP-INT ZSPI-TYP-INT ZSPI-TYP-INT ZSPI-TYP-INT ZSPI-TYP-BOOLEAN Tokens in Response Buffer ZSPI-TKN-DATALIST ZSPI-TKN-RETCODE ZCOM-TKN-OBJTYPE ZSPI-TKN-ERRLIST ZSPI-TKN-ENDLIST ZSPI-TKN-ENDLIST token-type ZSPI-TYP-LIST
ALTER SUBSYSTEM Command Commands ZSFG-VAL-UNITS-DAYS ZSFG-VAL-UNITS-WEEKS ZSFG-VAL-UNITS-MONTHS ZSFG-VAL-UNITS-YEARS ZSFG-TKN-PSWD-HISTORY is an optional token that specifies the number of previous passwords to retain in a password database organized by user ID. Any new passwords must be different from all the previous passwords. The default value is zero, indicating no password history. ZSFG-TKN-PSWD-MIN-LENGTH is an optional token that specifies the minimum character length of a new password.
ALTER SUBSYSTEM Command Commands ZSFG-TKN-DIRECTION-DEVICE is an optional token that specifies the direction in which device and subdevice ACLs are consulted. This field must contain one of these values: ZSFG-VAL-DIRECTION-TOP-DOWN ZSFG-VAL-DIRECTION-BOTTOM-UP The default is ZSFG-VAL-DIRECTION-TOP-DOWN. ZSFG-TKN-COMBINATION-DEVICE is an optional token that specifies the method by which overlapping ACLs are resolved for access to devices and subdevices.
ALTER SUBSYSTEM Command Commands The default is ZSFG-VAL-COMBINATION-1ST-ACL. ZSFG-TKN-ACL-REQUIRED-PROCESS is an optional token that specifies whether the absence of an ACL for a process or subprocess precludes access. The default is FALSE. ZSFG-TKN-CHECK-VOLUME is an optional token that specifies whether the volume ACL is consulted to determine access to volumes, subvolumes and disk files. The default value is FALSE.
ALTER SUBSYSTEM Command Commands ZSFG-TKN-AUDIT-AUTHEN-PASS is an optional token that specifies auditing for successful authentication attempts of all users. This field must contain one of these values: ZSFG-VAL-AUDIT-ALL All successful attempts are audited. ZSFG-VAL-AUDIT-LOCAL Only successful attempts from the local system are audited. ZSFG-VAL-AUDIT-REMOTE Not meaningful; remote authentication is not supported. ZSFG-VAL-AUDIT-NONE Successful attempts are not audited.
ALTER SUBSYSTEM Command Commands ZSFG-TKN-AUDIT-USER-MAN-FAIL is an optional token that specifies auditing for unsuccessful authentication record accesses of all users. This field must contain one of these values: ZSFG-VAL-AUDIT-ALL All unsuccessful management attempts are audited. ZSFG-VAL-AUDIT-LOCAL Only unsuccessful management attempts from the local system are audited. ZSFG-VAL-AUDIT-REMOTE Only unsuccessful management attempts from a remote system are audited.
ALTER SUBSYSTEM Command Commands ZSFG-TKN-AUDIT-OBJECT-ACC-PASS ZSFG-TKN-AUDIT-DEVICE-ACC-PASS ZSFG-TKN-AUDIT-PROC-ACC-PASS ZSFG-TKN-AUDIT-FILE-ACC-PASS are optional tokens that specify additional auditing for successful accesses of all system objects, devices, processes, and disk files, respectively. This field must contain one of these values: ZSFG-VAL-AUDIT-ALL ZSFG-VAL-AUDIT-LOCAL ZSFG-VAL-AUDIT-REMOTE ZSFG-VAL-AUDIT-NONE The default is ZSFG-VAL-AUDIT-NONE.
ALTER SUBSYSTEM Command Commands • • • • Logon Logon failure Logoff Newprocess of the CI The default value for ZSFG-TKN-ASK-CMON is FALSE. ZSFG-TKN-CMON-TIMEOUT is an optional token that specifies the number of seconds the Safeguard software should wait when communicating with the $CMON process. The default value is 30 seconds. ZSFG-TKN-CMON-ERROR is an optional token that specifies which recovery action the Safeguard software should take when communication with the $CMON process is not possible.
ALTER SUBSYSTEM Command Commands ZSFG-TKN-NEXTAUDITPOOL is an optional token that specifies the next audit pool that will be made current if the current audit pool becomes inaccessible for any reason. The audit pool specified by this token must exist and cannot be the current audit pool. A null value for this token sets the next audit pool to null.
ALTER SUBSYSTEM Command Commands The default value is ZSFG-VAL-FALLBACK-GUARDIAN. ZSFG-TKN-AUD-CLIENT-SERVICE is an optional token that specifies whether the audit records from guardian clients service is enabled. The default is TRUE, which indicates that the client audit service is enabled. ZSFG-TKN-ALLOW-DF-PERST is an optional token that specifies whether disk-file persistence is enabled. The default value is NORMAL, which indicates that disk-file persistence is disabled.
ALTER SUBSYSTEM Command Commands ZSFG-VAL-CHECK-PAT-LAST specifies that pattern searching will occur after the normal search if and only if the normal search result is NORECORD. ZSFG-VAL-CHECK-PAT-OFF specifies that no pattern searches will occur. ZSFG-VAL-CHECK-PAT-ONLY specifies that only pattern searching occurs. That is, normal non-pattern searching will not be performed even if the pattern search returns NORECORD.
ALTER SUBSYSTEM Command Commands 1ZSFG-TKN-PSWD-REQ-UPCASE 1 indicates whether a user’s password will be enforced to have at least one uppercase character. If PASSWORD-UPPERCASE-REQUIRED is set to ON, the user will be enforced to specify at least one upper case character in the password. If PASSWORD-UPPERCASE-REQUIRED is set to OFF, then the user will not be enforced to specify upper case character in the password. The initial value is OFF.
ALTER SUBSYSTEM Command Commands ZSFG^ERR^PSWD^SPACE^NEED^CMOFF 1ZSFG-TKN-PSWD-REQ-MIN-QUALITY indicates the minimum number of quality criteria that have to be met when a password is set or changed. The PASSWORD_MIN_QUALITY_REQUIRED attribute can have values from 0 through 5. When ZSFG-TNM-PSWD-REQ-MIN-QUALITY is 0, it is not required to satisfy any quality criteria even if all the Quality Attributes are ON.
ALTER SUBSYSTEM Command Commands ZCOM-ERR-SSID-INV is returned if the subsystem ID is in error. The error list identifies the invalid subsystem ID. ZCOM-ERR-TKN-CODE-INV is returned if an invalid, foreign, or unsupported token was found. The error list identifies the invalid token. ZCOM-ERR-TKN-DUP is returned if the same token is invalidly specified more than once in the request buffer. The error list identifies the duplicate token. ZCOM-ERR-TKN-LEN-INV is returned when a token's length is invalid.
ALTER TERMINAL (LU) Command Commands ALTER TERMINAL (LU) Command The ALTER TERMINAL (LU) command alters, or modifies, an LU (terminal) definition.
ALTER TERMINAL (LU) Command Commands Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), an informational warning, or an error. These errors or warnings can occur in response to the ALTER TERMINAL command: ZCOM-ERR-SECUR-VIOL is returned if the requestor's process access ID does not have authority to perform the ALTER TERMINAL command.
ALTER TERMINAL (LU) Command Commands ZCOM-ERR-TKN-DUP is returned if the same token is specified more than once in the request buffer. The error list identifies the duplicate token. ZCOM-ERR-TKN-LEN-INV is returned when a token's length is invalid. The ZSPI-TKN-PARM-ERR within the error list defines the token that has an invalid length. ZCOM-ERR-TKN-VAL-INV is returned when a token's value is invalid. The ZSPI-TKN-PARM-ERR within the error list defines the token that has an invalid value.
ALTER USER Command Commands ALTER USER Command The ALTER USER command alters a user authentication record.
ALTER USER Command Commands ZSFG-MAP-REMOVE-OWNERS def ZSFG-DDL-MULOWNENT 02 ZTYPEID 02 ZGROUPNUM 02 ZUSERNUM 02 ZNODENUM end. type ZSPI-TYP-MAP ZSFG-TKN-PASSWORD ZSFG-TKN-PASSWORD64 ZSFG-TKN-DEFAULT-VOLSUBVOL ZSFG-MAP-DEFAULT-SECURITY def ZSFG-DDL-FILESECURITY 02 ZREAD 02 ZWRITE 02 ZEXECUTE 02 ZPURGE end.
ALTER USER Command Commands ZSFG-MAP-DEFAULT-ACCESS def ZSFG-DDL-ACCESS 02 ZDENY 02 ZTYPEID 02 ZGROUPNUM 02 ZUSERNUM 02 ZREAD 02 ZWRITE 02 ZEXECUTE 02 ZPURGE 02 ZCREATE 02 ZNODENUM end. ZSFG-MAP-REMOVE-DF-ACCESS def ZSFG-DDL-ACCESS 02 ZDENY 02 ZTYPEID 02 ZGROUPNUM 02 ZUSERNUM 02 ZREAD 02 ZWRITE 02 ZEXECUTE 02 ZPURGE 02 ZCREATE 02 ZOWNER 02 ZNODENUM end.
ALTER USER Command Commands Tokens in Response Buffer ZSPI-TKN-DATALIST ZSPI-TKN-RETCODE ZCOM-TKN-OBJTYPE ZCOM-TKN-OBJNAME ZSPI-TKN-ERRLIST ZSPI-TKN-ENDLIST ZSPI-TKN-ENDLIST token-type token-type token-type token-type token-type token-type token-type ZSPI-TYP-LIST ZSPI-TYP-ENUM ZSPI-TYP-ENUM ZSPI-TYP-STRING ZSPI-TYP-LIST ZSPI-TYP-SSCTL ZSPI-TYP-SSCTL Command-Specific Tokens in the Command Buffer See the token descriptions under the ADD USER Command on page 7-50.
ALTER USER Command Commands ZSFG-TKN-RESET-BIN-DESC is an optional token that resets the binary description field for the user authentication record to a zero length and null value. The default is FALSE. ZSFG-MAP-REMOVE-OWNERS is an optional structured token that specifies owners to be removed from the secondary owner list. It contains these fields: ZTYPEID specifies the type of user ID defined by ZGROUPNUM and ZUSERNUM.
ALTER USER Command Commands ZCOM-ERR-NO-MEM-SPACE is returned when the Security Manager Process (SMP) cannot obtain memory to service the ALTER request. Normally, this error should not occur, and it should be transient if it does occur. ZCOM-ERR-OBJ-NOT-FOUND is returned if the specified user ZCOM-TKN-OBJNAME does not exist. ZCOM-ERR-OBJNAME-INV is returned if the specified user ZCOM-TKN-OBJNAME is invalid.
ALTER USER Command Commands ZCOM-ERR-VSN-INCOMP is returned when the version of the command is greater than the subsystem version and the command contains unknown tokens, or a field in a structured token is greater than the subsystem version. The error list contains the subsystem version. ZSFG-ERR-SMALLUSERIDFILE is returned when the USERID file's record size is too small to support defaultprotection. The USERID and USERIDAK files must be converted to a larger record size (900 bytes) to avoid this error.
ALTER USER Command Commands ZSFG-ERR-PRI-GROUP-NOTFOUND is returned if an internal error occurs while attempting to update the primary group for the user. is returned if an invalid selection expression is specified. ZSFG-ERR-PSWD-QUAL-REJECT is returned when the event-exit process rejects the specified password. ZSFG-ERR-PSWD-QUAL-DENIED is returned when the event-exit process cannot rule on the specified password.
DELETE ALIAS Command Commands DELETE ALIAS Command The DELETE ALIAS command deletes a user alias authentication record. Command ZCOM-CMD-DELETE Object Type ZCOM-OBJ-ALIAS Tokens in Command Buffer ZSPI-TKN-MANAGER ZSPI-TKN-MAXRESP ZSPI-TKN-RESPONSE-TYPE ZSPI-TKN-ALLOW-TYPE ZSPI-TKN-COMMENT ZCOM-TKN-OBJNAME ZSPI-TKN-SEL-OPERAND def ZSPI-DDL-SEL-OPERAND 02 ZVALUE-TYPE 02 ZTKNCODE 02 ZINDEX 02 ZFUTURE1 02 ZFUTURE2 02 ZFUTURE3 02 ZFUTURE4 02 ZFUTURE5 end.
DELETE ALIAS Command Commands Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), an informational warning, or an error. These errors or warnings can occur in response to the DELETE ALIAS command: ZCOM-ERR-FS-ERR is returned when a file-system error occurs. The file-system error list describes the file-system error, the file-system procedure, and the file in question.
DELETE AUDIT POOL Command Commands DELETE AUDIT POOL Command The DELETE AUDIT POOL command removes an audit pool definition. All audit files of the audit pool must be empty (released) in order for this command to be successful.
DELETE AUDIT POOL Command Commands ZCOM-ERR-FS-ERR is returned when a file-system error occurs. The file-system error list describes the file-system error, the file-system procedure, and the file in question. ZCOM-ERR-NO-MEM-SPACE is returned when the Security Manager Process (SMP) cannot obtain memory to service the DELETE request. Normally, this error should not occur, and it should be transient if it does occur.
DELETE EVENT-EXIT-PROCESS (PROC) Command Commands DELETE EVENT-EXIT-PROCESS (PROC) Command The DELETE EVENT-EXIT-PROCESS (PROC) command deletes a Safeguard terminal definition.
DELETE EVENT-EXIT-PROCESS (PROC) Command Commands ZCOM-ERR-FS-ERR is returned when a file-system error occurs. The file-system error list describes the file-system error, the file-system procedure, and the file in question. ZCOM-ERR-NO-MEM-SPACE is returned when the Security Manager Process (SMP) cannot obtain memory to service the DELETE request. Normally, this error should not occur, and it should be transient if it does occur.
DELETE PROTECTIONRECORD Command Commands DELETE PROTECTIONRECORD Command The DELETE PROTECTIONRECORD command deletes a Safeguard object protection record.
DELETE PROTECTIONRECORD Command Commands ZCOM-ERR-FS-ERR is returned when a file-system error occurs while accessing the $volume.SAFE.GUARD file, accessing the $SYSTEM.SAFE.OTHER file, accessing the file being protected, or updating the audit file. The file-system error list describes the file-system error, the file-system procedure, and the file in question. ZCOM-ERR-NO-MEM-SPACE is returned when the Security Manager Process (SMP) cannot obtain memory to service the DELETE request.
DELETE GROUP Command Commands ZSFG-ERR-PAT-BAD-PATNAME is returned if the pattern-spec does not include at least one wildcard in either the subvolume or file name for a diskfile-pattern protection record command. DELETE GROUP Command The DELETE GROUP command deletes a Safeguard group definition record.
DELETE GROUP Command Commands Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), an informational warning, or an error. These errors or warnings can occur in response to the DELETE GROUP command: ZCOM-ERR-OBJ-NOT-FOUND is returned if the specified group name ZCOM-TKN-OBJNAME does not exist. ZCOM-ERR-OBJNAME-INV is returned if the specified group name ZCOM-TKN-OBJNAME is not valid.
DELETE REMOTEPASSWORD Command Commands DELETE REMOTEPASSWORD Command The DELETE REMOTEPASSWORD command deletes a user’s remote password.
DELETE REMOTEPASSWORD Command Commands ZCOM-ERR-NO-MEM-SPACE is returned when the Security Manager Process (SMP) cannot obtain memory to service the DELETE request. Normally, this error should not occur, and it should be transient if it does occur. ZCOM-ERR-OBJ-NOT-FOUND is returned if the specified user ZCOM-TKN-OBJNAME does not exist. ZCOM-ERR-OBJNAME-INV is returned if the specified user name ZCOM-TKN-OBJNAME is not valid.
DELETE TERMINAL (LU) Command Commands DELETE TERMINAL (LU) Command The DELETE TERMINAL (LU) command deletes a Safeguard terminal definition.
DELETE TERMINAL (LU) Command Commands ZCOM-ERR-FS-ERR is returned when a file-system error occurs. The file-system error list describes the file-system error, the file-system procedure, and the file in question. ZCOM-ERR-NO-MEM-SPACE is returned when the Security Manager Process (SMP) cannot obtain memory to service the DELETE request. Normally, this error should not occur, and it should be transient if it does occur.
DELETE USER Command Commands DELETE USER Command The DELETE USER command deletes a Safeguard user authentication record. Command ZCOM-CMD-DELETE Object Type ZCOM-OBJ-USER Tokens in Command Buffer ZSPI-TKN-MANAGER ZSPI-TKN-MAXRESP ZSPI-TKN-RESPONSE-TYPE ZSPI-TKN-ALLOW-TYPE ZSPI-TKN-COMMENT ZCOM-TKN-OBJNAME ZSPI-TKN-SEL-OPERAND def ZSPI-DDL-SEL-OPERAND 02 ZVALUE-TYPE 02 ZTKNCODE 02 ZINDEX 02 ZFUTURE1 02 ZFUTURE2 02 ZFUTURE3 02 ZFUTURE4 02 ZFUTURE5 end.
DELETE USER Command Commands Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), an informational warning, or an error. These errors or warnings can occur in response to the DELETE USER command: ZCOM-ERR-FS-ERR is returned when a file-system error occurs. The file-system error list describes the file-system error, the file-system procedure, and the file in question.
GETVERSION Command Commands ZCOM-ERR-ORPHANEDALIAS is returned if the specified user has aliases associated with it. GETVERSION Command The GETVERSION command returns version information for the Safeguard subsystem.
GETVERSION Command Commands ZCMK-TKN-PKG-BANNER is a type CHAR50 token whose content is the server ID banner of the common kernel (CMK) consisting of the CMK product name, CMK product number, and CMK release date. Operational Notes No summary state transition is associated with the GETVERSION command. Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is either a number identifying successful completion (ZCOM-ERR-OK) or an error.
INFO ALIAS Command Commands INFO ALIAS Command The INFO ALIAS command retrieves the attribute values currently stored in an alias authentication record. Command ZCOM-CMD-INFO Object Type ZCOM-OBJ-ALIAS Tokens in Command Buffer ZSPI-TKN-MANAGER ZSPI-TKN-MAXRESP ZSPI-TKN-CONTEXT ZSPI-TKN-RESPONSE-TYPE ZSPI-TKN-ALLOW-TYPE ZSPI-TKN-COMMENT ZCOM-TKN-OBJNAME ZSPI-TKN-SEL-OPERAND def ZSPI-DDL-SEL-OPERAND 02 ZVALUE-TYPE 02 ZTKNCODE 02 ZINDEX 02 ZFUTURE1 02 ZFUTURE2 02 ZFUTURE3 02 ZFUTURE4 02 ZFUTURE5 end.
INFO ALIAS Command Commands ZSFG-MAP-USERID def ZSFG-DDL-USERID 02 ZGROUPNUM 02 ZUSERNUM end. type ZSPI-TYP-MAP ZSFG-MAP-OWNERID def ZSFG-DDL-OWNERID 02 ZTYPEID 02 ZGROUPNUM 02 ZUSERNUM end. type ZSPI-TYP-MAP ZSFG-MAP-OWNER-LIST def ZSFG-DDL-MULOWNENT 02 ZTYPEID 02 ZGROUPNUM 02 ZUSERNUM 02 ZNODENUM end. type ZSPI-TYP-MAP ZSFG-TKN-DEFAULT-VOLSUBVOL token-type ZSPI-TYP-STRING ZSFG-MAP-DEFAULT-SECURITY def ZSFG-DDL-FILESECURITY 02 ZREAD 02 ZWRITE 02 ZEXECUTE 02 ZPURGE end.
INFO ALIAS Command Commands ZSFG-TKN-DF-AUDIT-ACCESS-PASS ZSFG-TKN-DF-AUDIT-ACCESS-FAIL ZSFG-TKN-DF-AUDIT-MANAGE-PASS ZSFG-TKN-DF-AUDIT-MANAGE-FAIL token-type token-type token-type token-type ZSFG-MAP-DEFAULT-ACCESS def ZSFG-DDL-ACCESS 02 ZDENY 02 ZTYPEID 02 ZGROUPNUM 02 ZUSERNUM 02 ZREAD 02 ZWRITE 02 ZEXECUTE 02 ZPURGE 02 ZCREATE 02 ZOWNER 02 ZNODENUM end.
INFO ALIAS Command Commands ZSFG-TKN-LASTLOGON contains a timestamp of the last time the alias logged on to the system. ZSFG-TKN-STATICFAILLOGON contains a count of the total number of logon failures since the creation of the alias. ZSFG-TKN-PSWD-MAY-CHANGE-DATE contains a timestamp of the date on which the alias is allowed to change the password. The value for this token is derived from the ZSFG-TKN-PSWD-MAYCHANGE token associated with the Safeguard object.
INFO ALIAS Command Commands ZCOM-ERR-FS-ERR is returned when a file-system error occurs. The file-system error list describes the file-system error, the file-system procedure, and the file in question. ZCOM-ERR-NO-MEM-SPACE is returned when the Security Manager Process (SMP) cannot obtain memory to service the INFO request. Normally, this error should not occur, and it should be transient if it does occur. ZCOM-ERR-OBJ-NOT-FOUND is returned if the specified alias ZCOM-TKN-OBJNAME does not exist.
INFO AUDIT POOL Command Commands INFO AUDIT POOL Command The INFO AUDIT POOL command returns the current values of disk space allocation control parameters in the specified audit pool.
INFO AUDIT POOL Command Commands Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), an informational warning, or an error. These errors or warnings can occur in response to the INFO AUDIT POOL command: ZCOM-ERR-SECUR-VIOL is returned if the requestor's process access ID does not have authority to perform the INFO AUDIT POOL command.
INFO EVENT-EXIT-PROCESS (PROC) Command Commands INFO EVENT-EXIT-PROCESS (PROC) Command The INFO EVENT-EXIT-PROCESS (PROC) command retrieves the attribute values currently stored in an event-exit configuration record.
INFO EVENT-EXIT-PROCESS (PROC) Command Commands Tokens in Response Buffer See the token descriptions in the ADD EVENT-EXIT-PROCESS (PROC) Command on page 7-27. ZSPI-TKN-CONTEXT is a special token that indicates (by its presence or absence) whether there are more reply messages to come. This token is only returned when the request contained a wild card name and the responses generated do not fit in one buffer. This token is described in the SPI Programming Manual.
INFO EVENT-EXIT-PROCESS (PROC) Command Commands ZCOM-ERR-TKN-CODE-INV is returned if an invalid, foreign, or unsupported token was found. The error list identifies the invalid token. ZCOM-ERR-SSID-INV is returned if the subsystem ID is in error. The error list identifies the invalid subsystem ID. ZCOM-ERR-VSN-INCOMP is returned when the version of the command is greater than the subsystem version and the command contains unknown tokens.
INFO GROUP Command Commands INFO GROUP Command The INFO GROUP command retrieves the attribute values currently stored in a Safeguard group definition record. INFO GROUP does not return a list of group members. To determine a list of group members, use the INFO ALIAS and INFO USER commands with group selection expressions.
INFO GROUP Command Commands Command-Specific Tokens in the Command Buffer See the token descriptions in the ADD GROUP section. Additional token descriptions follow: ZCOM-TKN-OBJNAME is a required token that specifies the group or groups whose attributes are to be displayed. If the object name begins with a pound sign (#), the remainder of the string is assumed to be a group number expressed as a decimal ASCII string.
INFO GROUP Command Commands ZCOM-ERR-SECUR-VIOL is returned if the requestor's process access ID does not have authority to execute the INFO GROUP command. For the rules about who can manage the audit service, see the Safeguard Reference Manual.
INFO PROTECTIONRECORD Command Commands INFO PROTECTIONRECORD Command The INFO PROTECTIONRECORD command retrieves the attribute values currently stored in a Safeguard object protection record.
INFO PROTECTIONRECORD Command Commands ZSFG-MAP-ACCESS def ZSFG-DDL-ACCESS 02 ZDENY 02 ZTYPEID 02 ZGROUPNUM 02 ZUSERNUM 02 ZREAD 02 ZWRITE 02 ZEXECUTE 02 ZPURGE 02 ZCREATE 02 ZOWNER 02 ZNODENUM end. type ZSPI-TYP-MAP ZSFG-TKN-LAST-MODIFIED ZSFG-TKN-WARNINGMODE token-type ZSPI-TYP-TIMESTAMP token-type ZSPI-TYP-BOOLEAN ZSFG-TKN-PAT-CREATOR-NAME ZSFG-TKN-PAT-CREATOR-ISALIAS ZSFG-TKN-PAT-CREATOR-ID def ZSFG-TKN-PAT-CREATOR-ID 02 ZTYPEID 02 ZGROUPNUM 02 ZUSERNUM 02 ZNODENUM end.
INFO PROTECTIONRECORD Command Commands Tokens in Response Buffer See the token descriptions in the ADD PROTECTIONRECORD section. Additional tokens follow: ZSFG-TKN-LAST-MODIFIED contains a timestamp of the last time the protection record was modified. ZSPI-TKN-CONTEXT is a special token that indicates (by its presence or absence) whether or not there are more reply messages to come. This token is returned when the request contained a wild-card name and the responses generated do not fit in one buffer.
INFO PROTECTIONRECORD Command Commands ZSFG-TKN-PAT-LASTMOD-ISALIAS indicates if this protection record was last modified by an alias. If true, the lastmod ID is the userid of the underlying user associated with the alias, and the lastmodname is the name of the alias. This token applies only to diskfile-pattern protection records. ZSFG-TKN-PAT-LASTMOD-ID identifies the user number that last modified the protection record.
INFO PROTECTIONRECORD Command Commands ZCOM-ERR-SECUR-VIOL is returned if the requestor's process access ID does not have authority to perform the INFO PROTECTIONRECORD command. For the rules for who can manage object security, see the Safeguard Reference Manual. ZCOM-ERR-SPI-ERR is returned if one of the procedures (for example, SSGETTKN) returned an error. The SPI error list defines the procedure in error, the error status, and the token involved.
INFO REMOTEPASSWORD Command Commands INFO REMOTEPASSWORD Command The INFO REMOTEPASSWORD retrieves the remote password of a specified user.
INFO REMOTEPASSWORD Command Commands Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), an informational warning, or an error. Errors or warnings that can occur in response to the INFO REMOTEPASSWORD command follow: ZCOM-ERR-FS-ERR is returned when a file-system error occurs. The file-system error list describes the file-system error, the file-system procedure, and the file in question.
INFO REMOTEPASSWORD Command Commands ZCOM-ERR-VSN-INCOMP is returned when the version of the command is greater than the subsystem version and the command contains unknown tokens. Or a field in a structured token is greater than the subsystem version. The error list contains the subsystem version. ZSFG-ERR-SYS-NOT-FOUND is returned if the system identified by the ZCOM-TKN-OBJNAME does not exist.
INFO SUBSYSTEM Command Commands INFO SUBSYSTEM Command The INFO SUBSYSTEM command retrieves the current Safeguard configuration attributes.
Commands INFO SUBSYSTEM Command ZSFG-TKN-CHECK-SUBPROCESS token-type ZSPI-TYP-BOOLEAN ZSFG-TKN-DIRECTION-PROCESS token-type ZSPI-TYP-ENUM ZSFG-TKN-COMBINATION-PROCESS token-type ZSPI-TYP-ENUM ZSFG-TKN-ACL-REQUIRED-PROCESS token-type ZSPI-TYP-BOOLEAN ZSFG-TKN-CHECK-VOLUME token-type ZSPI-TYP-BOOLEAN ZSFG-TKN-CHECK-SUBVOL token-type ZSPI-TYP-BOOLEAN ZSFG-TKN-CHECK-FILENAME token-type ZSPI-TYP-BOOLEAN ZSFG-TKN-DIRECTION-DISKFILE token-type ZSPI-TYP-ENUM ZSFG-TKN-COMBINATION-DISKFILE token-type ZSPI-TYP-ENUM
INFO SUBSYSTEM Command Commands ZSFG-TKN-WARN-SYSTEM-LEVEL ZSFG-TKN-WARN-FALLBACK ZSFG-TKN-AUD-CLIENT-SERVICE ZSFG-TKN-ALLOW-DF-PERST ZSFG-TKN-WARN-OBJECT-LEVEL ZSFG-TKN-AUD-CLIENT-OSS* ZSFG-TKN-PSWD-ALGTHM* ZSFG-TKN-PSWD-MAX-LENGTH# ZSFG-TKN-PSWD-COMP-MODE# ZSFG-TKN-PSWD-REQ-UPCASE& ZSFG-TKN-PSWD-REQ-LOWCASE& ZSFG-TKN-PSWD-REQ-NUMERIC& ZSFG-TKN-PSWD-REQ-SPECIALCHAR& ZSFG-TKN-PSWD-SPACES-ALLOWED& ZSFG-TKN-PSWD-REQ-MIN-QUALITY& ZSPI-TKN-ERRLIST ZSPI-TKN-ENDLIST ZSPI-TKN-ENDLIST token-type ZSPI-TYP-BOOLEAN
INFO SUBSYSTEM Command Commands ZSFG-VAL-AUDITSTATE-SUSPENDED indicates that auditing is not active because the next pool is not defined and the current pool is full. ZSFG-VAL-AUDITSTATE-DENYGRANTS indicates that auditing is effectively not active because the next pool is not defined and the current audit pool is full. Authorization and authentication requests that require auditing will be denied.
INFO SUBSYSTEM Command Commands ZCOM-ERR-SECUR-VIOL is returned if the requestor's process access ID does not have authority to do the INFO SUBSYSTEM command. For the rules for who may manage the Safeguard configuration, see the Safeguard Reference Manual. ZCOM-ERR-SPI-ERR is returned if one of the procedures (for example, SSGETTKN) returned an error. The SPI error list defines the procedure in error, the error status, and the token involved.
INFO TERMINAL (LU) Command Commands INFO TERMINAL (LU) Command The INFO TERMINAL (LU) command retrieves the attribute values currently stored in a terminal definition record.
INFO TERMINAL (LU) Command Commands contained a wild-card name and the responses generated do not fit in one buffer. For a description of this token, see the SPI Programming Manual. Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), an informational warning, or an error.
INFO TERMINAL (LU) Command Commands ZCOM-ERR-VSN-INCOMP is returned when the version of the command is greater than the subsystem version and the command contains unknown tokens. Or a field in a structured token is greater than the subsystem version. The error list contains the subsystem version.
INFO USER Command Commands INFO USER Command The INFO USER command retrieves the attribute values currently stored in a user authentication record. Command ZCOM-CMD-INFO Object Type ZCOM-OBJ-USER Tokens in Command Buffer ZSPI-TKN-MANAGER ZSPI-TKN-MAXRESP ZSPI-TKN-CONTEXT ZSPI-TKN-RESPONSE-TYPE ZSPI-TKN-ALLOW-TYPE ZSPI-TKN-COMMENT ZCOM-TKN-OBJNAME ZSPI-TKN-SEL-OPERAND def ZSPI-DDL-SEL-OPERAND 02 ZVALUE-TYPE 02 ZTKNCODE 02 ZINDEX 02 ZFUTURE1 02 ZFUTURE2 02 ZFUTURE3 02 ZFUTURE4 02 ZFUTURE5 end.
INFO USER Command Commands ZSFG-TKN-USERNAME token-type ZSPI-TYP-STRING ZSFG-MAP-USERID def ZSFG-DDL-USERID 02 ZGROUPNUM 02 ZUSERNUM end. type ZSPI-TYP-MAP ZSFG-MAP-OWNERID def ZSFG-DDL-OWNERID 02 ZTYPEID 02 ZGROUPNUM 02 ZUSERNUM end. type ZSPI-TYP-MAP ZSFG-MAP-OWNER-LIST def ZSFG-DDL-MULOWNENT 02 ZTYPEID 02 ZGROUPNUM 02 ZUSERNUM 02 ZNODENUM end.
INFO USER Command Commands ZSFG-TKN-DF-AUDIT-ACCESS-PASS ZSFG-TKN-DF-AUDIT-ACCESS-FAIL ZSFG-TKN-DF-AUDIT-MANAGE-PASS ZSFG-TKN-DF-AUDIT-MANAGE-FAIL token-type token-type token-type token-type ZSFG-MAP-DEFAULT-ACCESS def ZSFG-DDL-ACCESS 02 ZDENY 02 ZTYPEID 02 ZGROUPNUM 02 ZUSERNUM 02 ZREAD 02 ZWRITE 02 ZEXECUTE 02 ZPURGE 02 ZCREATE 02 ZOWNER 02 ZNODENUM end.
INFO USER Command Commands ZSFG-TKN-LASTLOGON contains a timestamp of the last time the user logged on to the system. ZSFG-TKN-STATICFAILLOGON contains a count of the total number of logon failures since the creation of the user. ZSFG-TKN-PSWD-MAY-CHANGE-DATE contains a timestamp of the date on which the user is allowed to change the password. The value for this token is derived from the ZSFG-TKN-PSWD-MAYCHANGE token associated with the Safeguard object.
INFO USER Command Commands ZCOM-ERR-FS-ERR is returned when a file-system error occurs. The file-system error list describes the file-system error, the file-system procedure, and the file in question. ZCOM-ERR-NO-MEM-SPACE is returned when the Security Manager Process (SMP) cannot obtain memory to service the INFO request. Normally, this error should not occur, and it should be transient if it does occur. ZCOM-ERR-OBJ-NOT-FOUND is returned if the specified user ZCOM-TKN-OBJNAME does not exist.
LISTOBJECTS Command Commands LISTOBJECTS Command For all objects other than NULL, the LISTOBJECTS command lists all the object names of the specified type defined in the Safeguard software. For NULL, the command returns all object names of all types defined to the Safeguard software. If ZCOM-TKN-OBJNAME is supplied in the command buffer, LISTOBJECTS returns only objects with names matching the specified name pattern.
LISTOBJECTS Command Commands Tokens in the Response Buffer ZSPI-TKN-CONTEXT is a special token that indicates (by its presence or absence) whether or not there are more reply messages to come. This token is only returned when the request generated more responses than fit in one buffer. For a description of this token, see the SPI Programming Manual.
LISTOBJECTS ALIAS Command Commands LISTOBJECTS ALIAS Command The LISTOBJECTS ALIAS command lists all the aliases defined to the Safeguard software. Command ZCOM-CMD-LISTOBJECTS Object Type ZCOM-OBJ-ALIAS Tokens in Command Buffer ZSPI-TKN-MANAGER ZSPI-TKN-MAXRESP ZSPI-TKN-CONTEXT ZSPI-TKN-RESPONSE-TYPE ZSPI-TKN-ALLOW-TYPE ZSPI-TKN-COMMENT ZCOM-TKN-OBJNAME ZSPI-TKN-SEL-OPERAND def ZSPI-DDL-SEL-OPERAND 02 ZVALUE-TYPE 02 ZTKNCODE 02 ZINDEX 02 ZFUTURE1 02 ZFUTURE2 02 ZFUTURE3 02 ZFUTURE4 02 ZFUTURE5 end.
LISTOBJECTS ALIAS Command Commands Tokens in the Response Buffer For a description of the tokens present in the response buffer for the LISTOBJECTS ALIAS command, see Section 6, Common Definitions. Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), an informational warning, or an error.
LISTOBJECTS USER Command Commands LISTOBJECTS USER Command The LISTOBJECTS USER command lists all the users defined to the Safeguard software. Command ZCOM-CMD-LISTOBJECTS Object Type ZCOM-OBJ-USER Tokens in Command Buffer ZSPI-TKN-MANAGER ZSPI-TKN-MAXRESP ZSPI-TKN-CONTEXT ZSPI-TKN-RESPONSE-TYPE ZSPI-TKN-ALLOW-TYPE ZSPI-TKN-COMMENT ZCOM-TKN-OBJNAME ZSPI-TKN-SEL-OPERAND def ZSPI-DDL-SEL-OPERAND 02 ZVALUE-TYPE 02 ZTKNCODE 02 ZINDEX 02 ZFUTURE1 02 ZFUTURE2 02 ZFUTURE3 02 ZFUTURE4 02 ZFUTURE5 end.
LISTOBJECTS USER Command Commands Tokens in the Response Buffer For a description of the tokens present in the response buffer for the LISTOBJECTS USER command, see Section 6, Common Definitions. ZSPI-TKN-CONTEXT is a special token that indicates (by its presence or absence) whether or not there are more reply messages to come. This token is only returned when the request generates more responses than fit in one buffer. For a description of this token, see the SPI Programming Manual.
LISTOPENS Command Commands LISTOPENS Command The LISTOPENS command lists all the openers of $ZSMP.
LISTOPENS Command Commands Tokens in the Response Buffer ZCMK-MAP-LISTOP is an optional structured token that records each opening of the Security Manager Process ($ZSMP). ZCMK-MAP-LISTOP contains these fields: ZNODE specifies the node number of the node in which the process resides. ZBKUP-CPU specifies the number of the CPU in which the backup process resides. This field is relevant only if ZBKUP-PIN is nonzero. ZBKUP-PIN specifies the process ID number of the backup process.
LISTOPENS Command Commands ZCMK-TKN-LISTOP-XPNAM records the process name of the opener in external format. ZCMK-TKN-LISTOP-QUALIFS records the qualifiers used when the process was opened. For ZPROTO = ZSFGVAL-PROTO-SMP-BUF, the token value is a null string. For ZPROTO = ZSFGVAL-PROTO-SPI the token value is #ZSPI. ZCMK-MAP-LISTOP ZCMK-TKN-LISTOP-XPNAME ZCMK-TKN-LISTOP-QUALIF together describe an opener of $ZSMP.
NEXTFILE (SWITCH) Command Commands NEXTFILE (SWITCH) Command The NEXTFILE (SWITCH) command closes the current active audit file and opens the next audit file in sequence.
NEXTFILE (SWITCH) Command Commands Operational Notes ZCOM-TKN-OBJNAME is optional for the NEXTFILE command. If present, this token must have the value of the current audit pool. Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), an informational warning, or an error.
RELEASE AUDIT FILE Command Commands RELEASE AUDIT FILE Command The RELEASE AUDIT FILE command marks the specified audit files in the currently active audit pool as reusable.
RELEASE AUDIT FILE Command Commands Errors or warnings that can occur in response to the RELEASE AUDIT FILE command follow: ZCOM-ERR-SECUR-VIOL is returned if the requestor's process access ID does not have authority to perform the RELEASE AUDIT FILE command. For the rules about who may manage the audit service, see the Safeguard Reference Manual.
START TERMINAL (LU) Command Commands START TERMINAL (LU) Command The START TERMINAL (LU) command initiates the logon dialog with a Safeguard terminal.
START TERMINAL (LU) Command Commands ZCOM-ERR-FS-ERR is returned when a file-system error occurs. The file-system error list describes the file-system error, the file-system procedure, and the file in question. ZCOM-ERR-NO-MEM-SPACE is returned when the Security Manager Process (SMP) cannot obtain memory to service the START request. Normally, this error should not occur, and it should be transient if it does occur.
STATUS ALIAS Command Commands STATUS ALIAS Command The STATUS ALIAS command retrieves the status (frozen or thawed) of a specified user alias. Command ZCOM-CMD-STATUS Object Type ZCOM-OBJ-ALIAS Tokens in Command Buffer ZSPI-TKN-MANAGER ZSPI-TKN-MAXRESP ZSPI-TKN-CONTEXT ZSPI-TKN-RESPONSE-TYPE ZSPI-TKN-ALLOW-TYPE ZSPI-TKN-COMMENT ZCOM-TKN-OBJNAME ZSPI-TKN-SEL-OPERAND def ZSPI-DDL-SEL-OPERAND 02 ZVALUE-TYPE 02 ZTKNCODE 02 ZINDEX 02 ZFUTURE1 02 ZFUTURE2 02 ZFUTURE3 02 ZFUTURE4 02 ZFUTURE5 end.
STATUS ALIAS Command Commands • • ZCOM-VAL-SUMSTATE-SUSP (alias is frozen) ZCOM-VAL-SUMSTATE-UNKWN (returned when an error occurs) ZSPI-TKN-CONTEXT is a special token that indicates (by its presence or absence) whether or not there are more reply messages. This token is returned only when the request contains a wild-card name and the responses generated will not fit in one buffer. For a description of this token, see the SPI Programming Manual.
STATUS PROTECTIONRECORD Command Commands token is greater than the subsystem version. The error list contains the subsystem version. ZCOM-ERR-SEL-CMPR-INV is returned if an invalid selection expression is specified. STATUS PROTECTIONRECORD Command The STATUS PROTECTIONRECORD command retrieves the current status (frozen or thawed) of a specified protection record.
STATUS PROTECTIONRECORD Command Commands ZSPI-TKN-CONTEXT is a special token that indicates (by its presence or absence) whether or not there are more reply messages to come. This token is returned only when the request contained a wild card name and the responses generated do not fit in one buffer. For a description of this token, see the SPI Programming Manual.
STATUS SUBSYSTEM Command Commands ZSFG-ERR-PAT-MISSING-ALL is returned if the ZCOM-TKN-SUB token value is not ZCOM-VAL-SUB-ALL for a diskfile-pattern protection record ALTER, DELETE, SUSPEND(FREEZE), INFO, LISTOBJECTS, or ACTIVATE(THAW) command that contains a wildcard in the pattern-spec volume name. ZSFG-ERR-PAT-BAD-PATNAME is returned if the pattern-spec does not include at least one wildcard in either the subvolume or file name for a diskfile-pattern protection record command.
STATUS SUBSYSTEM Command Commands Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), an informational warning, or an error. Errors or warnings that can occur in response to the STATUS SUBSYSTEM command follow: ZCOM-ERR-FS-ERR is returned when a file-system error occurs. The file-system error list describes the file-system error, the file-system procedure, and the file in question.
STATUS USER Command Commands STATUS USER Command The STATUS USER command retrieves the status (frozen or thawed) of a specified user. Command ZCOM-CMD-STATUS Object Type ZCOM-OBJ-USER Tokens in Command Buffer ZSPI-TKN-MANAGER ZSPI-TKN-MAXRESP ZSPI-TKN-CONTEXT ZSPI-TKN-RESPONSE-TYPE ZSPI-TKN-ALLOW-TYPE ZSPI-TKN-COMMENT ZCOM-TKN-OBJNAME ZSPI-TKN-SEL-OPERAND def ZSPI-DDL-SEL-OPERAND 02 ZVALUE-TYPE 02 ZTKNCODE 02 ZINDEX 02 ZFUTURE1 02 ZFUTURE2 02 ZFUTURE3 02 ZFUTURE4 02 ZFUTURE5 end.
STATUS USER Command Commands • • ZCOM-VAL-SUMSTATE-SUSP (user is frozen) ZCOM-VAL-SUMSTATE-UNKWN (returned when an error occurs) ZSPI-TKN-CONTEXT is a special token that indicates (by its presence or absence) whether or not there are more reply messages. This token is returned only when the request contains a wild-card name and the responses generated will not fit in one buffer. For a description of this token, see the SPI Programming Manual.
STOP Command Commands token is greater than the subsystem version. The error list contains the subsystem version. ZCOM-ERR-SEL-CMPR-INV is returned if an invalid selection expression is specified. STOP Command The STOP command stops the Safeguard subsystem.
STOP Command Commands ZCOM-ERR-NO-MEM-SPACE is returned when the Security Manager Process (SMP) cannot obtain memory to service the STOP request. Normally, this error should not occur, and it should be transient if it does occur. ZCOM-ERR-SECUR-VIOL is returned if the requestor's process access ID does not have authority to perform the STOP SUBSYSTEM command. For the rules about who may manage the Safeguard configuration, see the Safeguard Reference Manual.
SUSPEND ALIAS Command Commands SUSPEND ALIAS Command The SUSPEND ALIAS command suspends (freezes) a user alias authentication record. Command ZCOM-CMD-SUSPEND Object Type ZCOM-OBJ-ALIAS Tokens in Command Buffer ZSPI-TKN-MANAGER ZSPI-TKN-MAXRESP ZSPI-TKN-RESPONSE-TYPE ZSPI-TKN-ALLOW-TYPE ZSPI-TKN-COMMENT ZCOM-TKN-OBJNAME ZSPI-TKN-SEL-OPERAND def ZSPI-DDL-SEL-OPERAND 02 ZVALUE-TYPE 02 ZTKNCODE 02 ZINDEX 02 ZFUTURE1 02 ZFUTURE2 02 ZFUTURE3 02 ZFUTURE4 02 ZFUTURE5 end.
SUSPEND ALIAS Command Commands ZCOM-ERR-FS-ERR is returned when a file-system error occurs. The file-system error list describes the file-system error, the file-system procedure, and the file in question. ZCOM-ERR-NO-MEM-SPACE is returned when the Security Manager Process (SMP) cannot obtain memory to service the SUSPEND request. Normally, this error should not occur, and it should be transient if it does occur. ZCOM-ERR-OBJ-NOT-FOUND is returned if the specified alias ZCOM-TKN-OBJNAME does not exist.
SUSPEND PROTECTIONRECORD Command Commands SUSPEND PROTECTIONRECORD Command The SUSPEND PROTECTIONRECORD command suspends (freezes) an object protection record.
SUSPEND PROTECTIONRECORD Command Commands ZCOM-ERR-NO-MEM-SPACE is returned when the Security Manager Process (SMP) cannot obtain memory to service the SUSPEND request. Normally, this error should not occur and should be transient if it does occur. ZCOM-ERR-OBJ-NOT-FOUND is returned if the specified protection record ZCOM-TKN-OBJNAME does not exist. ZCOM-ERR-OBJNAME-INV is returned if the specified protection record ZCOM-TKN-OBJNAME is invalid.
SUSPEND TERMINAL (LU) Command Commands SUSPEND TERMINAL (LU) Command The SUSPEND TERMINAL (LU) command freezes a terminal definition record so that logon dialog at the terminal becomes disabled.
SUSPEND TERMINAL (LU) Command Commands ZCOM-ERR-VSN-INCOMP is returned when the version of the command is greater than the subsystem version and the command contains unknown tokens, or a field in a structured token is greater than the subsystem version. The error list contains the subsystem version. ZCOM-ERR-SECUR-VIOL is returned if the requestor's process access ID does not have authority to perform the SUSPEND TERMINAL command.
SUSPEND USER Command Commands SUSPEND USER Command The SUSPEND USER command suspends (freezes) a user authentication record. Command ZCOM-CMD-SUSPEND Object Type ZCOM-OBJ-USER Tokens in Command Buffer ZSPI-TKN-MANAGER ZSPI-TKN-MAXRESP ZSPI-TKN-RESPONSE-TYPE ZSPI-TKN-ALLOW-TYPE ZSPI-TKN-COMMENT ZCOM-TKN-OBJNAME ZSPI-TKN-SEL-OPERAND def ZSPI-DDL-SEL-OPERAND 02 ZVALUE-TYPE 02 ZTKNCODE 02 ZINDEX 02 ZFUTURE1 02 ZFUTURE2 02 ZFUTURE3 02 ZFUTURE4 02 ZFUTURE5 end.
SUSPEND USER Command Commands ZCOM-ERR-FS-ERR is returned when a file-system error occurs. The file-system error list describes the file-system error, the file-system procedure, and the file in question. ZCOM-ERR-NO-MEM-SPACE is returned when the Security Manager Process (SMP) cannot obtain memory to service the SUSPEND request. Normally, this error should not occur and should be transient if it does occur. ZCOM-ERR-OBJ-NOT-FOUND is returned if the specified user ZCOM-TKN-OBJNAME does not exist.
8 Event Management This section describes the information that the Safeguard subsystem provides the Event Management Service (EMS) by sending event messages about subsystem events. EMS is part of the Distributed Systems Management (DSM) system. EMS collects, logs, and distributes event messages that contain information to help you monitor the network environment, analyze failures, and recognize and solve critical problems.
Event-Message Filters Event Management • • • • Events related to the operation of a process, such as when it is started, when it is terminated, or when its backup takes over Events that report errors in creating, opening or accessing a file or process Events that report changes to the Safeguard configuration attributes Events that report the details of audit file switches and audit state changes as well as impending critical audit states Event-Message Filters EMS provides the capability of creating prog
Elements of Event Messages for Safeguard Subsystems Event Management -- Send the message on to the application. ELSE FAIL ELSE FAIL ELSE FAIL; END; -- This message concerns some other object. -- This is not a critical event message. -- This is not a SAFEGUARD event message -- of critical^SAFEGUARD/SAFEGUARD^messages. Elements of Event Messages for Safeguard Subsystems Safeguard event messages are made up of special codes called tokens.
Event Numbers Event Management defined by HP, do not begin any names defined in your application with uppercase or lowercase Z. Event Numbers In the Safeguard subsystem, event numbers are represented by symbolic names of the form ZSFG-EVT-name, where name identifies the event. Each event message is assigned a different number. The Safeguard subsystem uses some shared code that is named the common kernel.
Constructs Involving Multiple Tokens Event Management Field Types Field types used by the Safeguard subsystem are SPI standard field types and are represented by symbolic names of the form ZSPI-DDL-name, where name identifies the specific field type. Constructs Involving Multiple Tokens The Safeguard subsystem supports error lists as described in the SPI Programming Manual.
Event-Message Buffers Event Management For example, an application written in COBOL needs these definition files: ZSPIDEF.ZSPICOB SPI definitions ZSPIDEF.ZEMSCOB EMS definitions ZSPIDEF.ZGRDCOB Guardian definitions ZSPIDEF.ZFILCOB File-system definitions ZSPIDEF.ZCOMCOB Data communications definitions ZSPIDEF.ZCMKCOB Common kernel definitions ZSPIDEF.
SPI Standard Definitions in Safeguard Event Messages Event Management Table 8-1. Tokens That Appear in All Event Messages (page 2 of 2) Header Tokens Token Type ZEMS-TKN-PIN ZSPI-TYP-UINT ZEMS-TKN-SYSTEM ZSPI-TYP-UINT ZEMS-TKN-USERID ZSPI-TYP-BYTE-PAIR Data Portion Token Token Type ZEMS-TKN-SUBJECT-MARK ZSPI-TYP-MARK SPI Standard Definitions in Safeguard Event Messages Definitions whose names begin with ZSPI- are SPI standard definitions.
EMS Standard Definitions in Safeguard Event Messages Event Management ZSPI-TKN-SSID contains ZSFG-VAL-SSID, the subsystem ID of the Safeguard subsystem. ZSFGVAL-SSID has this structure: def ZSFG-VAL-SSID TACL SSID. 02 Z-FILLER 02 Z-OWNER 02 Z-NUMBER 02 Z-VERSION type character 8 value is ZSPI-VAL-TANDEM. redefines Z-FILLER type ZSPI-DDL-CHAR8. type ZSPI-DDL-INT value is ZSPI-SSN-ZSFG. type ZSPI-DDL-UINT value is ZSFG-VAL-VERSION. end.
Safeguard Definitions Event Management ZEMS-TKN-CPU contains the CPU number in which the reporting subsystem process is running. ZEMS-TKN-CRTPID contains the CRTPID in which the reporting subsystem process is running. This value is assigned to the name of the process that is generating the event. ZEMS-TKN-GENTIME contains the time when the event occurred. ZEMS-TKN-LOGTIME contains the time when the event was logged. ZEMS-TKN-PIN contains the PIN of the reporting subsystem process.
Safeguard Definitions Event Management Table 8-4. ZSFG Standard Definitions (page 2 of 2) Token Name Token Type ZSFG-TKN-SAFEGUARD-VERSION ZSPI-TYP-STRING ZSFG-TKN-SEEPRPLYINV ZSPI-TYP-ENUM ZSFG-TKN-USERNAME ZSPI-TYP-STRING ZSFG-TKN-AUDITSTATE contains the enumeration identifying the current audit state. ZSFG-TKN-CHANGED-TNM contains the token number identifying a token whose value has been altered. ZSFG-TKN-CURRENTAUDITFILE contains the name of the current audit file in external form.
Safeguard Event Messages Event Management ZSFG-TKN-USERNAME contains the name of the user performing the event. Safeguard Event Messages lists all the event messages that each Safeguard processes described can report. Table 8-5. Safeguard Event Messages (page 1 of 2) Number Symbolic Name (ZSFG-EVT-) Description 1 BAD-TOS-VERSION Safeguard and operating system versions do not match. 2 CREATED-SFG-FILE A Safeguard $vol.SAFE.GUARD file was created, allocated, and secured.
Event-Message Descriptions Event Management Table 8-5. Safeguard Event Messages (page 2 of 2) Number Symbolic Name (ZSFG-EVT-) Description 19 SMON-LOST-SMP A Safeguard monitor process could not communicate with the Safeguard manager process ($ZSMP). 20 CMON-MISSING The $CMON process was not found. 21 VIRT-OBJFILE-DOWN A file-system error occurred during an attempt to access a Safeguard file on a virtual disk. 22 FILE-LOCKED A lock was found on a Safeguard file while processing a request.
Event Management Event-Message Descriptions The notation used for simple tokens is a shorthand version of the essential information given in the DDL TOKEN-CODE statement. With the exception of the ZEMS-TKN-SUBJECT-MARK token and the subject token listed immediately after it, the order of the tokens shown is not necessarily the order in which they appear in an event message. The ZEMS-TKN-SUBJECT-MARK token always immediately precedes the subject token of an event message.
ZSFG-EVT-BAD-TOS-VERSION Event Management ZSFG-EVT-BAD-TOS-VERSION The operating system and Safeguard versions do not match. This event is critical.
ZSFG-EVT-BAD-TOS-VERSION Event Management ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP). ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-TRUE, indicating that this event is considered critical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual. ZEMS-TKN-CPU ZEMS-TKN-CRTPID ZEMS-TKN-GENTIME ZEMS-TKN-LOGTIME ZEMS-TKN-PIN ZEMS-TKN-SYSTEM ZEMS-TKN-USERID are standard EMS tokens. See the EMS Manual.
ZSFG-EVT-CREATED-SFG-FILE Event Management ZSFG-EVT-CREATED-SFG-FILE A Safeguard file was created, allocated, and secured.
ZSFG-EVT-CREATED-SFG-FILE Event Management ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is not considered critical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual. ZEMS-TKN-CPU ZEMS-TKN-CRTPID ZEMS-TKN-GENTIME ZEMS-TKN-LOGTIME ZEMS-TKN-PIN ZEMS-TKN-SYSTEM ZEMS-TKN-USERID are standard EMS tokens. See the EMS Manual. ZCMK-TKN-XFNAME contains the name of the file that the Safeguard subsystem created.
ZSFG-EVT-NEWPROCESS Event Management ZSFG-EVT-NEWPROCESS A Safeguard subsystem process (for example, SMON) was started normally. This event is noncritical.
ZSFG-EVT-NEWPROCESS Event Management ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is not considered critical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual. ZEMS-TKN-CPU ZEMS-TKN-CRTPID ZEMS-TKN-GENTIME ZEMS-TKN-LOGTIME ZEMS-TKN-PIN ZEMS-TKN-SYSTEM ZEMS-TKN-USERID are standard EMS tokens. See the EMS Manual. ZCMP-TKN-XPNAME contains the name of the process that the Safeguard subsystem started.
ZSFG-EVT-STOPPED-PROCESS Event Management ZSFG-EVT-STOPPED-PROCESS A Safeguard subsystem process was stopped normally.
ZSFG-EVT-STOPPED-PROCESS Event Management ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP). ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is not considered critical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual. ZEMS-TKN-CPU ZEMS-TKN-CRTPID ZEMS-TKN-GENTIME ZEMS-TKN-LOGTIME ZEMS-TKN-PIN ZEMS-TKN-SYSTEM ZEMS-TKN-USERID are standard EMS tokens. See the EMS Manual.
ZSFG-EVT-CONFIG-CHANGED Event Management ZSFG-EVT-CONFIG-CHANGED A Safeguard configuration attribute has been altered.
ZSFG-EVT-CONFIG-CHANGED Event Management ZEMS-TKN-SUBJECT-MARK marks the token that follows it in the event-message buffer as the subject of the event message. In this message, the subject token is ZCOM-TKN-SUBJ-PROC. ZCOM-TKN-SUBJ-PROC is the name of the Safeguard Manager Process ($ZSMP). The value of this token corresponds to the value <1> in the text message. ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP).
ZSFG-EVT-AUDITFILESWITCH Event Management ZCMK-TKN-XFNAME contains the name of the home terminal of the user who made the configuration change. This value corresponds to the value <6> in the text message. Subsystem Action Informational only. Recommended Action None. ZSFG-EVT-AUDITFILESWITCH An audit file rollover occurred. The current audit file was closed, and a new audit file was opened. This event is noncritical.
ZSFG-EVT-AUDITFILESWITCH Event Management ZEMS-TKN-EVENTNUMBER is the event number. Its value is ZSFG-EVT-AUDITFILESWITCH. ZEMS-TKN-SUBJECT-MARK marks the token that follows it in the event-message buffer as the subject of the event message. In this message, the subject token is ZCOM-TKN-SUBJ-PROC. ZCOM-TKN-SUBJ-PROC is the name of the Safeguard Manager Process ($ZSMP). The value of this token corresponds to the value <1> in the text message.
ZSFG-EVT-AUDITSTATES Event Management Recommended Action Depending on the security policy of the site, the file identified by ZSFG-TKNPREVIOUSAUDITFILE is available for backup and then release back to the audit pool. ZSFG-EVT-AUDITSTATES An audit state change occurred as the result of operator action, an audit pool full condition, or a system failure. This event is noncritical.
ZSFG-EVT-AUDITSTATES Event Management ZCOM-TKN-SUBJ-PROC is the name of the Safeguard Manager Process ($ZSMP). The value of this token corresponds to the value <1> in the text message. ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP). ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is considered noncritical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual.
ZSFG-EVT-AUDITSTATES Event Management ZSFG-VAL-AUDITSTATE-SUSPENDED indicates that auditing is not active because the Next Pool is not defined and the current pool is full. ZSFG-VAL-AUDITSTATE-DENYGRANTS indicates that auditing is effectively not active because the Next Pool is not defined and the current audit pool is full. Authorization and authentication requests that require auditing will be denied.
ZSFG-EVT-PENDINGAUDITSTATE Event Management ZSFG-EVT-PENDINGAUDITSTATE An audit state change is imminent unless operator action is taken. This event is noncritical.
ZSFG-EVT-PENDINGAUDITSTATE Event Management ZCOM-TKN-SUBJ-PROC is the name of the Safeguard Manager Process ($ZSMP). The value of this token corresponds to the value <1> in the text message. ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP). ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is noncritical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual.
ZSFG-EVT-PENDINGAUDITSTATE Event Management ZSFG-VAL-AUDITSTATE-NEXTPOOL0 indicates that auditing is active but the Next Pool is not defined. ZSFG-VAL-AUDITSTATE-RECYCLING indicates that auditing is active; the Next Pool is not defined; and because the audit pool is full, audit files are being recycled on an as-needed basis. ZSFG-VAL-AUDITSTATE-SUSPENDED indicates that auditing is not active because the Next Pool is not defined and the current pool is full.
ZSFG-EVT-CRITICALAUDITSTATE Event Management ZSFG-EVT-CRITICALAUDITSTATE An audit state change is imminent. It will result in: recycling audit files, suspending audit, or denying grants. This event is noncritical.
ZSFG-EVT-CRITICALAUDITSTATE Event Management ZCOM-TKN-SUBJ-PROC is the name of the Safeguard Manager Process ($ZSMP). The value of this token corresponds to the value <1> in the text message. ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP). ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is noncritical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual.
ZSFG-EVT-CRITICALAUDITSTATE Event Management ZSFG-TKN-PENDINGAUDITSTATE and ZSFG-TKN-AUDITSTATE contain one of these values: ZSFG-VAL-AUDITSTATE-NEXTPOOL0 indicates that auditing is active but the Next Pool is not defined. ZSFG-VAL-AUDITSTATE-RECYCLING indicates that auditing is active; the Next Pool is not defined; and because the audit pool is full, audit files are being recycled on an as need basis.
ZSFG-EVT-FILERELEASED Event Management ZSFG-EVT-FILERELEASED An audit file was released (purged and re-created) because of a RELEASE command. This event is noncritical.
ZSFG-EVT-FILERELEASED Event Management ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP). ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is noncritical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual. ZEMS-TKN-CPU ZEMS-TKN-CRTPID ZEMS-TKN-GENTIME ZEMS-TKN-LOGTIME ZEMS-TKN-PIN ZEMS-TKN-SYSTEM ZEMS-TKN-USERID are standard EMS tokens. See the EMS Manual.
ZSFG-EVT-FILERECYCLED Event Management ZSFG-EVT-FILERECYCLED An audit file was recycled in order to satisfy an audit rollover. This event is noncritical.
ZSFG-EVT-FILERECYCLED Event Management ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is noncritical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual. ZEMS-TKN-CPU ZEMS-TKN-CRTPID ZEMS-TKN-GENTIME ZEMS-TKN-LOGTIME ZEMS-TKN-PIN ZEMS-TKN-SYSTEM ZEMS-TKN-USERID are standard EMS tokens. See the EMS Manual. ZSFG-TKN-PREVIOUSAUDITFILE contains the external name of the audit file that was recycled.
ZSFG-EVT-BAD-SMON-NAME Event Management ZSFG-EVT-BAD-SMON-NAME An SMON was started with a process name other than $ZSnn (where nn is the CPU number). This event is critical.
ZSFG-EVT-BAD-SMON-NAME Event Management ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-TRUE, indicating that this event is critical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual. ZEMS-TKN-CPU ZEMS-TKN-CRTPID ZEMS-TKN-GENTIME ZEMS-TKN-LOGTIME ZEMS-TKN-PIN ZEMS-TKN-SYSTEM ZEMS-TKN-USERID are standard EMS tokens. See the EMS Manual. Subsystem Action OSMON is not started. The process is not run. Recommended Action Use the correct process name.
ZSFG-EVT-UNUSABLE-SFG-FILE Event Management ZSFG-EVT-UNUSABLE-SFG-FILE A Safeguard file with an unexpected attribute (file type or file code) has been found. This event is critical.
ZSFG-EVT-UNUSABLE-SFG-FILE Event Management ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP). ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-TRUE, indicating that this event is critical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual. ZEMS-TKN-CPU ZEMS-TKN-CRTPID ZEMS-TKN-GENTIME ZEMS-TKN-LOGTIME ZEMS-TKN-PIN ZEMS-TKN-SYSTEM ZEMS-TKN-USERID are standard EMS tokens. See the EMS Manual. ZCMK-TKN-XFNAME is the name of the Safeguard file in error.
ZSFG-EVT-PROC-FAILURE Event Management Recommended Action Rename or purge the file in error, and restart the Safeguard software. ZSFG-EVT-PROC-FAILURE The event-exit process terminated abnormally. This event is noncritical.
ZSFG-EVT-PROC-FAILURE Event Management ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP). ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is noncritical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual. ZEMS-TKN-CPU ZEMS-TKN-CRTPID ZEMS-TKN-GENTIME ZEMS-TKN-LOGTIME ZEMS-TKN-PIN ZEMS-TKN-SYSTEM ZEMS-TKN-USERID are standard EMS tokens. See the EMS Manual.
ZSFG-EVT-PROC-CHANGED Event Management ZSFG-EVT-PROC-CHANGED An event-exit process configuration token was changed. This event is noncritical.
ZSFG-EVT-PROC-CHANGED Event Management ZCOM-TKN-SUBJ-PROC is the name of the Safeguard process ($ZSMP). The value of this token corresponds to the value <1> in the text message. ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP). ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is noncritical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual.
ZSFG-EVT-PROC-KILL Event Management ZCMK-TKN-XFNAME contains the name of the home terminal of the user who made the configuration change. This value corresponds to the value <7> in the text message. Subsystem Action This message is informational only. Recommended Action None. ZSFG-EVT-PROC-KILL The Safeguard SMP detected a running process with the same process name as an enabled event-exit process. The SMP is attempting to kill the process. This event is noncritical.
ZSFG-EVT-PROC-KILL Event Management ZEMS-TKN-EVENTNUMBER is the event number. Its value is ZSFG-EVT-PROC-KILL. ZEMS-TKN-SUBJECT-MARK marks the token that follows it in the event-message buffer as the subject of the event message. In this message, the subject token is ZCOM-TKN-SUBJ-PROC. ZCOM-TKN-SUBJ-PROC is the name of the Safeguard process ($ZSMP). The value of this token corresponds to the value <1> in the text message. ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP).
ZSFG-EVT-EXIT-REPLY-ERROR Event Management ZSFG-EVT-EXIT-REPLY-ERROR The event-exit process returned an error in the message header. This error indicates that the event-exit process had a problem with the request. This event is noncritical.
ZSFG-EVT-EXIT-REPLY-ERROR Event Management ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP). ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is noncritical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual. ZEMS-TKN-CPU ZEMS-TKN-CRTPID ZEMS-TKN-GENTIME ZEMS-TKN-LOGTIME ZEMS-TKN-PIN ZEMS-TKN-SYSTEM ZEMS-TKN-USERID are standard EMS tokens. See the EMS Manual.
ZSFG-EVT-EXIT-REPLY-INV Event Management ZSFG-EVT-EXIT-REPLY-INV The event-exit process returned an invalid message reply. The message header or reply data was invalid. This event is noncritical.
ZSFG-EVT-EXIT-REPLY-INV Event Management ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP). ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is noncritical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual. ZEMS-TKN-CPU ZEMS-TKN-CRTPID ZEMS-TKN-GENTIME ZEMS-TKN-LOGTIME ZEMS-TKN-PIN ZEMS-TKN-SYSTEM ZEMS-TKN-USERID are standard EMS tokens. See the EMS Manual.
ZSFG-EVT-EXIT-REPLY-INV Event Management ZSFG-VAL-SEEPRPLYINV-CHLLNGOB indicates the challenge was too long (out of bounds). ZSFG-VAL-SEEPRPLYINV-PWDRSPOB indicates the password response error message was too long. ZSFG-VAL-SEEPRPLYINV-VERSION indicates the event-exit process was not capable of understanding this message version. ZSFG-VAL-SEEPRPLYINV-PWDRTNOB indicates the password returned was too long (out of bounds). ZSFG-VAL-SEEPRPLYINV-PWDRTNEB indicates the password returned had embedded blanks.
ZSFG-EVT-SMON-LOST-SMP Event Management ZSFG-EVT-SMON-LOST-SMP A Safeguard monitor process cannot determine the next audit file to use because the $ZSMP process is not responding to the request. This event is noncritical.
ZSFG-EVT-SMON-LOST-SMP Event Management ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP). ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is noncritical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual. ZEMS-TKN-CPU ZEMS-TKN-CRTPID ZEMS-TKN-GENTIME ZEMS-TKN-LOGTIME ZEMS-TKN-PIN ZEMS-TKN-SYSTEM ZEMS-TKN-USERID are standard EMS tokens. See the EMS Manual.
ZSFG-EVT-CMON-MISSING Event Management ZSFG-EVT-CMON-MISSING The $ZSMP process attempted to communicate with the $CMON process because the Safeguard configuration setting instructed it to do so. But a process named $CMON could not be found. This event is noncritical.
ZSFG-EVT-CMON-MISSING Event Management ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is noncritical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual. ZEMS-TKN-CPU ZEMS-TKN-CRTPID ZEMS-TKN-GENTIME ZEMS-TKN-LOGTIME ZEMS-TKN-PIN ZEMS-TKN-SYSTEM ZEMS-TKN-USERID are standard EMS tokens. See the EMS Manual. Subsystem Action The Safeguard subsystem recovers from this communication failure based on its configuration setting for CMONERROR.
ZSFG-EVT-VIRT-OBJFILE-DOWN Event Management ZSFG-EVT-VIRT-OBJFILE-DOWN A file-system error was returned on an attempt to access a Safeguard system file on a virtual disk. This event is noncritical.
ZSFG-EVT-VIRT-OBJFILE-DOWN Event Management ZCOM-TKN-SUBJ-PROC is the name of the Safeguard monitor process ($ZSnn, where nn is the CPU number). The value of this token corresponds to the value <1> in the text message. ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP). ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is noncritical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual.
ZSFG-EVT-FILE-LOCKED Event Management Messages” in the Operator Messages Manual.) The error might be on the physical disk indicated by ZFIL-TKN-XFILENAME in this message. ZSFG-EVT-FILE-LOCKED A lock ws detected when the Safeguard monitor process attempted to access the Safeguard system file USERID or LUSERID, or either of these file’s records. The lock can be placed by either the Safeguard manager process or some other process.
ZSFG-EVT-FILE-LOCKED Event Management ZCOM-TKN-SUBJ-PROC is the name of the Safeguard Manager Process ($ZSMP). The value of this token corresponds to the value <1> in the text message. ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP). ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is noncritical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual.
ZSFG-EVT-SEGALLOC-ERR Event Management Subsystem Action The Safeguard monitor process reads through the lock and prints an EMS message. Recommended Action None. ZSFG-EVT-SEGALLOC-ERR The pattern cache encountered a segment allocation error.
ZSFG-EVT-SEGALLOC-ERR Event Management ZCOM-TKN-SUBJ-PROC is the name of the Safeguard Manager Process ($ZSMP). The value of this token corresponds to the value <1> in the text message. ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP). ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is noncritical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual.
ZSFG-EVT-POOLDEFINE-ERR Event Management Recommended Action Follow the recovery action given for the underlying file system error (SEGMENT_ALLOCATE_). Possible recovery may include increasing the amount of free space on the volume; using NSKCOM to specify swap space; or increasing swap space. Use the information provided in the EMS message from <2> and <3>, and compare that information with the SEGMENT_ALLOCATE_ of the Guardian Procedure Calls Reference Manual for guidance on proper recovery.
ZSFG-EVT-POOLDEFINE-ERR Event Management ZEMS-TKN-SUBJECT-MARK marks the token that follows it in the event-message buffer as the subject of the event message. In this message, the subject token is ZCOM-TKN-SUBJ-PROC. ZCOM-TKN-SUBJ-PROC is the name of the Safeguard Manager Process ($ZSMP). The value of this token corresponds to the value <1> in the text message. ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP).
ZSFG-EVT-POOLGETSPACE-ERR Event Management Subsystem Action A file system error occurred while designating a memory pool with the POOL_DEFINE_ procedure in the flat segment. All pattern matching requests will be handled using file system I/O rather than using the application cache. Recommended Action Follow the recovery action given for the underlying file system error (POOL_DEFINE_). This error is not likely to occur, as most errors are caused by programmatic problems, not system resource problems.
ZSFG-EVT-POOLGETSPACE-ERR Event Management ZEMS-TKN-EVENTNUMBER is the event number. Its value is ZSFG-EVT-FILE-LOCKED. ZEMS-TKN-SUBJECT-MARK marks the token that follows it in the event-message buffer as the subject of the event message. In this message, the subject token is ZCOM-TKN-SUBJ-PROC. ZCOM-TKN-SUBJ-PROC is the name of the Safeguard Manager Process ($ZSMP). The value of this token corresponds to the value <1> in the text message.
ZSFG-EVT-POOLGETSPACE-ERR Event Management ZSFG-POOL-ADDR is the pool address. This value corresponds to the value <6> in the text message. Subsystem Action A file system error occurred while requesting space from the memory pool. All pattern matching requests will be handled using file system I/O rather than using the application cache. Recommended Action Follow the recovery action given for the underlying file system error (POOL_GETSPACE_).
ZSFG-EVT-MAX-LIMIT-CON-UA-REQ Event Management ZSFG-EVT-MAX-LIMIT-CON-UA-REQ Indicates the maximum number of concurrent USER_AUTHENTICATE_ requests that can be serviced.
ZSFG-EVT-MAX-LIMIT-CON-UA-REQ Event Management ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is noncritical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual. ZEMS-TKN-CPU ZEMS-TKN-CRTPID ZEMS-TKN-GENTIME ZEMS-TKN-LOGTIME ZEMS-TKN-PIN ZEMS-TKN-SYSTEM ZEMS-TKN-USERID are standard EMS tokens. See the EMS Manual. ZSFG-TKN-MAX-CON-UA-REQ contains the maximum number of concurrent USER_AUTHENTICATE_ requests that can be serviced.
ZSFG-EVT-MAX-CON-UA-REQ-EXCEED Event Management ZSFG-EVT-MAX-CON-UA-REQ-EXCEED The maximum limit for concurrent USER_AUTHENTICATE_ requests was exceeded.
ZSFG-EVT-MAX-CON-UA-REQ-EXCEED Event Management ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is noncritical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual. ZEMS-TKN-CPU ZEMS-TKN-CRTPID ZEMS-TKN-GENTIME ZEMS-TKN-LOGTIME ZEMS-TKN-PIN ZEMS-TKN-SYSTEM ZEMS-TKN-USERID are standard EMS tokens. See the EMS Manual. ZSFG-TKN-MAX-CON-UA-REQUESTS contains the number of concurrent USER_AUTHENTICATE_ requests at the time the maximum limit was exceeded.
ZSFG-EVT-THRESHOLD-CON-UA-REQ Event Management ZSFG-EVT-THRESHOLD-CON-UA-REQ This event occurs when the current number of concurrent USER_AUTHENTICATE_ requests exceeds 80%, 85%, 90%, or 95% of the maximum limit. It indicates the current number of concurrent USER_AUTHENTICATE_ requests and the percentage that was exceeded (80%, 85%, 90%, or 95%).
ZSFG-EVT-THRESHOLD-CON-UA-REQ Event Management ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP). ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is noncritical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual. ZEMS-TKN-CPU ZEMS-TKN-CRTPID ZEMS-TKN-GENTIME ZEMS-TKN-LOGTIME ZEMS-TKN-PIN ZEMS-TKN-SYSTEM ZEMS-TKN-USERID are standard EMS tokens. See the EMS Manual.
ZSFG-EVT-CONUA-BELOW-THRESHOLD Event Management ZSFG-EVT-CONUA-BELOW-THRESHOLD Indicates that the current number of concurrent USER_AUTHENTICATE_ requests is below the threshold of 80% of the maximum limit for concurrent USER_AUTHENTICATE_ requests.
ZSFG-EVT-CONUA-BELOW-THRESHOLD Event Management ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP). ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is noncritical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual. ZEMS-TKN-CPU ZEMS-TKN-CRTPID ZEMS-TKN-GENTIME ZEMS-TKN-LOGTIME ZEMS-TKN-PIN ZEMS-TKN-SYSTEM ZEMS-TKN-USERID are standard EMS tokens. See the EMS Manual.
A Error Numbers and Error Lists This appendix lists the Safeguard error numbers and describes the corresponding error lists. Symbolic names for errors begin with ZSFG-ERR-. The Safeguard software returns an error list in the response buffer when it detects an error in the command syntax or command execution. Each error list begins with ZSPITKN-ERRLIST and ends with ZSPI-TKN-ENDLIST. The Safeguard software also sets the return token ZSPI-TKN-RETCODE to the error number to identify the error list.
Error Numbers and Error Lists 10 ZSFG-ERR-ORPHANED-ACL 11 ZSFG-ERR-NONPERSIST 12 ZSFG-ERR-PSWD-TOO-SOON 13 ZSFG-ERR-PSWD-DUPLICATE 14 ZSFG-ERR-PSWD-TOO-SHORT 15 ZSFG-ERR-VOL-NONEXISTENT 16 ZSFG-ERR-AUDITFILE-MISSING 17 ZSFG-ERR-AUDITFILE-FOREIGN 18 ZSFG-ERR-AUDITFILE-RLSED 19 ZSFG-ERR-AUDITFILE-INUSE 20 ZSFG-ERR-AUDITPOOL-FULL 21 ZSFG-ERR-AUDITPOOL-MISSING 22 ZSFG-ERR-AUDITPOOL-NOTCURRENT 23 ZSFG-ERR-AUDITPOOL-CURRENT 24 ZSFG-ERR-AUDITPOOL-NEXT 25 ZSFG-ERR-AUDITPOOL-DIRTY 26
Error Numbers and Error Lists 43 ZSFG-ERR-GROUP-NAME-NOTFOUND 44 ZSFG-ERR-PRI-GROUP-NOTFOUND 45 ZSFG-ERR-GROUP-ID-EXISTS 46 ZSFG-ERR-GROUP-NAME-EXISTS 47 ZSFG-ERR-CANT-START-PROCESS 48 ZSFG-ERR-MAX-PROC-EXCEEDED 49 ZSFG-ERR-PROGFILE-NULL 50 ZSFG-ERR-PROGFILE-REQUIRED 51 ZSFG-ERR-PROC-ENABLED 52 ZSFG-ERR-PSWD-QUAL-DENIED 53 ZSFG-ERR-PSWD-QUAL-REJECT 54 ZSFG-ERR-GROUP-SECVIOL 55 ZSFG-ERR-MEMBER-UPDATE 56 ZSFG-ERR-NO-MEMBER-UPDATE 57 ZSFG-ERR-SEL-CMPR-INV 58 ZSFG-ERR-USERID-EXIS
Error Numbers and Error Lists 74 ZSFG-ERR-PSWD-MINLEN-GT-MAXLEN 1 75 ZSFG-ERR-PSWD-MINLEN-DES-CLR 1 76 ZSFG-ERR-PSWD-MAXLEN-TOO-BIG 1 77 ZSFG-ERR-PSWD-MAXLEN-TOO-SMALL 1 78 ZSFG-ERR-PSWD-ATTRIB-NEED-HMAC & 79 ZSFG-ERR-PSWD-MAXLEN-LESS-MINLEN & 80 ZSFG-ERR-PSWD-LONG & 81 ZSFG-ERR-COMP-MODE & 82 ZSFG-ERR-PSWD-QUAL-NEED-HMAC 2 83 ZSFG-ERR-PSWD-SPACE-NEED-CMOFF 2 84 ZSFG-ERR-PSWD-MIN-QUAL 2 85 ZSFG-ERR-PSWD-INVALID-PASS 2 86 ZSFG-ERR-PSWD-EMBED-SPACE 2 87 ZSFG-ERR-PSWD-CRIT-FAIL 2 E
ZSFG-ERR-SMALLUSERIDFILE Error Numbers and Error Lists ZSFG-ERR-SMALLUSERIDFILE An attempt was made to add default protection for a user, but the user ID file's record size was too small to support default protection. ZSPI-TKN-ERRLIST ZSPI-TKN-ERROR ZCOM-TKN-OBJNAME ZSPI-TKN-ENDLIST token token token token type type type type ZSPI-TYP-LIST ZSPI-TYP-ERROR ZSPI-TYP-STRING ZSPI-TYP-SSCTL Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual.
ZSFG-ERR-INTERNAL Error Numbers and Error Lists step with a system load. If the Safeguard subsystem is not included with system generation, either perform a system load or perform these steps: 1. Stop and start the Safeguard software. 2. Use the PUP DOWN command to bring down all Expand line handlers, and then use PUP UP to bring up all Expand line handlers. 3. Check to determine if any other processes that open the USERID file have not switched: 4> fup listopens $SYSTEM.SYSTEM.
Error Numbers and Error Lists ZSFG-TKN-SFG-ERR is a further definition of the internal error. Probable Cause A programming problem occurred within the Safeguard software. Recommended Action Contact your HP representative.
ZSFG-ERR-SUBJGROUPNUM Error Numbers and Error Lists ZSFG-ERR-SUBJGROUPNUM An attempt was made to ADD USER with a group number in conflict with the existing group name and number. ZSPI-TKN-ERRLIST ZSPI-TKN-ERROR ZCOM-TKN-OBJNAME ZSPI-TKN-ENDLIST token token token token type type type type ZSPI-TYP-LIST ZSPI-TYP-ERROR ZSPI-TYP-STRING ZSPI-TYP-SSCTL Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual.
ZSFG-ERR-SQLOBJECT Error Numbers and Error Lists Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual. Its value consists of the Safeguard subsystem ID and the error number ZSFG-ERRSUBJGROUPNAME. This token is always present in the error list. ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list.
ZSFG-ERR-LICENSENONOBJ Error Numbers and Error Lists Probable Cause An attempt was made to add protection for an SQL disk file. The Safeguard software does not support SQL objects. Recommended Action Consider securing the data base by protecting SUBVOLUMEs or VOLUMEs. ZSFG-ERR-LICENSENONOBJ An attempt was made to license a disk file that was not an object file.
ZSFG-ERR-PROGIDNONOBJ Error Numbers and Error Lists ZSFG-ERR-PROGIDNONOBJ An attempt was made to set the PROGID for a disk file that was an object file. ZSPI-TKN-ERRLIST ZSPI-TKN-ERROR ZCOM-TKN-OBJNAME ZSPI-TKN-ENDLIST token token token token type type type type ZSPI-TYP-LIST ZSPI-TYP-ERROR ZSPI-TYP-STRING ZSPI-TYP-SSCTL Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual.
ZSFG-ERR-SYS-NOT-FOUND Error Numbers and Error Lists Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual. Its value consists of the Safeguard subsystem ID and the error number ZSFG-ERRMAX-ACL-EXCEEDED. This token is always present in the error list. ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list.
ZSFG-ERR-ORPHANED-ACL Error Numbers and Error Lists ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list. Probable Cause During an ADD REMOTEPASSWORD command, the specified system is not part of the network. Recommended Action Correct the system name portion of the object name. ZSFG-ERR-ORPHANED-ACL An attempt was made to add or alter protection, with the resulting ACL denying all owners access.
ZSFG-ERR-NONPERSIST Error Numbers and Error Lists ZSFG-ERR-NONPERSIST An attempt was made to perform the ALTER PROTECTION DISKFILE command, with the PERSISTENT attribute off, but the file did not exist. ZSPI-TKN-ERRLIST ZSPI-TKN-ERROR ZCOM-TKN-OBJNAME ZSPI-TKN-ENDLIST token token token token type type type type ZSPI-TYP-LIST ZSPI-TYP-ERROR ZSPI-TYP-STRING ZSPI-TYP-SSCTL Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual.
ZSFG-ERR-PSWD-DUPLICATE Error Numbers and Error Lists Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual. Its value consists of the Safeguard subsystem ID and the error number ZSFG-ERRPSWD-TOO-SOON. This token is always present in the error list. ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list.
ZSFG-ERR-PSWD-TOO-SHORT Error Numbers and Error Lists Probable Cause An attempt was made to perform the ALTER USER command, specifying the password attribute. The new password was found in the password history. Recommended Action Select a new password that is not in the password history. ZSFG-ERR-PSWD-TOO-SHORT An attempt was made to perform the ALTER USER command, specifying the password attribute. The new password was shorter than the Safeguard attribute PASSWORD-MINIMUM-LENGTH.
ZSFG-ERR-VOL-NONEXISTENT Error Numbers and Error Lists ZSFG-ERR-VOL-NONEXISTENT An attempt was made to perform the ADD PROTECTION DISKFILE command, and the volume in question does not exist, or an attempt was made to add or alter some attribute to a nonexistent volume.
ZSFG-ERR-AUDITFILE-MISSING Error Numbers and Error Lists ZSFG-ERR-AUDITFILE-MISSING An attempt was made to perform the RELEASE AUDIT FILE (FILESET) command, but the audit file in question did not exist. ZSPI-TKN-ERRLIST ZSPI-TKN-ERROR ZCOM-TKN-OBJNAME ZSPI-TKN-ENDLIST token token token token type type type type ZSPI-TYP-LIST ZSPI-TYP-ERROR ZSPI-TYP-STRING ZSPI-TYP-SSCTL Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual.
ZSFG-ERR-AUDITFILE-RLSED Error Numbers and Error Lists Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual. Its value consists of the Safeguard subsystem ID and the error number ZSFG-ERRAUDITFILE-FOREIGN. This token is always present in the error list. ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list.
ZSFG-ERR-AUDITFILE-RLSED Error Numbers and Error Lists Probable Cause An attempt was made to perform the RELEASE AUDIT FILE (FILESET) command, but the audit file had already been released. Recommended Action If necessary, change the reference to the correct audit file.ZSFG-ERR-AUDITFILEINUSE An attempt was made to perform the RELEASE AUDIT FILE (FILESET) command, but the audit file was already in use.
ZSFG-ERR-AUDITPOOL-FULL Error Numbers and Error Lists ZSFG-ERR-AUDITPOOL-FULL An attempt was made to perform the NEXTFILE (SWITCH FILESET) command, but the audit pool had no available audit files. ZSPI-TKN-ERRLIST ZSPI-TKN-ERROR ZCOM-TKN-OBJNAME ZSPI-TKN-ENDLIST token token token token type type type type ZSPI-TYP-LIST ZSPI-TYP-ERROR ZSPI-TYP-STRING ZSPI-TYP-SSCTL Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual.
ZSFG-ERR-AUDITPOOL-NOTCURRENT Error Numbers and Error Lists Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual. Its value consists of the Safeguard subsystem ID and the error number ZSFG-ERRAUDITPOOL-MISSING. This token is always present in the error list. ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list.
ZSFG-ERR-AUDITPOOL-CURRENT Error Numbers and Error Lists Probable Cause An attempt was made to execute NEXTFILE (SWITCH FILESET) when the audit pool referenced was not the current audit pool. Recommended Action Change the value of ZCOM-TKN-OBJNAME to that for the current audit pool. You can give it a value of null, which indicates the current audit pool.
ZSFG-ERR-AUDITPOOL-NEXT Error Numbers and Error Lists ZSFG-ERR-AUDITPOOL-NEXT An attempt was made to perform the ALTER SUBSYS command specifying the CURRENT audit pool attribute, when the audit pool in question was already in use as the NEXT audit pool.
ZSFG-ERR-LU-INUSE Error Numbers and Error Lists Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual. Its value consists of the Safeguard subsystem ID and the error number ZSFG-ERRAUDITPOOL-DIRTY. This token is always present in the error list. ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list.
ZSFG-ERR-MAX-LUS-DEFINED Error Numbers and Error Lists Probable Cause An attempt was made to perform the DELETE TERMINAL (LU) command when the terminal definition in question was in the THAWED state. Recommended Action Perform a FREEZE TERMINAL prior to the DELETE TERMINAL. ZSFG-ERR-MAX-LUS-DEFINED An attempt was made to ADD TERMINAL (LU) when the maximum number of terminals have already been defined.
ZSFG-ERR-CANT-START-CI Error Numbers and Error Lists ZSFG-ERR-CANT-START-CI A command interpreter cannot be started. ZSPI-TKN-ERRLIST ZSPI-TKN-ERROR ZCOM-TKN-OBJNAME ZCMK-TKN-NPERR ZCMK-TKN-NPERR ZCMK-TKN-PROC-ORD ZSPI-TKN-ENDLIST token token token token token token token type type type type type type type ZSPI-TYP-LIST ZSPI-TYP-ERROR ZSPI-TYP-STRING ZSPI-TYP-INT ZSPI-TYP-INT ZSPI-TYP-ENUM ZSPI-TYP-SSCTL Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual.
ZSFG-ERR-ALIASGUARDIANID Error Numbers and Error Lists ZSFG-ERR-ALIASGUARDIANID An attempt was made to perform the ADD ALIAS command when the specified USERID token does not exist. ZSPI-TKN-ERRLIST ZSPI-TKN-ERROR ZCOM-TKN-OBJNAME ZSPI-TKN-ENDLIST token token token token type type type type ZSPI-TYP-LIST ZSPI-TYP-ERROR ZSPI-TYP-STRING ZSPI-TYP-SSCTL Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual.
ZSFG-ERR-ORPHANEDALIAS Error Numbers and Error Lists Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual. Its value consists of the Safeguard subsystem ID and the error number ZSFG-ERRALIASGUARDNAME. This token is always present in the error list. ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list.
ZSFG-ERR-GUARDALIASNAME Error Numbers and Error Lists Probable Cause An attempt was made to perform the DELETE USER command when the user has aliases defined for it. Recommended Action Delete all aliases for the user before attempting to delete the user. ZSFG-ERR-GUARDALIASNAME An attempt was made to perform the ADD USER command when the user name already exists as an alias.
ZSFG-ERR-SEEP-AUTHN-BUSY Error Numbers and Error Lists ZSFG-ERR-SEEP-AUTHN-BUSY An attempt was made to enable the event-exit process for authentication when another event-exit process has already been enabled for authentication.
ZSFG-ERR-SEEP-PSWD-BUSY Error Numbers and Error Lists Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual. Its value consists of the Safeguard subsystem ID and the error number ZSFG-ERRSEEP-AUTHZ-BUSY. This token is always present in the error list. ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list. ZCMK-TKN-XPNAME is the process name of the event-exit process.
ZSFG-ERR-GROUP-MEMBERS Error Numbers and Error Lists ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list. ZCMK-TKN-XPNAME is the process name of the event-exit process. This token is always present in the error list. Probable Cause An attempt was made to enable the event-exit process for password quality when another event-exit process has already been enabled for password quality.
ZSFG-ERR-GROUP-DERIVED Error Numbers and Error Lists Recommended Action Use ALTER GROUP to remove all members before attempting to delete the group. ZSFG-ERR-GROUP-DERIVED An attempt was made to remove a member from a group when the group is the member’s administrative group.
ZSFG-ERR-GROUP-PRIMARY Error Numbers and Error Lists ZSFG-ERR-GROUP-PRIMARY An attempt was made to alter a user or alias and set the primary group to a group to which the user or alias does not belong.
ZSFG-ERR-GROUP-MAX Error Numbers and Error Lists ZSFG-ERR-GROUP-MAX An attempt was made add a member to group when the member already belongs to the maximum number of groups. ZSPI-TKN-ERRLIST ZSPI-TKN-ERROR ZCOM-TKN-OBJNAME ZSFG-TKN-GROUPNAME ZSPI-TKN-ENDLIST token token token token token type type type type type ZSPI-TYP-LIST ZSPI-TYP-ERROR ZSPI-TYP-STRING ZSPI-TYP-STRING ZSPI-TYP-SSCTL Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual.
ZSFG-ERR-GROUP-NAME-NOTFOUND Error Numbers and Error Lists Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual. Its value consists of the Safeguard subsystem ID and the error number ZSFG-ERRGROUP-ID-NOTFOUND. This token is always present in the error list. ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list. ZSFG-TKN-GROUPID is the group ID of the group.
ZSFG-ERR-PRI-GROUP-NOTFOUND Error Numbers and Error Lists ZSFG-TKN-GROUPNAME is the name of the group. This token is always present in the error list. Probable Cause An internal error occurred while you were attempting to update a member’s group list. Recommended Action Contact your HP representative. ZSFG-ERR-PRI-GROUP-NOTFOUND An internal error occurred while you were attempting to update a member’s primary group.
ZSFG-ERR-GROUP-ID-EXISTS Error Numbers and Error Lists ZSFG-ERR-GROUP-ID-EXISTS An attempt was made to perform ADD GROUP, but the group number already exists. ZSPI-TKN-ERRLIST ZSPI-TKN-ERROR ZCOM-TKN-OBJNAME ZSFG-TKN-GROUPID ZSPI-TKN-ENDLIST token token token token token type type type type type ZSPI-TYP-LIST ZSPI-TYP-ERROR ZSPI-TYP-STRING ZSPI-TYP-INT2 ZSPI-TYP-SSCTL Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual.
ZSFG-ERR-CANT-START-PROCESS Error Numbers and Error Lists Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual. Its value consists of the Safeguard subsystem ID and the error number ZSFG-ERRGROUP-NAME-EXISTS. This token is always present in the error list. ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list. ZSFG-TKN-GROUPNAME is the name of the group.
ZSFG-ERR-MAX-PROC-EXCEEDED Error Numbers and Error Lists ZCMK-TKN-NPERR is the PROCESS_CREATE_ error code, in two parts, identifying the error. This token is always present in the error list. ZCMK-TKN-PROC-ORD is the procedure ordinal for PROCESS_CREATE_. This token is always present in the error list. Probable Cause PROCESS_CREATE_ returned an error in an attempt to start the event-exit process. Recommended Action Varies depending on the nature of the error.
ZSFG-ERR-PROGFILE-NULL Error Numbers and Error Lists Probable Cause An attempt was made to perform ADD PROCESS, but the maximum number is already defined. Recommended Action Delete an event-exit process before adding a new one. ZSFG-ERR-PROGFILE-NULL An attempt was made to perform ALTER PROCESS to clear the program file name, but the process is enabled.
ZSFG-ERR-PROGFILE-REQUIRED Error Numbers and Error Lists ZSFG-ERR-PROGFILE-REQUIRED An attempt was made to enable the event-exit process, but no program file name has been defined. ZSPI-TKN-ERRLIST ZSPI-TKN-ERROR ZCOM-TKN-OBJNAME ZSPI-TKN-PARM-ERROR ZSPI-TKN-ENDLIST token token token token token type type type type type ZSPI-TYP-LIST ZSPI-TYP-ERROR ZSPI-TYP-STRING ZSPI-TYP-PARM-ERR ZSPI-TYP-SSCTL Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual.
ZSFG-ERR-PSWD-QUAL-DENIED Error Numbers and Error Lists Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual. Its value consists of the Safeguard subsystem ID and the error number ZSFG-ERRPROC-ENABLED. This token is always present in the error list. ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list.
ZSFG-ERR-PSWD-QUAL-REJECT Error Numbers and Error Lists Recommended Action Troubleshoot the event-exit process. ZSFG-ERR-PSWD-QUAL-REJECT The event-exit process rejected as invalid a password that was sent to it.
ZSFG-ERR-GROUP-SECVIOL Error Numbers and Error Lists ZSFG-ERR-GROUP-SECVIOL An internal error occurred while you were attempting to add to a member’s group list. ZSPI-TKN-ERRLIST ZSPI-TKN-ERROR ZCOM-TKN-OBJNAME ZSFG-TKN-GROUPNAME ZSPI-TKN-ENDLIST token token token token token type type type type type ZSPI-TYP-LIST ZSPI-TYP-ERROR ZSPI-TYP-STRING ZSPI-TYP-STRING ZSPI-TYP-SSCTL Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual.
ZSFG-ERR-NO-MEMBER-UPDATE Error Numbers and Error Lists Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual. Its value consists of the Safeguard subsystem ID and the error number ZSFG-ERRMEMBER-UPDATE. This token is always present in the error list. The ZSPI-TKN-ERROR token in the nested error list provides additional details about this event. ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred.
ZSFG-ERR-SEL-CMPR-INV Error Numbers and Error Lists The ZSPI-TKN-ERROR token in the nested error list provides additional details about this event. ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list. Probable Cause An attempt to add or remove one or more members failed because the group list could not be updated. A common problem is lack of available memory. Recommended Action Correct the indicated problem.
ZSFG-ERR-USERID-EXISTS Error Numbers and Error Lists Recommended Action Specify a valid selection expression. ZSFG-ERR-USERID-EXISTS An attempt was made to perform ADD USER, but the specified user ID already exists.
ZSFG-ERR-SEEP-ALREADY-DEFINED Error Numbers and Error Lists ZSFG-ERR-SEEP-ALREADY-DEFINED An attempt was made to add an event-exit-process with a process name that is already in use by another event exit-process.
ZSFG-ERR-WARNMODE-OBJTYPE Error Numbers and Error Lists Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual. Its value consists of the Safeguard subsystem ID and the error number ZSFG-ERRSMALLUSERIDFILE. This token is always present in the error list. ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list.
ZSFG-ERR-PAT-BAD-VOLNAME Error Numbers and Error Lists Probable Cause The warning-mode attribute was specified for an object that is not a disk file, subvolume, volume, subdevice, device, subprocess, or process. Recommended Action Specify the correct type of object, or omit the warning-mode attribute. ZSFG-ERR-PAT-BAD-VOLNAME An ADD command was specified and the volume name of a pattern contained a wildcard.
ZSFG-ERR-PAT-MISSING-ALL Error Numbers and Error Lists ZSFG-ERR-PAT-MISSING-ALL The volume name of a pattern contained a wildcard, the command specified was ALTER/DELETE/FREEZE/INFO/LISTOBJECTS/THAW, or no token ZCOM-TKN-SUB with a ZCOM-VAL-SUB-ALL value was present.
ZSFG-ERR-MAX-CONUAREQ-EXCEEDED Error Numbers and Error Lists Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual. Its value consists of the Safeguard subsystem ID and the error number ZSFG-ERRSMALLUSERIDFILE. This token is always present in the error list. ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list.
ZSFG-ERR-TRUSTNONOBJ Error Numbers and Error Lists Recommended Action Note. The error ZSFG-ERR-MAX-CONUAREQ-EXCEEDED is supported only on systems running G06.27 and later G-series RVUs and H-series RVUs. When the maximum limit for concurrent USER_AUTHENTICATE_ requests is reached, wait at least two minutes before issuing the next request. ZSFG-ERR-TRUSTNONOBJ An attempt was made to assign a value to the TRUST attribute of a disk file that is not an object file.
ZSFG-ERR-MAX-OWN-EXCEEDED Error Numbers and Error Lists ZSFG-ERR-MAX-OWN-EXCEEDED An attempt to add or alter a user or alias record failed because the number of owners in the resulting OWNER-LIST would have exceeded the maximum allowed by Safeguard.
ZSFG-ERR-OWNER-LIST-INV-OWNER Error Numbers and Error Lists ZSFG-ERR-OWNER-LIST-INV-OWNER An attempt to add or alter a user or alias record specified a nonexistent user. ZSPI-TKN-ERRLIST ZSPI-TKN-ERROR ZCOM-TKN-OBJNAME ZSPI-TKN-ENDLIST token token token token type type type type ZSPI-TYP-LIST ZSPI-TYP-ERROR ZSPI-TYPE-STRING ZSPI-TYPE-SSCTL Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual.
ZSFG-ERR-OBJECTFCB-DIR-FULL Error Numbers and Error Lists Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual. Its value consists of the Safeguard subsystem ID and the error number ZSFG-ERRDESC-TEXTDATA-INVALID. This token is always present in the error list. ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list.
ZSFG-ERR-PATOBJECTFCB-DIR-FULL Error Numbers and Error Lists ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list. Probable Cause Safeguard cannot open more than 1000 SAFE.GUARD files. Any attempt to issue commands like ADD or INFO that makes Safeguard to open more than 1000 SAFE.GUARD files residing on different disks (including virtual disks), returns this error. Recommended Action None Note.
Error Numbers and Error Lists ZSFG-ERR-ACL-AUTHORITY-INVALID Recommended Action None Note. The error token ZSFG-ERR-PATOBJECTFCB-DIR-FULL is supported only on systems running G06.29 and later G-series RVUs and H06.08 and later H-series RVUs. ZSFG-ERR-ACL-AUTHORITY-INVALID An attempt was made to specify the ACL authority for security group.
ZSFG-ERR-PSWD-MINLEN-GT-MAXLEN Error Numbers and Error Lists Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual. Its value consists of the Safeguard subsystem ID and the error number ZSFG-ERRSECURITY-GROUP-INV. This token is always present in the error list. ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list.
ZSFG-ERR-PSWD-MINLEN-DES-CLR Error Numbers and Error Lists ZSFG-TKN-PSWD-MIN-LENGTH is the minimum length of the password. ZSFG-TKN-PSWD-MAX-LENGTH is the maximum length of the password. Probable Cause The PASSWORD-MINIMUM-LENGTH specified is greater than the PASSWORD-MAXIMUM-LENGTH. Recommended Action The PASSWORD-MINIMUM-LENGTH should be less than or equal to the PASSWORD-MAXIMUM-LENGTH. Note. The error token ZSFG-ERR-PSWD-MINLEN-GT-MAXLEN is supported only on systems running H06.
ZSFG-ERR-PSWD-MAXLEN-TOO-BIG Error Numbers and Error Lists ZSFG-TKN-PSWD-MIN-LENGTH is the minimum length of the password. Probable Cause The PASSWORD-MINIMUM-LENGTH specified is greater than eight when PASSWORD-ALGORITHM is DES and PASSWORD-ENCRYPT is OFF. Recommended Action The PASSWORD-ALGORITHM should be HMAC256 and the PASSWORD-ENCRYPT should be ON. Note. The error token ZSFG-ERR-PSWD-MINLEN-DES-CLR is supported only on systems running H06.08 and later H-series RVUs.
Error Numbers and Error Lists ZSFG-ERR-PSWD-MAXLEN-TOO-SMALL Probable Cause An attempt was made to change the Safeguard attribute PASSWORD-MAXIMUM-LENGTH to a value greater than 64. Recommended Action Change the Safeguard attribute PASSWORD-MAXIMUM-LENGTH to a value lesser than or equal to 64. Note. The error token ZSFG-ERR-PSWD-MAXLEN-TOO-BIG is supported only on systems running H06.08 and later H-series RVUs.
ZSFG-ERR-PSWD-ATTRIB-NEED-HMAC Error Numbers and Error Lists Recommended Action Change the Safeguard attribute PASSWORD-MAXIMUM-LENGTH to a value greater than or equal to eight. Note. The error token ZSFG-ERR-PSWD-MAXLEN-TOO-SMALL is supported only on systems running H06.08 and later H-series RVUs. ZSFG-ERR-PSWD-ATTRIB-NEED-HMAC An attempt was made to change the Safeguard attribute PASSWORD-MAXIMUM-LENGTH, when PASSWORD-ALGORITHM is DES and PASSWORD-ENCRYPT is OFF.
Error Numbers and Error Lists ZSFG-ERR-PSWD-MAXLEN-LESS-MINLEN Recommended Action The PASSWORD-ALGORITHM should be HMAC256 and PASSWORD-ENCRYPT should be ON. Note. The error token ZSFG-ERR-PSWD-ATTRIB-NEED-HMAC is supported only on systems running H06.08 and later H-series RVUs. ZSFG-ERR-PSWD-MAXLEN-LESS-MINLEN An attempt was made to change the value of the Safeguard attribute PASSWORD-MAXIMUM-LENGTH to a value less than PASSWORD-MINIMUM-LENGTH.
ZSFG-ERR-PSWD-LONG Error Numbers and Error Lists Recommended Action The Safeguard attribute PASSWORD-MAXIMUM-LENGTH should be greater than or equal to PASSWORD-MINIMUM-LENGTH. Note. The error token ZSFG-ERR-PSWD-MAXLEN-LESS-MINLEN is supported only on systems running H06.08 and later H-series RVUs. ZSFG-ERR-PSWD-LONG An attempt was made to change or set the password to a length greater than the value specified by the PASSWORD-MAXIMUM-LENGTH.
ZSFG-ERR-COMP-MODE Error Numbers and Error Lists ZSFG-ERR-COMP-MODE An attempt was made to change or set the password to a length greater than eight characters, when PASSWORD-COMPATIBILITY-MODE is set to ON. ZSPI-TKN-ERRLIST ZSPI-TKN-ERROR ZCOM-TKN-OBJNAME ZSPI-TKN-ENDLIST token token token token type type type type ZSPI-TYP-LIST ZSPI-TYP-ERROR ZSPI-TYP-STRING ZSPI-TYP-SSCTL Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual.
Error Numbers and Error Lists ZSFG-ERR-PSWD-SPACE-NEED-CMOFF Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual. Its value consists of the Safeguard subsystem ID and the error number ZSFG-ERR-PSWD-QUAL-NEED-HMAC. This token is always present in the error list. ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list.
ZSFG-ERR-PSWD-MIN-QUAL Error Numbers and Error Lists Probable Cause An attempt was made to change or set the attribute PASSWORD-SPACE-ALLOWED, when PASSWORD-ALGORITHM is DES PASSWORD-ENCRYPT is OFF, or PASSWORD-COMPATIBILITY-MODE is ON. Recommended Action The PASSWORD-ALGORITHM should be set to HMAC256, PASSWORD-ENCRYPT should be set to ON, and PASSWORD-COMPATIBILITY-MODE should be set to OFF.
ZSFG-ERR-PSWD-INVALID-PASS Error Numbers and Error Lists Recommended Action PASSWORD-MIN-QUALITY-REQUIRED should be set to a value less than or equal to the number of individual password quality attributes set to ON. ZSFG-ERR-PSWD-INVALID-PASS The password contains comma (,), semicolon (;), or quote (“).
ZSFG-ERR-PSWD-CRIT-FAIL Error Numbers and Error Lists Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual. Its value consists of the Safeguard subsystem ID and the error number ZSFG-ERR-PSWD-EMBEDDED-SPACE. This token is always present in the error list. ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list.
ZSFG-ERR-PSWD-DUPLICATE-TKN Error Numbers and Error Lists Recommended Action Password given should meet the minimum password quality criteria. ZSFG-ERR-PSWD-DUPLICATE-TKN An attempt was made to change or set the password by specifying both the tokens zsfg-tkn-pswd and zsfg-tkn-pswd64.
Error Numbers and Error Lists -14: ZCOM-ERR-NO-MEM-SPACE -15: ZCOM-ERR-OBJ-ALRDY-DEF -17: ZCOM-ERR-OBJ-NOT-FOUND -18: ZCOM-ERR-OBJ-NOT-SUPP -19: ZCOM-ERR-OBJNAME-INV -22: ZCOM-ERR-SECUR-VIOL -23: ZCOM-ERR-SPI-ERR -24: ZCOM-ERR-SSID-INV -26: ZCOM-ERR-TKN-CODE-INV -27: ZCOM-ERR-TKN-DUP -28: ZCOM-ERR-TKN-LEN-INV -29: ZCOM-ERR-TKN-REQ -30: ZCOM-ERR-TKN-VAL-INV -32: ZCOM-ERR-VSN-INCOMP -33: ZCOM-ERR-EMPT-RSP -35: ZCOM-ERR-CNTXT-CODE-INV -36: ZCOM-ERR-TKN-CNTXT-VAL-INV Safeguard
B Example of Sharing a Binary Description Field The binary description field associated with a user or alias authentication record can be shared among multiple vendors. The field structure provides subfields for a vendor-ID, length, and data. Vendors must cooperate on the use of this field. HP assigns and maintains vendor IDs. Following is an example of code for sharing a user/alias binary description field among multiple vendors. Note. The binary description field is supported only on systems running G06.
Example of Sharing a Binary Description Field strcpy(&v[0].info[2], "Safeguard Subsystem - T9750"); /* v[0] will contain nonprintable data. */ BinaryBuf.length = sizeof(struct vendor); sprintf(BinaryBuf.string,"%s%d%s", v[0].ssid, v[0].length, v[0].info); 2. Add the binary description field to the user/alias record using an SPI procedure. For example: SSPUTTKN (spibuf, tok, (char*)value,,(short*)&sfg_ssid); where is the SPI buffer to be sent. is the binary description token ZSFG-TKN-DESC_BIN.
Example of Sharing a Binary Description Field c. ALTER the user/alias record with the binary description field by using an SPI procedure. For example: SSPUTTKN (spibuf, tok, (char*)value ,, (short*)&sfg_ssid); where spibuf is the SPI buffer to be sent. tok is the binary description token ZSFG-TKNDESC_BIN. value is the structure (BinaryBuf) to be stored in the binary description record. sfg_ssid is the Safeguard subsystem ID.
Example of Sharing a Binary Description Field Safeguard Management Programming Manual—422086-012 B- 4
Glossary This glossary defines terms used in this manual and in related manuals for Distributed Systems Management. action command. A command that results in action on an object, as opposed to retrieval of information. See also information command. action event. An event that requires operator action to resolve. Each subsystem determines what events are action events by including a unique EMS token in the event message.
command number Glossary command number. A number that represents a particular command to a subsystem. Each subsystem or management process with a token-oriented programmatic interface can have its own set of command numbers, which are represented in DDL by constants and in programs by TAL literals or defines, COBOL level-01 variables, C #defines, or TACL text variables. The command number is a header token in command and response messages. compatibility.
context-sensitive server Glossary context-sensitive server. A server that retains information about previous processing. For instance, in performing a command on a list of objects, a context-sensitive subsystem might retain, between response messages, the name of the object it last processed. Context-sensitive servers limit or complicate the requester’s ability to interrupt or abandon the continuation of a series of response messages. context token.
current position Glossary current position. The location in the SPI buffer of the token whose token code, token value, or attribute has just been retrieved. Scans for the next token code (with the operations ZSPI-TKN-NEXTCODE and ZSPI-TKN-NEXTTOKEN) begin at the current position but always return a token code beyond the current position. See also next position and initial position. current token. The token in the current position. See current position. data communications standard definitions.
Distributed Name Service Glossary Distributed Name Service. A subsystem for the NonStop server that manages a distributed database of names. It allows you to store in your database the names (and aliases) of system and network objects, facts about their relationships, and instructions for replicating name definitions on remote nodes. The completed database, which you update as needed to reflect configuration changes, is an online resource to operators and management applications.
end-list token Glossary end-list token. A syntax token that ends a list. SPI defines a single end-list token, whose token code is ZSPI-TKN-ENDLIST. See also list token and syntax token. enumerated type. A 16-bit signed data type that has one of a specified list of values with designated meanings. The enumerated type is one of the standard token data types defined by SPI, but the list of acceptable values and what they mean varies depending on the token number and is defined by the subsystem. error.
event message Glossary event message. In programmatic interfaces based on SPI, a special kind of SPI message that describes an event occurring in the system or network. extensible structure. A structure declared for the value of an extensible structured token. See extensible structured token. Compare to fixed structure. extensible structured token. A token consisting of a token code and a value that is an extensible structure.
header token Glossary header token. A special kind of token that provides information pertaining to the SPI message as a whole. The header tokens are typically items common to all or most messages of a specific kind.
Linkage Section Glossary subsystem defines an is-present field referring to the contents of another field only if no null value can be recognized because every value that can fit in the other field is meaningful to the subsystem. Linkage Section. The SCREEN COBOL source program section that describes the structure of parameter data passed to a SCREEN COBOL subprogram by a CALL statement. See extras. list.
maximum field version Glossary maximum field version. In an SPI message, the latest version associated with any non-null field of any extensible structured token in the message. The maximum field version of the SPI message is contained in a header token. It corresponds to the version of the oldest server or requester that can successfully process the message. message. A block of information, usually in the form of a structure, that is sent from one process to another. See also SPI message. message buffer.
object Glossary made no explicit assignment to that field after calling the SSNULL procedure to initialize the structure. object. In SPI, an entity subject to independent reference and control by a subsystem; for example, the disk file $DATA or the data communications line $X2502. An object typically has a name and a type known to the controlling subsystem. In DDL, an item in a dictionary. DDL assigns each object a unique object number for identification. object-name template.
pass-through error Glossary object-name tokens, and subsystem-control tokens. See also syntax token. In event management, a token representing a parameter passed by an application to an eventmessage filter. These tokens are kept in a parameter buffer. For more information, see the EMS Manual. pass-through error. An error originally reported by one subsystem or system component but included in a response record produced by another subsystem.
qualified token code Glossary qualified token code. A token code that includes a subsystem ID. requester version. The software revision level of the definition files used in the compilation of a requester. Each subsystem has its own definitions, so the requester version can differ in requests to different subsystems. response. The information or confirmation supplied by a subsystem in reaction to a command.
sensitive command Glossary sensitive command. A command that can be issued only by a restricted set of users, such as the super group, because the subsystem restricts access to the command. For data communications subsystems, the sensitive commands are those that can change the state or configuration of objects. So for these subsystems, the sensitive commands are also action commands. See also nonsensitive command. server version.
SPI definitions Glossary codes for SSPUT are examples of SPI control codes. An SPI control code is a kind of special operation. See special operation. SPI definitions. See SPI standard definitions. SPI error number. A number that indicates whether a call to an SPI procedure completed successfully and why it failed if it did. This number is returned in the status parameter on calls to the SPI procedures. The SPI error number does not reflect the success or failure of a command.
Glossary status server, status collection server status server, status collection server. A server that gathers data. HP provides a default status server. You can write and configure additional status servers to augment or replace the functionality of the default status server. Typically, a status server issues programmatic commands to subsystems to find out how many or how much of some resource is available—for example, how many network nodes are available or how many terminals are up.
subsystem-control token Glossary subsystem-control token. A parameter token that influences how a subsystem performs a command. For instance, the standard SPI token ZSPI-TKN-ALLOW-TYPE, supported by some subsystems, is a subsystem-control token. It determines under what conditions the subsystems continue command processing on the next object in a sequence if errors or warnings occur. See also response-control token. subsystem definitions.
symbolic name Glossary to states. Examples of summary states are STARTED, STOPPED, SUSPENDED, ABORTING, and DIAGNOSTIC. symbolic name. A name used in programs to refer to a value or a variable. HP provides definition files that declare symbolic names for values, token codes, token maps, extensible structures, and other related variables used in management applications. syntax token. A token whose function is not to provide information for a command or response but to bracket or group other tokens.
token number Glossary token number. The number used by a subsystem to identify each kind of token that it defines. The token type and the token number together form the token code. token-oriented. Said of a programmatic interface that conveys information as a series of code-value pairs accessed by code rather than by address or ordinal position. SPI is used by application programs and subsystems to provide a token-oriented programmatic interface. token type.
warning Glossary Safeguard Management Programming Manual—422086-012 Glossary -20
Index A Action events 8-1 ACTIVATE ALIAS command 7-3 ACTIVATE PROTECTIONRECORD command 7-5 ACTIVATE TERMINAL (LU) command 7-7 ACTIVATE USER command 7-9 ADD ALIAS command 7-11 ADD AUDIT POOL command 7-25 ADD EVENT-EXIT-PROCESS command 7-27 ADD GROUP command 7-32 ADD PROTECTIONRECORD command 7-35 ADD REMOTEPASSWORD command 7-43 ADD TERMINAL (LU) command 7-46 ADD USER command 7-50 Alias authentication records adding 7-11 altering 7-63 deleting 7-114 obtaining information 7-132 suspending 7-191 Alias names, lis
C Index Command Buffer (continued) ALTER EVENT-EXIT-PROCESS command 7-73 ALTER GROUP command 7-76 ALTER PROTECTIONRECORD command 7-80 ALTER REMOTEPASSWORD command 7-84 ALTER SUBSYSTEM command 7-89 ALTER TERMINAL command 7-103 ALTER USER command 7-109 DELETE ALIAS command 7-114 DELETE AUDIT POOL command 7-116 DELETE EVENT-EXIT-PROCESS command 7-118 DELETE GROUP command 7-122 DELETE PROTECTIONRECORD command 7-120 DELETE REMOTEPASSWORD command 7-124 DELETE TERMINAL command 7-126 DELETE USER command 7-128 GET
D Index Commands (continued) DELETE EVENT-EXITPROCESS 7-118 DELETE GROUP 7-122 DELETE PROTECTIONRECORD 7-120 DELETE REMOTEPASSWORD 7-124 DELETE TERMINAL (LU) 7-126 DELETE USER 7-128 description of 7-1 discontinuing 5-2 GETVERSION 7-130 INFO ALIAS 7-132 INFO AUDIT POOL 7-137 INFO EVENT-EXIT-PROCESS (PROC) 7-139 INFO GROUP 7-142 INFO PROTECTIONRECORD 7-145 INFO REMOTEPASSWORD 7-150 INFO SUBSYSTEM 7-153 INFO TERMINAL (LU) 7-158 INFO USER 7-161 LISTOBJECTS 7-166 LISTOBJECTS ALIAS 7-168 LISTOBJECTS USER 7-170
E Index Errors Safeguard Errors A-73 ZSFG-ERR-ALIASGUARDIANID A-28 ZSFG-ERR-ALIASGUARDNAME A-28 ZSFG-ERR-AUDITFILEFOREIGN A-18 ZSFG-ERR-AUDITFILE-INUSE A-20 ZSFG-ERR-AUDITFILEMISSING A-18 ZSFG-ERR-AUDITFILE-RLSED A-19 ZSFG-ERR-AUDITPOOLCURRENT A-23 ZSFG-ERR-AUDITPOOL-DIRTY A-24 ZSFG-ERR-AUDITPOOL-FULL A-21 ZSFG-ERR-AUDITPOOLMISSING A-21 ZSFG-ERR-AUDITPOOL-NEXT A-24 ZSFG-ERR-AUDITPOOLNOTCURRENT A-22 ZSFG-ERR-CANT-START-CI A-27 ZSFG-ERR-CANT-STARTPROCESS A-40 ZSFG-ERR-COMP-MODE A-68 ZSFG-ERR-GROUP-DERIVED A
E Index Errors (continued) ZSFG-ERR-SEEP-AUTHZBUSY A-31, A-61, A-62, A-63, A-64, A-65, A-66, A-67, A-68, A-69, A-70, A-71, A-72, A-73 ZSFG-ERR-SEEP-PSWD-BUSY A-32 ZSFG-ERR-SEL-CMPR-INV A-48 ZSFG-ERR-SMALLUSERIDFILE A-5 ZSFG-ERR-SQLOBJECT A-9 ZSFG-ERR-SUBJGROUPNAME A-8 ZSFG-ERR-SUBJGROUPNUM A-8 ZSFG-ERR-SYS-NOT-FOUND A-12 ZSFG-ERR-USERID-EXISTS A-49 ZSFG-ERR-VOL-NONEXISTENT A-17 ZSFG-ERR-WARNMODEOBJTYPE A-51 Errors COM-ERR-OBJNAME-INV ALTER REMOTEPASSWORD command 7-85 Errors ZCOM-ERR-AUDITFILE-FOREIGN RELE
E Index Errors ZCOM-ERR-FS-ERR (continued) INFO USER command 7-165 NEXTFILE command 7-176 RELEASE AUDIT FILE command 7-178 START TERMINAL command 7-180 STATUS ALIAS command 7-182 STATUS PROTECTIONRECORD command 7-184 STATUS SUBSYSTEM command 7-186 STATUS USER command 7-188 STOP command 7-189 SUSPEND ALIAS command 7-192 SUSPEND PROTECTIONRECORD command 7-193 SUSPEND TERMINAL command 7-195 SUSPEND USER command 7-198 Errors ZCOM-ERR-internal ALTER AUDIT POOL command 7-72 INFO AUDIT POOL command 7-138 RELEASE
E Index Errors ZCOM-ERR-NO-MEMSPACE (continued) INFO PROTECTIONRECORD command 7-148 INFO REMOTEPASSWORD command 7-151 INFO SUBSYSTEM command 7-156 INFO TERMINAL command 7-159 INFO USER command 7-165 START TERMINAL command 7-180 STATUS ALIAS command 7-182 STATUS PROTECTIONRECORD command 7-184 STATUS SUBSYSTEM command 7-186 STATUS USER command 7-188 STOP command 7-190 SUSPEND ALIAS command 7-192 SUSPEND PROTECTIONRECORD command 7-194 SUSPEND TERMINAL command 7-195 SUSPEND USER command 7-198 Errors ZCOM-ERR-
E Index Errors ZCOM-ERR-OBJ-NOT-FOUND ACTIVATE ALIAS command 7-4 ACTIVATE PROTECTIONRECORD command 7-6 ACTIVATE USER command 7-10 ADD REMOTEPASSWORD command 7-45 ALTER ALIAS command 7-68 ALTER AUDIT POOL command 7-72 ALTER EVENT-EXIT-PROCESS command 7-74 ALTER GROUP command 7-77 ALTER PROTECTIONRECORD command 7-82 ALTER REMOTEPASSWORD command 7-85 ALTER TERMINAL command 7-104 ALTER USER command 7-111 DELETE ALIAS command 7-115 DELETE AUDIT POOL command 7-117 DELETE EVENT-EXIT-PROCESS command 7-119 DELETE
E Index Errors ZCOM-ERR-SECURVIOL (continued) DELETE EVENT-EXIT-PROCESS command 7-119 DELETE PROTECTIONRECORD command 7-121 DELETE REMOTEPASSWORD command 7-125 DELETE TERMINAL command 7-127 DELETE USER command 7-129 INFO ALIAS command 7-136 INFO AUDIT POOL command 7-138 INFO EVENT-EXIT-PROCESS command 7-140 INFO GROUP command 7-144 INFO PROTECTIONRECORD command 7-149 INFO REMOTEPASSWORD command 7-151 INFO SUBSYSTEM command 7-157 INFO TERMINAL command 7-159 INFO USER command 7-165 NEXTFILE command 7-176 RE
E Index Errors ZCOM-ERR-SPI-ERR (continued) STOP command 7-190 SUSPEND ALIAS command 7-192 SUSPEND PROTECTIONRECORD command 7-194 SUSPEND TERMINAL command 7-196 SUSPEND USER command 7-198 Errors ZCOM-ERR-SSID-INV ACTIVATE ALIAS command 7-5 ACTIVATE PROTECTIONRECORD command 7-7 ACTIVATE TERMINAL command 7-9 ADD ALIAS command 7-22 ADD EVENT-EXIT-PROCESS command 7-30 ADD PROTECTIONRECORD command 7-42 ADD REMOTEPASSWORD command 7-45 ADD TERMINAL command 7-48 ADD USER command 7-61 ALTER ALIAS command 7-68 ALTE
E Index Errors ZCOM-ERR-TKN-CODEINV (continued) ADD EVENT-EXIT-PROCESS command 7-30 ADD PROTECTIONRECORD command 7-42 ADD REMOTEPASSWORD command 7-45 ADD TERMINAL command 7-48 ADD USER command 7-61 ALTER ALIAS command 7-68 ALTER EVENT-EXIT-PROCESS command 7-75 ALTER PROTECTIONRECORD command 7-83 ALTER REMOTEPASSWORD command 7-86 ALTER SUBSYSTEM command 7-102 ALTER TERMINAL command 7-104 ALTER USER command 7-111 DELETE ALIAS command 7-115 DELETE AUDIT POOL command 7-117 DELETE EVENT-EXIT-PROCESS command 7-
E Index Errors ZCOM-ERR-TKN-LEN-INV ADD EVENT-EXIT-PROCESS command 7-30 ADD TERMINAL command 7-48 ALTER EVENT-EXIT-PROCESS command 7-75 ALTER TERMINAL command 7-105 Errors ZCOM-ERR-TKN-REQ ADD ALIAS command 7-22 ADD EVENT-EXIT-PROCESS command 7-31 ADD GROUP command 7-34 ADD REMOTEPASSWORD command 7-45 ADD TERMINAL command 7-49 ADD USER command 7-61 ALTER GROUP command 7-77 ALTER REMOTEPASSWORD command 7-86 ALTER TERMINAL command 7-105 DELETE GROUP command 7-123 Errors ZCOM-ERR-TKN-SSID-INV SUSPEND PROTECT
E Index Errors ZCOM-ERR-VSNINCOMP (continued) RELEASE AUDIT FILE command 7-178 START TERMINAL command 7-180 STATUS ALIAS command 7-182 STATUS PROTECTIONRECORD command 7-184 STATUS SUBSYSTEM command 7-186 STATUS USER command 7-188 STOP command 7-190 SUSPEND TERMINAL command 7-196 Errors ZSFG-ERR-ALIASGUARDIANID ADD ALIAS command 7-21, 7-23 Errors ZSFG-ERR-ALIASGUARDNAME ADD ALIAS command 7-21, 7-23 Errors ZSFG-ERR-AUDITPOOL-NEXT ALTER SUBSYSTEM command 7-102 Errors ZSFG-ERR-AUDITPOOLNOTCURRENT NEXTFILE com
E Index Errors ZSFG-ERR-MEMBER-UPDATE ADD GROUP command 7-34 ALTER GROUP command 7-78 Errors ZSFG-ERR-NO-MEMBER-UPDATE ADD GROUP command 7-34 ALTER GROUP command 7-78 Errors ZSFG-ERR-ORPHANEDALIAS DELETE USER command 7-130 Errors ZSFG-ERR-ORPHANED-ACL ADD ALIAS command 7-23 ADD PROTECTIONRECORD command 7-43 ADD USER command 7-62 ALTER USER command 7-112 Errors ZSFG-ERR-OWNER-LIST-INVOWNER ADD ALIAS command 7-23 ADD USER command 7-62 ALTER ALIAS command 7-70 Errors ZSFG-ERR-PAT-BAD-PATHNAME ALTER PROTECTIO
F Index Errors ZSFG-ERR-SUBJGROUPNAME ADD USER command 7-62 Errors ZSFG-ERR-SUBJGROUPNUM ADD USER command 7-61 Errors ZSFG-ERR-SYS-NOT-FOUND ADD REMOTEPASSWORD command 7-45 DELETE REMOTEPASSWORD command 7-125 Errors ZSFG-ERR-TEXTDATA-INVALID ADD ALIAS command 7-23, 7-63 ALTER USER command 7-113 Errors ZSFG-ERR-TEXTDATA-INVALIDT ALTER ALIAS command 7-70 Errors ZSFG-ERR-TKN-CODE-INV GETVERSION command 7-131 Errors ZSFG-ERR-TRUSTNONOBJ ADD PROTECTIONRECORD command 7-43 ALTER PROTECTIONRECORD command 7-84 Err
G Index G N GETVERSION command 7-130 Group definition records adding 7-32 altering 7-76 Group info 7-142 Group records, deleting 7-122 Network-management applications See Applications NEXTFILE command 7-175 I INFO ALIAS command 7-132 INFO AUDIT POOL command 7-137 INFO EVENT-EXIT-PROCESS (PROC) command 7-139 INFO GROUP command 7-142 INFO PROTECTIONRECORD command 7-145 INFO REMOTEPASSWORD command 7-150 INFO SUBSYSTEM command 7-153 INFO TERMINAL (LU) command 7-158 INFO USER command 7-161 L LISTOBJECTS A
S Index Remote Passwords (continued) altering 7-84 deleting 7-124 obtaining configuration information 7-150 Response Buffer ACTIVATE ALIAS command 7-4 ACTIVATE PROTECTIONRECORD command 7-5 ACTIVATE TERMINAL command 7-8 ACTIVATE USER command 7-10 ADD ALIAS command 7-21 ADD AUDIT POOL command 7-26 ADD EVENT-EXIT-PROCESS command 7-29 ADD GROUP command 7-33 ADD PROTECTIONRECORD command 7-41 ADD REMOTEPASSWORD command 7-44 ADD TERMINAL command 7-47 ADD USER command 7-60 ALTER ALIAS command 7-67 ALTER AUDIT POO
T Index Safeguard Manager Process (continued) startup considerations 3-1 Safeguard subsystem commands accepted by 7-1 management programming for 2-1 responses issued by 7-1 SPI building commands 4-1 decoding responses 4-1 obtaining event messages 4-1 START TERMINAL (LU) command 7-179 STATUS ALIAS command 7-181 STATUS PROTECTIONRECORD command 7-183 STATUS SUBSYSTEM command 7-185 STATUS USER command 7-187 STOP command 7-189 Subsystem altering 7-87 obtaining configuration information 7-153 obtaining status i
T Index Tokens ZCMK-MAP-LISTOP LISTOPENS command 7-173 Tokens ZCMK-TKN-LISTOP-QUALIFS LISTOPENS command 7-174 Tokens ZCMK-TKN-LISTOP-XPNAM LISTOPENS command 7-174 Tokens ZCMK-TKN-PKG-BANNER GETVERSION command 7-131 Tokens ZSFG-MAP-ACCESS ADD PROTECTIONRECORD command 7-39 Tokens ZSFG-MAP-AUTHEN-FAIL-TO ALTER SUBSYSTEM command 7-89 Tokens ZSFG-MAP-DEFAULT-ACCESS ADD ALIAS command 7-19 ADD USER command 7-58 Tokens ZSFG-MAP-DEFAULT-OWNERID ADD ALIAS command 7-19 ADD USER command 7-58 Tokens ZSFG-MAP-DEFAULT-S
T Index Tokens ZSFG-TKN-AUDIT-BY-USER-PASS ADD USER command 7-57 Tokens ZSFG-TKN-AUDIT-DEVICE-ACCFAIL ALTER SUBSYSTEM command 7-95 Tokens ZSFG-TKN-AUDIT-DEVICE-ACCPASS ALTER SUBSYSTEM command 7-95 Tokens ZSFG-TKN-AUDIT-DEVICE-MANFAIL ALTER SUBSYSTEM command 7-94 Tokens ZSFG-TKN-AUDIT-DEVICE-MANPASS ALTER SUBSYSTEM command 7-94 Tokens ZSFG-TKN-AUDIT-FILE-ACC-FAIL ALTER SUBSYSTEM command 7-95 Tokens ZSFG-TKN-AUDIT-FILE-ACCPASS ALTER SUBSYSTEM command 7-95 Tokens ZSFG-TKN-AUDIT-FILE-MAN-FAIL ALTER SUBSYSTEM
T Index Tokens ZSFG-TKN-CHECKSUBPROCESS ALTER SUBSYSTEM command 7-91 Tokens ZSFG-TKN-CHECK-SUBVOL ALTER SUBSYSTEM command 7-92 Tokens ZSFG-TKN-CHECK-VOLUME ALTER SUBSYSTEM command 7-92 Tokens ZSFG-TKN-CI-LIB-XFNAME ADD ALIAS command 7-19 ADD EVENT-EXIT-PROCESS command 7-28 ADD TERMINAL command 7-47 ADD USER command 7-58 ALTER SUBSYSTEM command 7-95 Tokens ZSFG-TKN-CI-NAME ADD ALIAS command 7-20 ADD TERMINAL command 7-47 ADD USER command 7-59 Tokens ZSFG-TKN-CI-PARAM-TEXT ADD ALIAS command 7-20 ADD TERMINA
T Index Tokens ZSFG-TKN-DESCBIN-LEN INFO ALIAS command 7-135 INFO USER command 7-164 Tokens ZSFG-TKN-DESC-BIN ADD ALIAS command 7-21 ADD USER command 7-60 INFO ALIAS command 7-135 INFO USER command 7-164 Tokens ZSFG-TKN-DESC-TEXT ADD ALIAS command 7-20 ADD USER command 7-59 INFO USER command 7-164 Tokens ZSFG-TKN-DESC-TXT INFO ALIAS command 7-135 Tokens ZSFG-TKN-DF-AUDIT-ACCESSFAIL ADD ALIAS command 7-19 ADD USER command 7-58 Tokens ZSFG-TKN-DF-AUDIT-ACCESSPASS ADD ALIAS command 7-19 ADD USER command 7-58
T Index Tokens ZSFG-TKN-LIKEOBJNAME (continued) ADD PROTECTIONRECORD command 7-36 ADD USER command 7-52 Tokens ZSFG-TKN-LU-EXCLUSIVEACCESS ALTER SUBSYSTEM command 7-96 Tokens ZSFG-TKN-MAXEXTENTS ADD AUDIT POOL command 7-26 Tokens ZSFG-TKN-MAXFILES ADD AUDIT POOL command 7-26 Tokens ZSFG-TKN-NAMELOGON ALTER SUBSYSTEM command 7-96 Tokens ZSFG-TKN-NEXTAUDITPOOL ALTER SUBSYSTEM command 7-97 Tokens ZSFG-TKN-PARAM-TEXT ADD EVENT-EXIT-PROCESS command 7-29 Tokens ZSFG-TKN-PASSWORD ADD ALIAS command 7-15, 7-54 ADD
U Index Tokens ZSFG-TKN-PSWD-REQSPECIALCHAR ALTER SUBSYSTEM command 7-100 Tokens ZSFG-TKN-PSWD-SPACESALLOWED ALTER SUBSYSTEM command 7-100 Tokens ZSFG-TKN-REMOTEPASSWORD ADD REMOTEPASSWORD command 7-44 Tokens ZSFG-TKN-RESET-BIN-DESC ALTER ALIAS command 7-67 ALTER USER command 7-110 Tokens ZSFG-TKN-RESET-TEXT-DESC ALTER ALIAS command 7-66 ALTER USER command 7-109 Tokens ZSFG-TKN-RESONSE-TIMEOUT ADD EVENT-EXIT-PROCESS command 7-28 Tokens ZSFG-TKN-SECONDARYEXTENT ADD AUDIT POOL command 7-26 Tokens ZSFG-TKN-S
Z Index ZSFG-TKN-AUD-CLIENT-OSS 7-98 ALTER SUBSYSTEM command token 7-88 ZSFG-TKN-AUD-CLIENT-SERVICE 7-98 ZSFG-TKN-DESC ADD GROUP command 7-33 ZSFG-TKN-GROUPID ADD GROUP command 7-33 INFO USER command 7-164 ZSFG-TKN-MEMBER ADD GROUP command 7-33 ZSFG-TKN-PRIMARY-GROUPID ALTER ALIAS command 7-66 ALTER USER command 7-109 INFO USER command 7-164 ZSFG-TKN-PRIMARY-GROUPNAME ALTER ALIAS command 7-66 ALTER USER command 7-109 ZSFG-TKN-PSWD-COMP-MODE ALTER SUBSYSTEM command 7-99 ZSFG-TKN-PSWD-MAX-LENGTH ALTER SUBSY
Special Characters Index ZSPI-TKN-RETCODE (continued) LISTOBJECTS command 7-167 LISTOBJECTS USER command 7-171 LISTOPENS command 7-174 NEXTFILE command 7-176 RELEASE AUDIT FILE command 7-177 START TERMINAL command 7-179 STATUS ALIAS command 7-182 STATUS PROTECTIONRECORD command 7-184 STATUS SUBSYSTEM command 7-186 STATUS USER command 7-188 STOP command 7-189 SUSPEND ALIAS command 7-191 SUSPEND PROTECTIONRECORD command 7-193 SUSPEND TERMINAL command 7-195 SUSPEND USER command 7-197 ZSPI-TKN-SEL-CONSTANT 6-
