Safeguard Management Programming Manual Abstract This manual describes the Safeguard management programming interface. It is intended for programmers and security administrators. Product Version Safeguard G07, H05 Supported Release Version Updates (RVUs) This manual supports J06.03 and all subsequent J-series RVUs, H06.08 and all subsequent H-series RVUs, and G06.29 and all subsequent G-series RVUs, until otherwise indicated by its replacement publications.
Document History Part Number Product Version Published 422086-022 Safeguard G07, H05 February 2011 422086-024 Safeguard G07, H05 August 2011 422086-025 Safeguard G07, H05 August 2012 422086-026 Safeguard G07, H05 February 2013 422086-027 Safeguard G07, H05 August 2013 422086-028 Safeguard G07, H05 February 2014
Legal Notices © Copyright 2014 Hewlett-Packard Development Company, L.P. Confidential computer software. Valid license from HP required for possession, use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license. The information contained herein is subject to change without notice.
Safeguard Management Programming Manual Glossary Index Figures Tables Legal Notices What’s New in This Manual ix Manual Information ix New and Changed Information ix About This Manual xvii Who Should Read This Manual xvii Organization of This Manual xvii Related Reading xviii Notation Conventions xviii 1. Introduction Objects Controlled by Safeguard 1-1 Safeguard Management Functions 1-1 Safeguard Architecture and Interfaces 1-4 2.
5. SPI Programming Considerations Contents Subjects of Event Messages 4-6 Other Tokens 4-7 Constructs Involving Multiple Tokens 4-8 Components of a Command 4-8 Components of a Response 4-8 Components of an Event Message 4-8 5. SPI Programming Considerations Building the Command Buffer 5-1 Discontinuing a Command in Progress 5-2 Receiving and Decoding the Response Buffer Error Handling 5-3 Security 5-3 5-2 6.
. Commands Contents ALTER EVENT-EXIT-PROCESS (PROC) Command 7-80 ALTER GROUP Command 7-83 ALTER PROTECTIONRECORD Command 7-88 ALTER REMOTEPASSWORD Command 7-94 ALTER SUBSYSTEM Command 7-97 ALTER TERMINAL (LU) Command 7-124 ALTER USER Command 7-127 DELETE ALIAS Command 7-135 DELETE AUDIT POOL Command 7-137 DELETE EVENT-EXIT-PROCESS (PROC) Command 7-139 DELETE PROTECTIONRECORD Command 7-141 DELETE GROUP Command 7-143 DELETE REMOTEPASSWORD Command 7-145 DELETE TERMINAL (LU) Command 7-147 DELETE USER Command
. Event Management Contents SUSPEND TERMINAL (LU) Command SUSPEND USER Command 7-223 7-221 8.
A.
A.
A.
B. Example of Sharing a Binary Description Field Contents Safeguard Errors A-85 B. Example of Sharing a Binary Description Field Glossary Index Figures Figure 2-1. Safeguard Management Programming Interface 2-2 Tables Table i. Table 1-1. Table 2-1. Table 6-1. Table 6-2. Table 6-3. Table 7-1. Table 7-2. Table 7-3. Table 8-1. Table 8-2. Table 8-3. Table 8-4. Table 8-5.
What’s New in This Manual Manual Information Safeguard Management Programming Manual Abstract This manual describes the Safeguard management programming interface. It is intended for programmers and security administrators. Product Version Safeguard G07, H05 Supported Release Version Updates (RVUs) This manual supports J06.03 and all subsequent J-series RVUs, H06.08 and all subsequent H-series RVUs, and G06.29 and all subsequent G-series RVUs, until otherwise indicated by its replacement publications.
What’s New in This Manual • • • Changes to 422086-027 manual Replaced the token name ZCOM-ERR-SEL-CMPR-INV with ZSFG-ERR-SELCMPR-INV in the Error Handling Notes section for the following commands: ° ° ° ° ° ° ° ° ° ° ° ° ACTIVATE ALIAS Command on page 7-3. ACTIVATE USER Command on page 7-9. DELETE ALIAS Command on page 7-135. DELETE USER Command on page 7-149. INFO ALIAS Command on page 7-153. INFO USER Command on page 7-186. LISTOBJECTS ALIAS Command on page 7-194.
What’s New in This Manual Changes to 422086-026 manual Changes to 422086-026 manual • • • • • • • Updated the section ADD EVENT-EXIT-PROCESS (PROC) Command on page 7-28. Updated the section ALTER EVENT-EXIT-PROCESS (PROC) Command on page 7-80. Updated the section INFO EVENT-EXIT-PROCESS (PROC) Command on page 7-161. Added an event messages to the table Safeguard Event Messages on page 8-11. Added the event message ZSFG-EVT-HELPER-LOST-SMP on page 8-87.
What’s New in This Manual Changes to the H06.22/J06.11 manual Changes to the H06.22/J06.11 manual • • • • • • • Updated the Safeguard product version on page -1. Added SAVEDDISKPATTERN object type descriptor on page 4-4. Added description of the following fields: ° ° ZSFG-TKN-PRIVLOGON on page 7-89 ZSFG-TKN-AUDIT-PRIV-LGN on page 7-89 Added the following tokens and their descriptions to the ALTER SUBSYSTEM command: ° ° ° ° ° ° ZSFG-TKN-PSWD-REQ-MIN-UPCASE on pages 7-99 and 7-112.
What’s New in This Manual • • Changes to the 422086-019 Manual Updated the description of the ZSFG-EVT-CONFIG-EXLVAL Safeguard event message on pages 8-12 and 8-79. Added the following Safeguard event messages: ° ° ° ZSFG-EVT-BAD-HELPER-NAME on pages 8-12 and 8-81. ZSFG-EVT-BAD-PSB on pages 8-12 and 8-83. ZSFG-EVT-PSB-UPDATE-COMPLETE on pages 8-13 and 8-85.
What’s New in This Manual ° ° ° ° Changes to the H06.19/J06.08 Manual ZSFG-ERR-GROUP-NUMBER-RESTRICT on page A-80. ZSFG-ERR-GROUP-NAME-RESTRICTED on page A-80. ZSFG-ERR-GROUP-NUMBER-RESERVED on page A-81. ZSFG-ERR-GROUP-MEMBER-RESTRICT on page A-82. Changes to the H06.19/J06.08 Manual • • • • • • • • • • • • • Added SAFECOM WHERE CREATION-TIME selection option on page 6-6. Added a note on special groups on page 7-34.
What’s New in This Manual • • • ° ° Changes to the H06.16/J06.05 Manual ZSFG-TKN-CREATION-TIME on pages 7-165 and 7-166. ZSFG-TKN-CREATOR-NODENUMBER on pages 7-165 and 7-166. Added the following tokens to the display of the INFO SUBSYSTEM command: ° ° ZSFG-TKN-AUD-OSS-FILTER on page 7-180. ZSFG-TKN-AUD-TACL-LOGOFF on page 7-180. Added the following tokens and their descriptions to the INFO USER command: ° ° ° ° ° ZSFG-TKN-CREATOR-NAME on pages 7-188 and 7-190.
What’s New in This Manual Changes to the H06.16/J06.
About This Manual This manual describes the token-oriented programmatic interface for the Safeguard subsystem. This interface is based on the Subsystem Programmatic Interface (SPI). Who Should Read This Manual This manual is intended for: • • TAL, C, Pascal, COBOL, or TACL programmers writing applications that use the programmatic interface to communicate with the Safeguard subsystem. Security administrators and others who need detailed information about Safeguard programmatic commands.
Related Reading About This Manual Table i. Contents of this manual Section Title Contents (continued) 6 Common Definitions Provides standard definitions for SPI, EMS, and data communications. 7 Commands Describes Safeguard programmatic commands and responses. 8 Event Management Describes event messages issued by the Safeguard subsystem. Appendix A Error Numbers and Error Lists Lists the Safeguard error numbers and describes the corresponding error lists.
General Syntax Notation About This Manual This requirement is described under Backup DAM Volumes and Physical Disk Drives on page 3-2. General Syntax Notation This list summarizes the notation conventions for syntax presentation in this manual. UPPERCASE LETTERS. Uppercase letters indicate keywords and reserved words. Type these items exactly as shown. Items not enclosed in brackets are required. For example: MAXATTACH lowercase italic letters.
General Syntax Notation About This Manual braces on each side of the list, or horizontally, enclosed in a pair of braces and separated by vertical lines. For example: LISTOPENS PROCESS { $appl-mgr-name } { $process-name } ALLOWSU { ON | OFF } | Vertical Line. A vertical line separates alternatives in a horizontal list that is enclosed in brackets or braces. For example: INSPECT { OFF | ON | SAVEABEND } … Ellipsis.
Notation for Messages About This Manual !i and !o. In procedure calls, the !i notation follows an input parameter (one that passes data to the called procedure); the !o notation follows an output parameter (one that returns data to the calling program). For example: CALL CHECKRESIZESEGMENT ( segment-id , error ) ; !i !o !i,o. In procedure calls, the !i,o notation follows an input/output parameter (one that both passes data to the called procedure and returns data to the calling program).
Notation for Management Programming Interfaces About This Manual [ ] Brackets. Brackets enclose items that are sometimes, but not always, displayed. For example: Event number = number [ Subject = first-subject-value ] A group of items enclosed in brackets is a list of all possible items that can be displayed, of which one or none might actually be displayed.
Change Bar Notation About This Manual lowercase letters. Words in lowercase letters are words that are part of the notation, including Data Definition Language (DDL) keywords. For example: token-type !r. The !r notation following a token or field name indicates that the token or field is required. For example: ZCOM-TKN-OBJNAME !o. token-type ZSPI-TYP-STRING. !r The !o notation following a token or field name indicates that the token or field is optional.
About This Manual HP Encourages Your Comments Safeguard Management Programming Manual—422086-028 xxiv
1 Introduction This manual describes the token-oriented programmatic interface to the Safeguard software. The Safeguard software is a group of programs that supplements the security features of the operating system. It is a powerful tool that provides a comprehensive security system using authentication, authorization, and auditing: • • • Authentication: Allows you to verify a user name and password when a user requests access to the system.
Safeguard Management Functions Introduction Table 1-1. Safeguard Subsystem Management Commands (page 2 of 3) Command (zcom-cmd- ) Object Type (zcom-obj-) Description (SAFECOM command) add user Adds user authentication records. alias Adds user alias authentication records. group Adds group definition records. prot Adds object protection records. rmtpassw Adds remote passwords. fileset Adds an audit pool. LU Adds a terminal definition. proc Adds an event-exit configuration record.
Safeguard Management Functions Introduction Table 1-1. Safeguard Subsystem Management Commands (page 3 of 3) Command (zcom-cmd- ) Object Type (zcom-obj-) Description (SAFECOM command) info user Retrieves attributes of a user. alias Retrieves attributes of an alias. group Retrieves group definition records prot Retrieves attributes of protection records. rmtpassw Retrieves attributes of remote passwords. subsystem Retrieves attributes of the Safeguard subsystem.
Introduction Safeguard Architecture and Interfaces Safeguard Architecture and Interfaces The Safeguard software consists of a number of processes and security database files. The processes cooperate to manage the contents of the security database, to authenticate users, and to authorize all attempts to access protected objects.
2 Management Programming for the Safeguard Subsystem As the previous section describes, there are interactive and programmatic interfaces to the Safeguard subsystem. In some situations, the programmatic interfaces are preferable to the interactive interfaces: • • It is efficient to transfer as many routine network-management tasks as possible to programs running on the network itself, freeing operators and other networkmanagement personnel to do other work.
Communicating With the Safeguard Subsystem Management Programming for the Safeguard Subsystem 1. Establishing communication with $ZSMP 2. Calling SPI procedures to build the desired message 3. Sending the message 4. Receiving the response to the message 5. Checking for error codes and handling any errors 6. Decoding the response 7. Taking appropriate action and returning to Step 2, if necessary 8.
Management Programming for the Safeguard Subsystem Event Messages Event Messages In addition to sending commands and receiving responses, a management application can obtain notification of events that occur in the Safeguard subsystem. This notification is in the form of event messages issued by the Safeguard subsystem. An event message describes an event such as a hardware or software error or the completion of an operation.
Management Programming for the Safeguard Subsystem Commands That a Management Application Can Issue Safeguard Management Programming Manual—422086-028 2-4
3 Communicating With the Subsystem This section describes how an application communicates with the Safeguard subsystem through the Subsystem Control Point (SCP) or directly with the Safeguard manager process $ZSMP. The Safeguard subsystem does not receive event messages, but it does generate them. Section 8, Event Management, discusses event messages. For more information about the SCP, see the SPI Common Extensions Manual.
Communicating With the Subsystem Definition Files all the SMON processes with a priority of 199. The Safeguard software also creates audit files when they are needed. Note. The Safeguard SPI allows for, but does not require, the use of the Subsystem Control Point (SCP) process as the gateway to the programmatic interface. Thus, Safeguard SPI follows SCP implementation standards and uses the SCP ZCOM enumerated values for commands, object types, and some common errors.
Processes Addressed Communicating With the Subsystem • • The definition file for any other subsystems with which your Safeguard management application communicates. Other definition files used by a particular subsystem if your application needs them. An example of this type of file would be one defining tokens in pass-through error lists if the application examines these error lists.
Communicating With the Subsystem Safeguard Management Programming Manual—422086-028 3-4 Processes Addressed
4 Elements of SPI Messages You can use the Subsystem Programmatic Interface (SPI) for sending commands to and decoding responses from the Safeguard subsystem and for obtaining event messages issued by the Safeguard subsystem (through EMS.) For the procedures used by an application to perform these tasks, see the SPI Programming Manual. For a description of using SPI messages to communicate with the Safeguard subsystem through SCP, see the SPI Common Extensions Manual.
Object Types Elements of SPI Messages The Safeguard subsystem supports the following commands: ACTIVATE GETVERSION RELEASE SWITCH ADD INFO SELECT SUSPEND ALTER LISTOBJECTS STATUS DELETE LISTOPENS STOP For more information about these commands, see Section 7, Commands. Object Types Every header also contains a token ZSPI-TKN-object-type, whose value is set to ZCOM-OBJ-object-type using SSINIT.
Elements of SPI Messages Object Names Users User objects are identified in one of three ways: • • • By their group name.member name By their group number,member number (ASCII character string) By their user ID in integer form. The integer user ID must be prefixed with the special delimiter two byte character string "==". The object name length is four bytes. TAL examples: ! the first word of the object name is the length INT .objectName[ 0:9 ]; ! user object name in the form .
Object Names Elements of SPI Messages • • • • • SUBPROCESS DEVICE SUBDEVICE OBJECTTYPE (used for objecttypes and security groups) SAVEDDISKPATTERN (used for SAVED-DISKFILE-PATTERN objecttype) Some examples of names using the object type descriptor are DEVICE.$TAPE, PROCESS.$NULL, SUBDEVICE.$SNAX.#LU1, and SAVEDDISKPATTERN.$TAPE*.TEST*.*. You can use the object type descriptor with wild-card names. Some examples would be DISKFILE.*, OBJECTTYPE.*, and PROCESS.*.
Object Names Elements of SPI Messages • INFO DISKFILE.*$DATA*.*.T* returns the three diskfiles: DISKFILE.$DATA2.JATER.TEST DISKFILE.$DATA1.JATER.TEST DISKFILE.$DATA.JATER.TEST • INFO DISKFILE-PATTERN.$DATA.JATE?.T* returns the diskfile pattern $DATA.JATE?.T*. • INFO DISKFILE-PATTERN.*$DATA*.J*.T* (with the ZCOM-TKN-SUB token specified to ZCOM-VAL-SUB-ALL) returns the three diskfile patterns: $DATA2.J*.T* $DATA1.JA???.TEST $DATA.JATE?.
Elements of SPI Messages • • • Event Numbers Wild cards can be used in names in all commands except ADD commands. An exception is ADD commands for diskfile patterns must contain at least one wildcard character in either the subvolume or filename element of the filename, but the characters will be treated as exact characters, not search characters. The ZCOM-TKN-SUB must be used to indicate wild cards in a diskfile-pattern filename are to be treated as search characters.
Elements of SPI Messages Other Tokens Other Tokens The Safeguard subsystem uses other tokens as command parameters, results in responses, and elements of event messages and error lists. Simple Tokens Simple tokens—tokens whose values are single fields or fixed structures—are identified by token codes. The token codes for the simple tokens used by the Safeguard subsystem are represented by symbolic names in the form ZSFG-TKNname, where name identifies the token code.
Elements of SPI Messages Constructs Involving Multiple Tokens Field Types All the field types used by the Safeguard subsystem are SPI standard field types, represented by symbolic names in the form ZSPI-DDL-name, where name identifies the field type. For example, the field type ZSPI-DDL-BOOLEAN represents the Boolean data type. Throughout this manual, when a field is described, its field type is given.
5 SPI Programming Considerations The SPI Common Extensions Manual discusses general programming considerations for writing applications that use the Subsystem Programmatic Interface (SPI) to communicate with subsystems like the Safeguard subsystem. This section discusses SPI programming considerations specific to the Safeguard subsystem. Building the Command Buffer These programming considerations apply when an application builds the command buffer for a Safeguard command.
SPI Programming Considerations • • • • • Discontinuing a Command in Progress ZSFG-MAP-REMOVE-OWNERS ZSFG-MAP-OWNERLIST ZSFG-TKN-AUDITFILENUMBER ZSFG-TKN-MEMBERNAME ZSFG-TKN-REMOVE-MEMBERNAME If any of the other tokens in a command appear more than once, the Safeguard subsystem returns the error ZCOM-ERR-TKN-DUP. Discontinuing a Command in Progress For a discussion of general programming considerations for discontinuing a command in progress, see the SPI Common Extensions Manual.
SPI Programming Considerations Error Handling no value is specified for this token, the Safeguard subsystem returns a response record for every object. Note. For commands such as the INFO command, whose purpose is to return information, using ZSPI-TKN-RESPONSE-TYPE to request the return only of those response records for objects for which errors or warnings occurred can result in no information being returned.
SPI Programming Considerations Safeguard Management Programming Manual—422086-028 5-4 Security
6 Common Definitions This section introduces the definitions that apply to the multiple commands, responses, and event messages you can use in a management application that communicates with the Safeguard subsystem: • • • • SPI standard definitions EMS standard definitions Data communications standard definitions Safeguard specific standard definitions The SPI standard definitions and Safeguard definitions are the sources of definitions for tokens used in the programmatic interface to the Safeguard sub
SPI Standard Definitions Common Definitions Table 6-1.
EMS Standard Definitions Common Definitions Table 6-1. SPI Standard Definitions (page 2 of 2) ZSPI-TYP-TIMESTAMP ZSPI-TYP-UINT Value Names ZSPI-VAL-TRUE ZSPI-VAL-FALSE ZSPI-VAL-TANDEM ZSPI-VAL-ZSFG For more information about all the SPI standard definitions, see the SPI Programming Manual. EMS Standard Definitions Definitions whose names begin with ZEMS- are Event Management Service (EMS) standard definitions.
Data Communications Standard Definitions Common Definitions For more information about all the EMS standard definitions, see the EMS Manual. For information about EMS standard definitions specific to the Safeguard subsystem, see Section 8, Event Management. Data Communications Standard Definitions Definition names beginning with ZCOM- are data communications standard definitions.
Common Definitions Data Communications Standard Definitions Table 6-3. Data Communications Standard Definitions (page 2 of 2) ZCOM-CMD-LISTOBJECTS ZCOM-CMD-GETVERSION ZCOM-CMD-SWITCH ZCOM-CMD-RELEASE Table 6-3 does not list data communications error numbers or definitions used only in error lists. For a description of all data communications standard definitions and error numbers, refer to the SPI Common Extensions Manual.
Safeguard-Specific Standard Definitions Common Definitions Safeguard-Specific Standard Definitions Definition names beginning with ZSFG- are Safeguard definitions. These definitions consist of simple tokens and extensible structured tokens used in Safeguard commands and responses. These definitions are available to all Safeguard management applications and are located in the ZSPIDEF.ZSFGDDL definition files. For more information, see Definition Files on page 3-2.
SAFECOM WHERE GROUP selection options Common Definitions comparisons logically using the AND and OR logical operators specified in the expression. SAFECOM WHERE GROUP selection options For SPI programming, the SAFECOM WHERE GROUP and WHERE PRIMARYGROUP selection options are implemented as follows: You can use these tokens in the command buffer of any USER or ALIAS command (except ADD) to select users or aliases based on group or primary group membership.
SAFECOM WHERE GROUP selection options Common Definitions 02 ZTKNCODE 02 ZINDEX 02 ZFUTURE1 02 ZFUTURE2 02 ZFUTURE3 02 ZFUTURE4 02 ZFUTURE5 end. type type type type type type type ZSPI-TYP-TOKENCODE ZSPI-TYP-INT ZSPI-TYP-INT ZSPI-TYP-INT ZSPI-TYP-INT ZSPI-TYP-INT ZSPI-TYP-INT ZSPI-TKN-SEL-OPERAND is an optional token used with ZSPI-TKN-SEL-EXPRESSION and ZSPI-TKN-SELCONSTANT to specify a selection expression. ZSPI-TKN-SEL-OPERAND defines an operand to be used in the expression.
SAFECOM WHERE GROUP selection options Common Definitions • • The first two bytes contain the length of the constant value that follows. This length is always four because the only valid constant in this context is a group number, which is represented in four bytes. The next four bytes contain the group number represented as a binary number.
SAFECOM WHERE GROUP selection options Common Definitions EXAMPLE 1: WHERE GROUP-ID = 252 Operand Array Index (1) ZSPI-TKN-SEL-OPERAND ZTKNCODE = ZSFG-TKN-GROUPID ZINDEX = 1 (2) ZSPI-TKN-SEL-OPERAND ZTKNCODE = ZPSI-TKN-SEL-CONSTANT ZINDEX = 1 Constant Array Index (1) ZSPI-TKN-SEL-CONSTANT ZVALUE = 252 ZSPI-TKN-SEL-EXPRESSION: 2 1 EQUAL-ANY EXAMPLE 2: WHERE GROUP-ID = 300 OR GROUP-ID = 364 Operand Array Index (1) ZSPI-TKN-SEL-OPERAND ZTOKENCODE = ZSFG-TKN-GROUPID ZINDEX = 1 (2) ZSPI-TKN-SE
SAFECOM WHERE GROUP selection options Common Definitions EXAMPLE 3: WHERE (GROUP-ID = 300 AND GROUP-ID = 364) & OR PRIMARY-GROUP-ID =252 Operand Array Index (1) ZSPI-TKN-SEL-OPERAND ZTOKENCODE = ZSFG-TKN-GROUPID ZINDEX = 1 (2) ZSPI-TKN-SEL-OPERAND ZTOKENCODE = ZSFG-TKN-PRIMARYGROUPID ZINDEX = 1 (3) ZSPI-TKN-SEL-OPERAND ZTOKENCODE = ZPSI-TKN-SEL-CONSTANT INDEX = 1 (4) ZSPI-TKN-SEL-OPERAND ZTOKENCODE = ZPSI-TKN-SEL-CONSTANT ZINDEX = 2 (5) ZSPI-TKN-SEL-OPERAND ZTOKENCODE = ZPSI-TKN-SEL-CONSTANT
Common Definitions SAFECOM WHERE GROUP selection options Safeguard Management Programming Manual—422086-028 6-12
7 Commands This section describes the syntax and semantics for all commands and responses in the programmatic control-and-inquiry interface.
Command Descriptions Commands Note. The Safeguard subsystem does not differentiate between sensitive and nonsensitive commands. Table 7-2 lists all the commands available in the programmatic control-and-inquiry interface to the Safeguard subsystem. This table also indicates the commands accepted by each object. Command Null Subsystem User Alias Group Protection Record Remote Password Audit Pool (Fileset) Event Exit (Process) Terminal (LU) Table 7-2.
ACTIVATE ALIAS Command Commands Each required field of an extensible structured token must have a value other than its null value. Optional fields can have a value other than the field's null value, but it is not required. ACTIVATE ALIAS Command The ACTIVATE ALIAS command thaws a user alias authentication record.
ACTIVATE ALIAS Command Commands Tokens in Response Buffer For a description of the tokens present in the response buffer for the ACTIVATE ALIAS command, see Section 6, Common Definitions. Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), an informational warning, or an error.
ACTIVATE PROTECTIONRECORD Command Commands ZCOM-ERR-SSID-INV is returned if the subsystem ID is invalid. The error list identifies the invalid subsystem ID. ZSFG-ERR-SEL-CMPR-INV is returned if an invalid selection expression is specified. ACTIVATE PROTECTIONRECORD Command The ACTIVATE PROTECTIONRECORD command thaws object protection records.
ACTIVATE PROTECTIONRECORD Command Commands Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), an informational warning, or an error. These errors or warnings can occur in response to the ACTIVATE PROTECTION command: ZCOM-ERR-FS-ERR is returned when a file-system error occurs while accessing the $volume.SAFE.GUARD file, accessing the $SYSTEM.SAFE.
ACTIVATE TERMINAL (LU) Command Commands ZCOM-ERR-SSID-INV is returned if the subsystem ID is in error. The error list identifies the invalid subsystem ID. ZSFG-ERR-PAT-MISSING-ALL is returned if the ZCOM-TKN-SUB token value is not ZCOM-VAL-SUB-ALL for a diskfile-pattern protection record ALTER, DELETE, SUSPEND(FREEZE), INFO, LISTOBJECTS, or ACTIVATE(THAW) command that contains a wildcard in the pattern-spec volume name.
ACTIVATE TERMINAL (LU) Command Commands Tokens in Response Buffer For a description of the tokens present in the response buffer for the ACTIVATE TERMINAL command, see Section 6, Common Definitions. Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), an informational warning, or an error.
ACTIVATE USER Command Commands ZCOM-ERR-SSID-INV is returned if the subsystem ID is invalid. The error list identifies the invalid subsystem ID. ACTIVATE USER Command The ACTIVATE USER command thaws user authentication records.
ACTIVATE USER Command Commands Tokens in Response Buffer For a description of the tokens present in the response buffer for the ACTIVATE USER command, see Section 6, Common Definitions. Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), an informational warning, or an error.
ADD ALIAS Command Commands ZSFG-ERR-SEL-CMPR-INV is returned if an invalid selection expression is specified. ADD ALIAS Command The ADD ALIAS command adds a user alias (logical user) authentication record to the Safeguard database.
ADD ALIAS Command Commands ZSFG-MAP-DEFAULT-SECURITY def ZSFG-DDL-FILESECURITY 02 ZREAD 02 ZWRITE 02 ZEXECUTE 02 ZPURGE end.
ADD ALIAS Command Commands end ZSFG-TKN-PSWD-EXPIRY-GRACE ZSFG-TKN-CI-XFNAME ZSFG-TKN-CI-LIB-XFNAME ZSFG-TKN-CI-NAME ZSFG-TKN-CI-PCPU ZSFG-TKN-CI-SWAP ZSFG-TKN-CI-PRI ZSFG-TKN-CI-PARAM-TEXT token-type token-type token-type token-type token-type token-type token-type token-type ZSPI-TYP-INT ZSPI-TYP-STRING ZSPI-TYP-STRING ZSPI-TYP-CHAR6 ZSPI-TYP-INT ZSPI-TYP-STRING ZSPI-TYP-INT ZSPI-TYP-STRING ZSFG-TKN-INIT-DIR ZSFG-TKN-INIT-PROGNAME ZSFG-TKN-INIT-PROGTYPE ZSFG-TKN-DESC-TEXT ZSFG-TKN-DESC-BIN token-typ
ADD ALIAS Command Commands NAME, ZSFG-TKN-DESC-TEXT, and ZSFG-TKN-DESC-BIN. The ZSFG-TKNLIKE-OBJNAME token is interpreted and applied prior to any other token. Any other tokens specified in the ADD command override the LIKE object. ZSFG-MAP-USERID is a required structured token that specifies the user ID to be associated with the alias record being added. It contains the following fields: ZGROUPNUM the group number portion of the user ID. ZUSERNUM the member number portion of the user ID.
ADD ALIAS Command Commands ZSFG-VAL-TYPEID-REMOTEANYONE ZSFG-VAL-TYPEID-NODESPECIFIC ZSFG-VAL-TYPEID-NODEGROUP ZSFG-VAL-TYPEID-NODEANYONE ZGROUPNUM is the group number portion of the owner ID. ZUSERNUM is the member number portion of the owner ID. ZNODENUM is the Expand node number portion of the owner ID. ZSFG-TKN-PASSWORD is an optional token that specifies 8 characters password of the alias being added. The default password is null, or no password.
ADD ALIAS Command Commands ZSFG-VAL-FILESECURE-NET-GROUP ZSFG-VAL-FILESECURE-NET-USER ZSFG-VAL-FILESECURE-LOCAL-SUPER ZSFG-TKN-USER-EXPIRES is an optional token that establishes a date and time after which the alias can no longer log on to the system. The default expiration date is null, or no expiration date. ZSFG-TKN-PSWD-EXPIRES is an optional token that establishes a date and time after which the password for this alias expires. The default expiration date is null, or no expiration date.
ADD ALIAS Command Commands ZSFG-TKN-AUDIT-AUTHEN-FAIL is an optional token that specifies the audit action taken for unsuccessful authentication attempts. This field must contain one of these values. ZSFG-VAL-AUDIT-ALL All unsuccessful attempts are audited. ZSFG-VAL-AUDIT-LOCAL Only unsuccessful attempts from the local system are audited. ZSFG-VAL-AUDIT-REMOTE Not meaningful; remote authentication is not supported. ZSFG-VAL-AUDIT-NONE Unsuccessful attempts are not audited.
ADD ALIAS Command Commands ZSFG-TKN-AUDIT-MANAGE-FAIL is an optional token that specifies the audit action taken for unsuccessful attempts to manage (update or view) the alias authentication record. ZSFG-TKN-AUDIT-MANAGE-FAIL must contain one of these values: ZSFG-VAL-AUDIT-ALL All unsuccessful management attempts are audited. ZSFG-VAL-AUDIT-LOCAL Only unsuccessful management attempts from the local system are audited.
ADD ALIAS Command Commands ZSFG-VAL-AUDIT-ALL All unsuccessful attempts are audited. ZSFG-VAL-AUDIT-LOCAL Only unsuccessful attempts from the local system are audited. ZSFG-VAL-AUDIT-REMOTE Only unsuccessful attempts from a remote system are audited. ZSFG-VAL-AUDIT-NONE Unsuccessful are not audited. The default is ZSFG-VAL-AUDIT-NONE. ZSFG-TKN-DEFAULT-FROZEN is an optional Boolean token that specifies a default state (frozen or thawed) applied for any files created by the alias.
ADD ALIAS Command Commands ZSFG-TKN-CI-XFNAME is an optional token that specifies the name of the Command Interpreter (CI) that is to be started once the alias is authenticated at a Safeguard terminal. ZSFG-TKN-CI-LIB-XFNAME is an optional token that specifies the library (if any) associated with the aforementioned CI. ZSFG-TKN-CI-PCPU is an optional token that specifies the primary CPU where the CI is to be started. ZSFG-TKN-CI-NAME is an optional token that specifies the CI's process name.
ADD ALIAS Command Commands ZSFG-VAL-PROGTYPE-SERV The initial program type is SERVICE. ZSFG-VAL-PROGTYPE-WIN The initial program type is WINDOW. ZSFG-TKN-DESC-TEXT is an optional token that specifies a text string to be associated with the alias record. The text must consist of printable characters. This token is provided for documentation purposes only and has no affect on the alias. The default is no descriptive text. The maximum length of the string is 2047 characters.
ADD ALIAS Command Commands ZCOM-ERR-OBJNAME-INV is returned if the specified alias name ZCOM-TKN-OBJNAME is invalid. ZSFG-ERR-ALIASGUARDIANID is returned if the underlying user ID does not exist. ZSFG-ERR-ALIASGUARDNAME is returned if the specified alias name (unshifted or case-insensitive) matches an existing user name. ZCOM-ERR-SECUR-VIOL is returned if the requestor's process access ID does not have authority to execute the ADD ALIAS command.
ADD ALIAS Command Commands ZCOM-ERR-VSN-INCOMP is returned when the version of the command is greater than the subsystem version, and the command contains unknown tokens. Or a field in a structured token is greater than the subsystem version. The error list contains the subsystem version. ZSFG-ERR-MAX-ACL-EXCEEDED is returned when the number of DEFAULT-SECURITY tokens exceeds the maximum allowed by the current product version of the Safeguard software.
ADD ALIAS Command Commands ZSFG-ERR-PSWD-TOO-SHORT is returned when the specified password is shorter than PASSWORDMINIMUM-LENGTH. ZSFG-ERR-PSWD-LONG is returned when the specified password is longer than PASSWORDMAXIMUM-LENGTH. ZSFG-ERR-PSWD-TOO-SOON is returned when the specified password is changed before the allowed time period. ZSFG-ERR-PSWD-INVALID-PASS is returned when the specified password is invalid. ZSFG-ERR-PSWD-EMBEDDED-SPACE is returned when the specified password contains spaces.
ADD AUDIT POOL (FILESET) Command Commands ADD AUDIT POOL (FILESET) Command The ADD AUDIT POOL command defines (adds) a new audit pool and optionally specifies disk allocation attributes that govern the number and size of audit files that can reside in the audit pool. These attributes can either be explicitly specified, or copied in their entirety from an existing audit pool. The ADD AUDIT POOL command fully allocates all of the files (MAXFILES) of the pool.
ADD AUDIT POOL (FILESET) Command Commands ZSFG-TKN-PRIMARYEXTENT is an optional token that specifies the primary extent size, in 2048-byte pages, of the audit files that will be created in this audit pool. ZSFG-TKN-SECONDARYEXTENT is an optional token that specifies the secondary extent size, in 2048-byte pages, of the audit files that will be created in this audit pool.
ADD AUDIT POOL (FILESET) Command Commands ZCOM-ERR-SECUR-VIOL is returned if the requestor's process access ID does not have authority to perform the ADD AUDIT POOL command. For the rules for who can manage audit pool security, see the Safeguard Reference Manual. ZCOM-ERR-VSN-INCOMP is returned when the version of the command is greater than the subsystem version, and the command contains unknown tokens, or a field in a structured token is greater than the subsystem version.
ADD EVENT-EXIT-PROCESS (PROC) Command Commands ADD EVENT-EXIT-PROCESS (PROC) Command The ADD EVENT-EXIT-PROCESS command defines (adds) a configuration record for an event-exit process and optionally enables the event exit.
ADD EVENT-EXIT-PROCESS (PROC) Command Commands ZSFG-TKN-ENABLED is an optional token that specifies whether the event exit is to be started. The default is FALSE. If ZSFG-TKN-ENABLED is set to TRUE, ZSFG-TKN-PROGFNAME must contain the name of the object file to be run. ZSFG-TKN-RESPONSE-TIMEOUT is an optional token that specifies the number of seconds, from 1 to 900, that the Safeguard software is to wait for the event-exit process to respond to an event. The default value is five seconds.
ADD EVENT-EXIT-PROCESS (PROC) Command Commands ZSFG-TKN-SWAP-FNAME is an optional token that specifies the swap volume to be used with the event-exit process. The default is the same volume that contains the object program file for the event-exit process. ZSFG-TKN-CPUNO is an optional token that specifies the primary CPU in which the event-exit process is to be started. The default is any CPU. ZSFG-TKN-PRI is an optional token that specifies the priority at which the event exit process is to run.
ADD EVENT-EXIT-PROCESS (PROC) Command Commands ZCOM-ERR-VSN-INCOMP is returned when the version of the command is greater than the subsystem version, and the command contains unknown tokens, or when a field in a structured token is greater than the subsystem version. The error list contains the subsystem version. ZCOM-ERR-FS-ERR is returned when a file-system error occurs. The file-system error list describes the file-system error, the file-system procedure, and the file in question.
ADD EVENT-EXIT-PROCESS (PROC) Command Commands ZCOM-ERR-TKN-VAL-INV is returned when a token's value is invalid. The ZSPI-TKN-PARM-ERR within the error list defines the token that has an invalid value. ZCOM-ERR-TKN-REQ is returned when a required token is missing. ZSFG-ERR-CANT-START-PROCESS is returned when the event-exit process cannot be started because of a failure from Processs_Create_. ZSFG-ERR-MAX-PROC-EXCEEDED is returned if more than one event-exit process configuration record is specified.
ADD GROUP Command Commands ADD GROUP Command The ADD GROUP command adds a group definition record to the Safeguard database. Command ZCOM-CMD-ADD Object Type ZCOM-OBJ-GROUP Tokens in Command Buffer ZSPI-TKN-MANAGER ZSPI-TKN-MAXRESP ZSPI-TKN-RESPONSE-TYPE ZSPI-TKN-ALLOW-TYPE ZSPI-TKN-COMMENT ZCOM-TKN-OBJNAME ZSFG-MAP-OWNERID def ZSFG-DDL-OWNERID 02 ZTYPEID 02 ZGROUPNUM 02 ZUSERNUM end.
ADD GROUP Command Commands Command-Specific Tokens in the Command Buffer Unless otherwise stated, multiple occurrences of these tokens are not allowed. ZSPI-TKN-MANAGER ZSPI-TKN-MAXRESP ZSPI-TKN-RESPONSE-TYPE ZSPI-TKN-ALLOW-TYPE ZSPI-TKN-COMMENT are common standard tokens documented in the SPI Programming Manual. ZCOM-TKN-OBJNAME is a required token that contains the group name of the new group to be added.
ADD GROUP Command Commands ZSFG-TKN-DESC is an optional token that contains a text description of the group, up to 255 characters. ZSFG-TKN-MEMBERNAME is an optional token that contains a user name or user alias to be added to the group. ZSFG-MAP-OWNER-LIST is an optional structured token that specifies the secondary owners of the group. It contains the following fields: ZTYPEID specifies the type of user ID defined by ZGROUPNUM and ZUSERNUM.
ADD GROUP Command Commands Tokens in Response Buffer For a description of the tokens present in the response buffer for the ADD GROUP command, see Section 6, Common Definitions. Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), an informational warning, or an error. For the ADD GROUP command, an error list containing a warning can be returned even when ZSPI-TKN-RETCODE has the value ZCOM-ERR-OK.
ADD GROUP Command Commands ZSFG-ERR-NO-MEMBER-UPDATE is returned if an attempt to update the group list for the all group members fails. This is a warning that the command was only partially successful. ZSFG-ERR-GROUP-SECVIOL is returned if an internal error occurs while attempting to update a member's group list. ZSFG-ERR-GROUP-ID-NOTFOUND is returned if an internal error occurs while attempting to update a member's group list.
ADD PROTECTIONRECORD Command Commands ADD PROTECTIONRECORD Command This command adds an object protection record to the Safeguard database.
ADD PROTECTIONRECORD Command Commands ZSFG-TKN-PROCESS-ACCESS ZSFG-MAP-ACCESS def ZSFG-DDL-ACCESS 02 ZDENY 02 ZTYPEID 02 ZGROUPNUM 02 ZUSERNUM 02 ZREAD 02 ZWRITE 02 ZEXECUTE 02 ZPURGE 02 ZCREATE 02 ZOWNER 02 ZNODENUM end.
ADD PROTECTIONRECORD Command Commands ZSFG-TKN-TYPE specifies the type of protection record. This field must contain one of these values: ZSFG-VAL-TYPE-VOLUME ZSFG-VAL-TYPE-SUBVOLUME ZSFG-VAL-TYPE-DISKFILE ZSFG-VAL-TYPE-PAT-DISKFILE ZSFG-VAL-TYPE-DEVICE ZSFG-VAL-TYPE-SUBDEVICE ZSFG-VAL-TYPE-PROCESS ZSFG-VAL-TYPE-SUBPROCESS ZSFG-VAL-TYPE-OBJECTTYPE ZSFG-VAL-TYPE-OBJECTTYPE is used for both OBJECTTYPE records and security group records.
ADD PROTECTIONRECORD Command Commands ZSFG-TKN-PERSIST is an optional token that is valid only for ZSFG-VAL-TYPE-DISKFILE. This token specifies the persistence attribute of a protection record that allows the protection record to persist even though the file is purged. The default value is FALSE. ZSFG-TKN-PROGID is an optional token that is valid only for ZSFG-VAL-TYPE-DISKFILE. This token specifies the PROGID attribute of a program object file. The default value is FALSE.
ADD PROTECTIONRECORD Command Commands ZSFG-TKN-AUDIT-MANAGE-PASS is an optional token that specifies the audit action taken for successful attempts to manage (update or view) a protection record. This field must contain one of these values: ZSFG-VAL-AUDIT-ALL All successful management attempts are audited. ZSFG-VAL-AUDIT-LOCAL Only successful management attempts from the local system are audited. ZSFG-VAL-AUDIT-REMOTE Only successful management attempts from a remote system are audited.
ADD PROTECTIONRECORD Command Commands ZSFG-VAL-TYPEID-REMOTEANYONE ZSFG-VAL-TYPEID-NODESPECIFIC ZSFG-VAL-TYPEID-NODEGROUP ZSFG-VAL-TYPEID-NODEANYONE • • • • • • • • • ZGROUPNUM specifies the group number of users who are granted or denied access to the object. ZUSERNUM specifies the member number of users who are granted or denied access to the object. ZREAD specifies read access authority. ZWRITE specifies write access authority. ZEXECUTE specifies execute authority.
ADD PROTECTIONRECORD Command Commands ZSFG-TKN-DESC is an optional token that specifies a text string to be associated with the protection record. The text must consist of printable characters. The default value is no descriptive text. The maximum length of the string is 255 characters. Tokens in Response Buffer For a description of the tokens present in the response buffer for the ADD PROTECTIONRECORD command, see Section 6, Common Definitions.
ADD PROTECTIONRECORD Command Commands ZCOM-ERR-SPI-ERR is returned if one of the procedures (for example, SSGETTKN) returned an error. The SPI error list defines the procedure in error, the error status, and the token involved. ZCOM-ERR-SSID-INV is returned if the subsystem ID is in error. The error list identifies the invalid subsystem ID. ZCOM-ERR-TKN-CODE-INV is returned if an invalid, foreign, or unsupported token was found. The error list identifies the invalid token.
ADD PROTECTIONRECORD Command Commands ZSFG-ERR-MAX-ACL-EXCEEDED is returned when the number of ZSFG-MAP-ACCESS tokens exceeds the maximum allowed by the current product version of the Safeguard software. The error list token ZSFG-TKN-MAX-ACES defines the currently supported maximum access control entries (ACEs). ZSFG-ERR-ORPHANED-ACL is returned when the ACL is configured so that no owner has the authority to modify it. ZSFG-ERR-VOL-NONEXISTENT is returned when a specified volume does not exist.
ADD REMOTEPASSWORD Command Commands ADD REMOTEPASSWORD Command The ADD REMOTEPASSWORD command adds a remote password for a specified user to the Safeguard database.
ADD REMOTEPASSWORD Command Commands ALIAS:KEVINB\FOXII. ZSFG-TKN-REMOTEPASSWORD is a required token that specifies the remote password being added. Tokens in Response Buffer For a description of the tokens present in the response buffer for the ADD REMOTEPASSWORD command, see Section 6, Common Definitions. Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), an informational warning, or an error.
ADD REMOTEPASSWORD Command Commands ZCOM-ERR-SSID-INV is returned if the subsystem ID is in error. The error list identifies the invalid subsystem ID. ZCOM-ERR-TKN-CODE-INV is returned if an invalid, foreign, or unsupported token was found. The error list identifies the invalid token. ZCOM-ERR-TKN-DUP is returned if the same token is erroneously specified more than once in the request buffer. The error list identifies the duplicate token.
ADD TERMINAL (LU) Command Commands ADD TERMINAL (LU) Command The ADD TERMINAL (LU) command adds a terminal definition to the Safeguard database.
ADD TERMINAL (LU) Command Commands ZSFG-TKN-CI-LIB-XFNAME is an optional token that specifies the library (if any) associated with the aforementioned CI. ZSFG-TKN-CI-PCPU is an optional token that specifies the primary CPU where the CI is to be started. ZSFG-TKN-CI-NAME is an optional token that specifies the CI's process name. ZSFG-TKN-CI-SWAP is an optional token that specifies the CI's SWAP volume. ZSFG-TKN-CI-PRI is an optional token that specifies the CI's priority.
ADD TERMINAL (LU) Command Commands ZCOM-ERR-VSN-INCOMP is returned when the version of the command is greater than the subsystem version, and the command contains unknown tokens. Or a field in a structured token is greater than the subsystem version. The error list contains the subsystem version. ZCOM-ERR-FS-ERR is returned when a file-system error occurs. The file-system error list describes the file-system error, the file-system procedure, and the file in question.
ADD TERMINAL (LU) Command Commands ZCOM-ERR-TKN-VAL-INV is returned when a token's value is invalid. The ZSPI-TKN-PARM-ERR within the error list defines the token that has an invalid value. ZCOM-ERR-TKN-REQ is returned when a required token is missing. ZSFG-ERR-MAX-LUS-DEFINED is returned when the maximum number of terminals is already defined.
ADD USER Command Commands ADD USER Command The ADD USER command adds a user-authentication record to the Safeguard database. Command ZCOM-CMD-ADD Object Type ZCOM-OBJ-USER Tokens in Command Buffer ZSPI-TKN-MANAGER ZSPI-TKN-MAXRESP ZSPI-TKN-RESPONSE-TYPE ZSPI-TKN-ALLOW-TYPE ZSPI-TKN-COMMENT ZCOM-TKN-OBJNAME ZSFG-TKN-LIKE-OBJNAME token-type token-type token-type token-type token-type token-type token-type ZSFG-MAP-USERID def ZSFG-DDL-USERID 02 ZGROUPNUM 02 ZUSERNUM end.
ADD USER Command Commands ZSFG-MAP-DEFAULT-SECURITY def ZSFG-DDL-FILESECURITY 02 ZREAD 02 ZWRITE 02 ZEXECUTE 02 ZPURGE end.
ADD USER Command Commands ZSFG-TKN-PSWD-EXPIRY-GRACE token-type ZSPI-TYP-INT--> ZSFG-TKN-CI-XFNAME token-type ZSPI-TYP-STRING ZSFG-TKN-CI-LIB-XFNAME token-type ZSPI-TYP-STRING ZSFG-TKN-CI-NAME token-type ZSPI-TYP-CHAR6 ZSFG-TKN-CI-PCPU token-type ZSPI-TYP-INT ZSFG-TKN-CI-SWAP token-type ZSPI-TYP-STRING ZSFG-TKN-CI-PRI token-type ZSPI-TYP-INT ZSFG-TKN-CI-PARAM-TEXT token-type ZSPI-TYP-STRING ZSFG-TKN-INIT-DIR token-type ZSPI-TYP-STRING ZSFG-TKN-INIT-PROGNAME token-type ZSPI-TYP-STRING ZSFG-TKN-INIT-PROGTYP
ADD USER Command Commands other token. Any other tokens specified in the ADD command override the LIKE object. ZSFG-MAP-USERID is a required structured token that specifies the user ID of the user record being added. It contains these fields: ZGROUPNUM is the group number portion of the user ID. ZUSERNUM is the member number portion of the user ID. ZSFG-MAP-OWNERID is an optional structured token that specifies the primary owner of the user record being added.
ADD USER Command Commands ZSFG-VAL-TYPEID-NODEGROUP ZSFG-VAL-TYPEID-NODEANYONE ZGROUPNUM is the group number portion of the owner ID. ZUSERNUM is the member number portion of the owner ID. ZNODENUM is the Expand node number portion of the owner ID. ZSFG-TKN-PASSWORD is an optional token that specifies 8 characters password of the user being added. The default password is null, or no password. ZSFG-TKN-PASSWORD64 is an optional token that specifies 64 characters password of the alias being added.
ADD USER Command Commands ZSFG-VAL-FILESECURE-NET-USER ZSFG-VAL-FILESECURE-LOCAL-SUPER The default is ZSFG-VAL-FILESECURE-OWNER for each kind of access. ZSFG-TKN-USER-EXPIRES is an optional token that establishes a date and time after which the user can no longer log on to the system. The default expiration date is null, or no expiration date. ZSFG-TKN-PSWD-EXPIRES is an optional token that establishes a date and time after which the password for this user expires.
ADD USER Command Commands ZSFG-TKN-AUDIT-ACCESS-PASS is the same as ZSFG-TKN-AUDIT-AUTHEN-PASS. If you supply both tokens, ZSFG-TKN-AUDIT-AUTHEN-PASS takes precedence. ZSFG-TKN-AUDIT-AUTHEN-FAIL is an optional token that specifies the audit action taken for unsuccessful authentication attempts. This field must contain one of these values. ZSFG-VAL-AUDIT-ALL All unsuccessful attempts are audited. ZSFG-VAL-AUDIT-LOCAL Only unsuccessful attempts from the local system are audited.
ADD USER Command Commands The default is ZSFG-VAL-AUDIT-NONE. ZSFG-TKN-AUDIT-MANAGE-FAIL is an optional token that specifies the audit action taken for unsuccessful attempts to manage (update or view) the user authentication record. This field must contain one of these values: ZSFG-VAL-AUDIT-ALL All unsuccessful management attempts are audited. ZSFG-VAL-AUDIT-LOCAL Only unsuccessful management attempts from the local system are audited.
ADD USER Command Commands ZSFG-VAL-AUDIT-ALL All unsuccessful operations are audited. ZSFG-VAL-AUDIT-LOCAL Only unsuccessful operations from the local system are audited. ZSFG-VAL-AUDIT-REMOTE Only unsuccessful operations from a remote system are audited. ZSFG-VAL-AUDIT-NONE Unsuccessful operations are not audited. The default is ZSFG-VAL-AUDIT-NONE. ZSFG-TKN-DEFAULT-FROZEN is an optional Boolean token that specifies a default state (frozen or thawed) that is applied for any files created by the user.
ADD USER Command Commands ZSFG-TKN-CI-XFNAME is an optional token that specifies the name of the Command Interpreter (CI) that is to be started once the user is authenticated at a Safeguard terminal. ZSFG-TKN-CI-LIB-XFNAME is an optional token that specifies the library (if any) associated with the aforementioned CI. ZSFG-TKN-CI-PCPU is an optional token that specifies the primary CPU where the CI is to be started. ZSFG-TKN-CI-NAME is an optional token that specifies the CI's process name.
ADD USER Command Commands ZSFG-VAL-PROGTYPE-SERV The initial program type is SERVICE. ZSFG-VAL-PROGTYPE-WIN The initial program type is WINDOW. ZSFG-TKN-DESC-TEXT is an optional token that specifies a text string to be associated with the user authentication record. The text must consist of printable characters. This token is provided for documentation purposes and has no effect on the record. The default is no descriptive text. The maximum length of the string is 2048 characters.
ADD USER Command Commands ZCOM-ERR-NO-MEM-SPACE is returned when the Security Manager Process (SMP) cannot obtain memory to service the ADD request. Normally, this error should not occur, and it should be transient if it does occur. ZCOM-ERR-OBJ-ALRDY-DEF is returned if the specified user name ZCOM-TKN-OBJNAME has already been defined. ZCOM-ERR-OBJNAME-INV is returned if the specified user name ZCOM-TKN-OBJNAME is invalid.
ADD USER Command Commands ZCOM-ERR-TKN-REQ is returned when a required token is missing. The ZSFG-MAP-USERID mapped token is the only required token in an ADD USER command. ZCOM-ERR-VSN-INCOMP is returned when the version of the command is greater than the subsystem version, and the command contains unknown tokens. Or a field in a structured token is greater than the subsystem version. The error list contains the subsystem version.
ADD USER Command Commands ZSFG-ERR-GUARDALIASNAME is returned when the specified user name matches an existing alias name. ZSFG-ERR-OWNER-LIST-INV-OWNER Note. The ZSFG-ERR-OWNER-LIST-INV-OWNER command is supported only on systems running H06.07 and later H-series RVUs and G06.27 and later G-series RVUs. is returned when a user specified by the ZSFG-MAP-OWNER-LIST token does not exist. ZSFG-ERR-USERID-EXISTS is returned when the specified user ID already exists.
ADD USER Command Commands ZSFG-ERR-DESC-TEXTDATA-INVALID is returned if a text description was specified that contained nonprintable characters. The printable characters are: • • • • • Lowercase letters a through z Uppercase letters A through Z Digits 0 through 9 Special characters { } ! @ # $ % ^ & * ( ) - _ + = { } ~ ‘ : ; ? / > . < , .
ALTER ALIAS Command Commands ALTER ALIAS Command The ALTER ALIAS command alters a user alias authentication record.
ALTER ALIAS Command Commands ZSFG-MAP-OWNER-LIST def ZSFG-DDL-MULOWNENT 02 ZTYPEID 02 ZGROUPNUM 02 ZUSERNUM 02 ZNODENUM end. type ZSPI-TYP-MAP ZSFG-MAP-REMOVE-OWNERS def ZSFG-DDL-MULOWNENT 02 ZTYPEID 02 ZGROUPNUM 02 ZUSERNUM 02 ZNODENUM end.
ALTER ALIAS Command Commands ZSFG-TKN-DF-AUDIT-ACCESS-PASS ZSFG-TKN-DF-AUDIT-ACCESS-FAIL ZSFG-TKN-DF-AUDIT-MANAGE-PASS ZSFG-TKN-DF-AUDIT-MANAGE-FAIL MAP-DEFAULT-ACCESS type def ZSFG-DDL-ACCESS 02 ZDENY 02 ZTYPEID 02 ZGROUPNUM 02 ZUSERNUM 02 ZREAD 02 ZWRITE 02 ZEXECUTE 02 ZPURGE 02 ZCREATE 02 ZNODENUM end.
ALTER ALIAS Command Commands ZSFG-TKN-RESET-BIN-DESC ZSFG-TKN-RESET-STATIC-FAILLOG1 token-type ZSPI-TYP-BOOLEAN token-type ZSPI-TYP-BOOLEAN Tokens in Response Buffer ZSPI-TKN-DATALIST ZSPI-TKN-RETCODE ZCOM-TKN-OBJTYPE ZCOM-TKN-OBJNAME ZSPI-TKN-ERRLIST ZSPI-TKN-ENDLIST ZSPI-TKN-ENDLIST token-type ZSPI-TYP-LIST token-type ZSPI-TYP-ENUM token-type ZSPI-TYP-ENUM token-type ZSPI-TYP-STRING token-type ZSPI-TYP-LIST token-type ZSPI-TYP-SSCTL token-type ZSPI-TYP-SSCTL * Supported only on systems running H06.
ALTER ALIAS Command Commands ZSFG-TKN-RESET-TEXT-DESC is an optional token that resets the text description field associated with the alias record to a zero length and null value. The default is FALSE. ZSFG-TKN-RESET-BIN-DESC is an optional token that resets the binary description field associated with the alias record to a zero length and null value. The default is FALSE. ZSFG-TKN-RESET-STATIC-FAILLOG is a token that resets the STATIC FAILED LOGON COUNT associated with the alias to zero.
ALTER ALIAS Command Commands Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), an informational warning, or an error. These errors or warnings can occur in response to the ALTER ALIAS command: ZCOM-ERR-FS-ERR is returned when a file-system error occurs. The file-system error list describes the file-system error, the file-system procedure, and the file in question.
ALTER ALIAS Command Commands ZCOM-ERR-TKN-CODE-INV is returned if an invalid, foreign, or unsupported token is found. The error list identifies the invalid token. This token is returned if the request contained both PRIMARY-GROUPNAME and PRIMARY-GROUPID tokens. ZCOM-ERR-TKN-CNTXT-CODE-INV is returned when the command buffer contains more than one of these three tokens: ZSFG-TKN-PRIMARY-GROUPNAME, ZSFG-TKN-PRIMARYGROUPID, and ZSFG-TKN-RESET-PRIMARY-GROUP.
ALTER ALIAS Command Commands is returned if an invalid selection expression is specified. ZSFG-ERR-PSWD-QUAL-REJECT is returned when the event-exit process rejects the specified password. ZSFG-ERR-PSWD-QUAL-DENIED is returned when the event-exit process cannot rule on the specified password. ZSFG-ERR-PSWD-TOO-SHORT is returned when the specified password is shorter than PASSWORDMINIMUM-LENGTH. ZSFG-ERR-PSWD-LONG is returned when the specified password is longer than PASSWORDMAXIMUM-LENGTH.
ALTER ALIAS Command Commands ZSFG-ERR-OWNER-LIST-INV-OWNER Note. The ZSFG-ERR-OWNER-LIST-INV-OWNER command is supported only on systems running H06.07 and later H-series RVUs and G06.27 and later G-series RVUs. is returned when the alias name already exists as a user name. ZSFG-ERR-DESC-TEXTDATA-INVALID is returned if a text description was specified that contained nonprintable characters.
ALTER AUDIT POOL Command Commands ALTER AUDIT POOL Command The ALTER AUDIT POOL command alters the parameters that control disk space allocation in an existing audit pool.
ALTER AUDIT POOL Command Commands Tokens in Response Buffer For a description of the tokens present in the response buffer for the ALTER AUDIT POOL command, see Section 6, Common Definitions. Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), an informational warning, or an error.
ALTER EVENT-EXIT-PROCESS (PROC) Command Commands ALTER EVENT-EXIT-PROCESS (PROC) Command The ALTER EVENT-EXIT-PROCESS command alters a configuration record for an event-exit process.
ALTER EVENT-EXIT-PROCESS (PROC) Command Commands Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), a warning, or an error. These errors can occur in response to the ADD EVENT-EXIT-PROCESS command: ZCOM-ERR-SECUR-VIOL is returned if the requestor's process access ID does not have authority to execute the ALTER EVENT-EXIT-PROCESS command.
ALTER EVENT-EXIT-PROCESS (PROC) Command Commands ZCOM-ERR-TKN-CODE-INV is returned if an invalid, foreign, or unsupported token was found. The error list identifies the invalid token. ZCOM-ERR-TKN-DUP is returned if the same token is specified more than once in the request buffer. The error list identifies the duplicate token. ZCOM-ERR-TKN-LEN-INV is returned when a token's length is invalid. The ZSPI-TKN-PARM-ERR within the error list defines the token that has an invalid length.
ALTER GROUP Command Commands ALTER GROUP Command The ALTER GROUP command alters a group definition record.
ALTER GROUP Command Commands * Supported only on systems running H06.25 and later H-series RVUs and J06.14 and later J-series RVUs. Command-Specific Tokens in the Command Buffer See the token descriptions under the ADD GROUP command. ZCOM-TKN-OBJNAME is a required token that specifies the groups to alter. If the object name begins with a pound-sign (#), the remainder of the string is assumed to be a group number expressed as a decimal ASCII string.
ALTER GROUP Command Commands ZSFG-VAL-TYPEID-LOCALSPECIFIC ZSFG-VAL-TYPEID-REMOTESPECIFIC ZSFG-VAL-TYPEID-LOCALGROUP ZSFG-VAL-TYPEID-REMOTEGROUP ZSFG-VAL-TYPEID-LOCALANYONE ZSFG-VAL-TYPEID-REMOTEANYONE ZSFG-VAL-TYPEID-NODESPECIFIC ZSFG-VAL-TYPEID-NODEGROUP ZSFG-VAL-TYPEID-NODEANYONE ZGROUPNUM is the group number portion of the owner ID. ZUSERNUM is the member number portion of the owner ID. ZNODENUM is the expand node number portion of the owner ID. Note.
ALTER GROUP Command Commands ZCOM-ERR-OBJNAME-INV is returned if the specified group name (ZCOM-TKN-OBJNAME) is invalid or the group number is out of range. ZCOM-ERR-TKN-VAL-INV is returned when a token's value is invalid. For example, the group number is out of range, or the member name does not specify an existing user. ZCOM-ERR-TKN-REQ is returned when a required token is missing. ZCOM-ERR-OBJ-NOT-FOUND is returned if the specified group ZCOM-TKN-OBJNAME does not exist.
ALTER GROUP Command Commands ZSFG-ERR-MAX-OWN-EXCEEDED Note. The ZSFG-ERR-MAX-OWN-EXCEEDED command is supported only on systems running J06.14 and later J-series RVUs and H06.25 and later H-series RVUs. is returned if the number of ZSFG-MAP-OWNER-LIST token exceeds the maximum owners allowed by Safeguard. The error list token ZSFG-TKNMAXOWNENTRIES defines the currently supported maximum owners in an OWNER-LIST.
ALTER PROTECTIONRECORD Command Commands ALTER PROTECTIONRECORD Command The ALTER PROTECTIONRECORD command alters an object protection record.
ALTER PROTECTIONRECORD Command Commands 02 ZPURGE 02 ZCREATE 02 ZOWNER 02 ZNODENUM end. ZSFG-MAP-REMOVE-ACCESS def ZSFG-DDL-ACCESS 02 ZDENY 02 ZTYPEID 02 ZGROUPNUM 02 ZUSERNUM 02 ZREAD 02 ZWRITE 02 ZEXECUTE 02 ZPURGE 02 ZCREATE 02 ZOWNER 02 ZNODENUM end.
ALTER PROTECTIONRECORD Command Commands ZSFG-MAP-REMOVE-ACCESS is an optional token that specifies the removal of an ACL entry. Multiple occurrences of this token are allowed. It contains these fields: ZTYPEID specifies the type of user ID defined at ZGROUPNUM and ZUSERNUM.
ALTER PROTECTIONRECORD Command Commands ZSFG-TKN-TRUST is an optional token that is valid only for ZSFG-VAL-TYPE-DISKFILE. This token specifies the TRUST attribute setting of a program object file. It is supported in the H-series product version only. The field must contain one of these values: ZSFG-VAL-TRUST-ME The TRUST setting is ME; that is, the program file is to be trusted to not access the buffers private to the process before I/O completion.
ALTER PROTECTIONRECORD Command Commands ZCOM-ERR-OBJ-NOT-FOUND is returned if the specified object ZCOM-TKN-OBJNAME does not exist. ZCOM-ERR-OBJNAME-INV is returned if the specified object ZCOM-TKN-OBJNAME is not valid. ZCOM-ERR-SECUR-VIOL is returned if the requestor's process access ID does not have authority to perform the ALTER PROTECTION. For the rules for who can manage object security, see the Safeguard Reference Manual.
ALTER PROTECTIONRECORD Command Commands ZSFG-ERR-MAX-ACL-EXCEEDED is returned when the number of ZSFG-MAP-ACCESS tokens exceeds the maximum allowed by the current product version of the Safeguard software. The error list token ZSFG-TKN-MAX-ACES defines the currently supported maximum Access Control Entries (ACEs). ZSFG-ERR-LICENSENONOBJ is returned when the disk file being licensed is not an object file.
ALTER REMOTEPASSWORD Command Commands ALTER REMOTEPASSWORD Command The ALTER REMOTEPASSWORD command alters a user’s remote password.
ALTER REMOTEPASSWORD Command Commands ZCOM-ERR-FS-ERR is returned when a file-system error occurs. The file-system error list describes the file-system error, the file-system procedure, and the file in question. ZCOM-ERR-NO-MEM-SPACE is returned when the Security Manager Process (SMP) cannot obtain memory to service the ALTER request. Normally, this error should not occur, and it should be transient if it does occur. ZCOM-ERR-OBJ-NOT-FOUND is returned if the specified user ZCOM-TKN-OBJNAME does not exist.
ALTER REMOTEPASSWORD Command Commands ZCOM-ERR-TKN-LEN-INV is returned when a token's length is invalid. ZSPI-TKN-PARM-ERR within the error list defines the token that has an invalid length. ZCOM-ERR-TKN-VAL-INV is returned when a token's value is invalid. ZSPI-TKN-PARM-ERR within the error list defines the token that has an invalid value. ZSFG-ERR-SYS-NOT-FOUND is returned if the system identified by the ZCOM-TKN-OBJNAME does not exist.
ALTER SUBSYSTEM Command Commands ALTER SUBSYSTEM Command The ALTER SUBSYSTEM command alters the Safeguard configuration attributes.
Commands ZSFG-TKN-CHECK-SUBPROCESS ZSFG-TKN-DIRECTION-PROCESS ZSFG-TKN-COMBINATION-PROCESS ZSFG-TKN-ACL-REQUIRED-PROCESS ZSFG-TKN-CHECK-VOLUME ZSFG-TKN-CHECK-SUBVOL ZSFG-TKN-CHECK-FILENAME ZSFG-TKN-DIRECTION-DISKFILE ZSFG-TKN-COMBINATION-DISKFILE ZSFG-TKN-ACL-REQUIRED-DISKFILE ZSFG-TKN-CLEARONPURGE ZSFG-TKN-AUDIT-AUTHEN-PASS ZSFG-TKN-AUDIT-AUTHEN-FAIL ZSFG-TKN-AUDIT-USER-MAN-PASS ZSFG-TKN-AUDIT-USER-MAN-FAIL ZSFG-TKN-AUDIT-OBJECT-MAN-PASS ZSFG-TKN-AUDIT-OBJECT-MAN-FAIL ZSFG-TKN-AUDIT-OBJECT-ACC-PASS ZSFG-T
ALTER SUBSYSTEM Command Commands ZSFG-TKN-CMON-TIMEOUT ZSFG-TKN-CMON-ERROR ZSFG-TKN-BLINDLOGON ZSFG-TKN-NAMELOGON ZSFG-TKN-LU-EXCLUSIVE-ACCESS ZSFG-TKN-CURRENTAUDITPOOL ZSFG-TKN-NEXTAUDITPOOL ZSFG-TKN-WRITETHROUGHCACHE ZSFG-TKN-EOFREFRESH ZSFG-TKN-AUDITRECOVERY ZSFG-TKN-WARN-SYSTEM-LEVEL ZSFG-TKN-WARN-FALLBACK ZSFG-TKN-AUD-CLIENT-SERVICE ZSFG-TKN-AUD-CLIENT-OSS* ZSFG-TKN-ALLOW-DF-PERST ZSFG-TKN-WARN-OBJECT-LEVEL ZSFG-TKN-ALLOW-NODE-ACL ZSFG-TKN-CHECK-PAT-DISKFILE ZSFG-TKN-PSWD-MAX-LENGTH$ ZSFG-TKN-PSWD-CO
ALTER SUBSYSTEM Command Commands ZSFG-TKN-AUDIT-EXCLUDE-FIELD@ ZSFG-TKN-AUDIT-EXCLUDE-VALUE@ ZSFG-TKN-AUD-OSS-FILTER1 ZSFG-TKN-AUD-TACL-LOGOFF2 ZSFG-TKN-DYNAMIC-PROC-UPDATE3 ZSFG-TKN-PROMPT-BEFORE-STOP4 token-type token-type token-type token-type token-type token-type ZSPI-TYP-STRING ZSPI-TYP-INT ZSPI-TYP-BOOLEAN ZSPI-TYP-BOOLEAN ZSPI-TYP-BOOLEAN ZSPI-TYP-BOOLEAN Tokens in Response Buffer ZSPI-TKN-DATALIST ZSPI-TKN-RETCODE ZCOM-TKN-OBJTYPE ZSPI-TKN-ERRLIST ZSPI-TKN-ENDLIST token-type token-type token-
ALTER SUBSYSTEM Command Commands ZUNITS specifies the unit of ZVALUE. This field must contain one of these values: ZSFG-VAL-UNITS-SECONDS ZSFG-VAL-UNITS-MINUTES ZSFG-VAL-UNITS-HOURS ZSFG-VAL-UNITS-DAYS ZSFG-VAL-UNITS-WEEKS ZSFG-VAL-UNITS-MONTHS ZSFG-VAL-UNITS-YEARS ZSFG-TKN-PSWD-HISTORY is an optional token that specifies the number of previous passwords to retain in a password database organized by user ID. Any new passwords must be different from all the previous passwords.
ALTER SUBSYSTEM Command Commands ZSFG-TKN-DIRECTION-DEVICE is an optional token that specifies the direction in which device and subdevice ACLs are consulted. This field must contain one of these values: ZSFG-VAL-DIRECTION-TOP-DOWN ZSFG-VAL-DIRECTION-BOTTOM-UP The default is ZSFG-VAL-DIRECTION-TOP-DOWN. ZSFG-TKN-COMBINATION-DEVICE is an optional token that specifies the method by which overlapping ACLs are resolved for access to devices and subdevices.
ALTER SUBSYSTEM Command Commands The default is ZSFG-VAL-COMBINATION-1ST-ACL. ZSFG-TKN-ACL-REQUIRED-PROCESS is an optional token that specifies whether the absence of an ACL for a process or subprocess precludes access. The default is FALSE. ZSFG-TKN-CHECK-VOLUME is an optional token that specifies whether the volume ACL is consulted to determine access to volumes, subvolumes and disk files. The default value is FALSE.
ALTER SUBSYSTEM Command Commands Note. Once set to TRUE, the value of this attribute remains effective even after the Safeguard subsystem is stopped. If you want this feature to be effective only when the Safeguard is up, you must set the value to FALSE before stopping Safeguard. ZSFG-TKN-AUDIT-AUTHEN-PASS is an optional token that specifies auditing for successful authentication attempts of all users. This field must contain one of these values: ZSFG-VAL-AUDIT-ALL All successful attempts are audited.
ALTER SUBSYSTEM Command Commands The default is ZSFG-VAL-AUDIT-NONE. ZSFG-TKN-AUDIT-USER-MAN-FAIL is an optional token that specifies auditing for unsuccessful authentication record accesses of all users. This field must contain one of these values: ZSFG-VAL-AUDIT-ALL All unsuccessful management attempts are audited. ZSFG-VAL-AUDIT-LOCAL Only unsuccessful management attempts from the local system are audited.
ALTER SUBSYSTEM Command Commands ZSFG-TKN-AUDIT-OBJECT-ACC-PASS ZSFG-TKN-AUDIT-DEVICE-ACC-PASS ZSFG-TKN-AUDIT-PROC-ACC-PASS ZSFG-TKN-AUDIT-FILE-ACC-PASS are optional tokens that specify additional auditing for successful accesses of all system objects, devices, processes, and disk files, respectively. This field must contain one of these values: ZSFG-VAL-AUDIT-ALL ZSFG-VAL-AUDIT-LOCAL ZSFG-VAL-AUDIT-REMOTE ZSFG-VAL-AUDIT-NONE The default is ZSFG-VAL-AUDIT-NONE.
ALTER SUBSYSTEM Command Commands ZSFG-TKN-CI-XFNAME ZSFG-TKN-CI-LIB-XFNAME ZSFG-TKN-CI-PCPU ZSFG-TKN-CI-PRI ZSFG-TKN-CI-SWAP ZSFG-TKN-CI-PARAM-TEXT describe the default CI to be started if a CI is not defined for the LU (terminal) or the user. For a description of these tokens, see the ADD TERMINAL (LU) Command on page 7-50.
ALTER SUBSYSTEM Command Commands ZSFG-TKN-NAMELOGON is an optional token that specifies user IDs are not allowed during any logon. The default value is TRUE. ZSFG-TKN-LU-EXCLUSIVE-ACCESS is an optional token that specifies whether a user logged on at a Safeguard terminal has exclusive access to that terminal until the user logs off. The default value is FALSE. ZSFG-TKN-CURRENTAUDITPOOL is an optional token that specifies the current audit pool to be used.
ALTER SUBSYSTEM Command Commands ZSFG-TKN-WARN-SYSTEM-LEVEL is an optional token that specifies whether warning mode is enabled. In warning mode, Safeguard access control lists are ignored. The default is FALSE, which indicates that warning mode is disabled. ZSFG-TKN-WARN-FALLBACK is an optional token that specifies Guardian security strings are to be enforced when warning mode is enabled. The allowable token values are: ZSFG-VAL-FALLBACKGUARDIAN Guardian rules are to be enforced.
ALTER SUBSYSTEM Command Commands ZSFG-TKN-CHECK-PAT-DISKFILE is an optional token that enables, disables, and determines the search order for disk file patterns. The default value is OFF. The defined values are: ZSFG-VAL-CHECK-PAT-FIRST specifies that pattern searching will occur first, and if and only if the result is NORECORD then the normal search for a protection record will occur.
ALTER SUBSYSTEM Command Commands ZSFG-TKN-PSWD-ALGTHM is an optional token that specifies the password algorithm. The defined values are: ZSFG-VAL-PSWD-ALGTHM-DES specifies that passwords will be encrypted using the DES algorithm. ZSFG-VAL-PSWD-ALGTHM- HMAC256 specifies that passwords will be encrypted using the HMAC and SHA256 algorithms. Note. This token is supported only on systems running H06.06 and later H-series RVUs and G06.29 and later G-series RVUs.
ALTER SUBSYSTEM Command Commands ZSFG-TKN-PSWD-REQ-UPCASE is an optional token and its initial value is ZSPIVAL-FALSE. Note. The attribute ZSFG-TKN-PSWD-REQ-UPCASE is supported only on systems running H06.09 and later H-series RVUs and G06.31 and later G-series RVUs. ZSFG-TKN-PSWD-REQ-MIN-UPCASE indicates the minimum number of uppercase characters required in a password when it is set or changed. The ZSFG-TKN-PSWD-REQ-MIN-UPCASE attribute can have values from 0 through 8. The default value is 0.
ALTER SUBSYSTEM Command Commands If ZSFG-TKN-PSWD-REQ-NUMERIC is set to ZSPI-VAL-FALSE, the user will not be enforced to specify a numeric character in the password. ZSFG-TKN-PSWD-REQ-NUMERIC is an optional token and its initial value is ZSPI-VAL-FALSE. Note. The attribute ZSFG-TKN-PSWD-REQ-NUMERIC is supported only on systems running H06.09 and later H-series RVUs and G06.31 and later G-series RVUs.
ALTER SUBSYSTEM Command Commands Leading, trailing spaces, or contiguous embedded spaces are not allowed. Spaces are only allowed in passwords when ZSFG-TKN-PSWD-ENCRYPT is set to ZSPIVAL-TRUE and ZSFG-TKN-PSWD-ALGTHM is ZSFG-VAL-PSWD-ALGTHMHMAC256. ZSFG-TKN-PSWD-SPACES-ALLOWED is an optional token and its initial value is ZSPI-VAL-FALSE. Note. The attribute ZSFG-TKN-PSWD-SPACES-ALLOWED is supported only on systems running H06.09 and later H-series RVUs and G06.31 and later G-series RVUs.
ALTER SUBSYSTEM Command Commands ZSFG-TKN-AUDIT-EXCLUDE-FIELD specifies the field name in a primary audit record that must be considered for exclusion during generation of NonStop client audit events. This token, if specified, must be used in conjunction with the token ZSFG-TKN-AUDIT-EXCLUDE-VALUE. ZSFG-TKN-AUDIT-EXCLUDE-FIELD is an optional token and its default value is ZSFG-VAL-AUDEXC-NONE. Table 7-3 lists the different AUDIT-EXCLUDE-VALUES each AUDIT-EXCLUDEFIELD can take.
ALTER SUBSYSTEM Command Commands Table 7-3.
ALTER SUBSYSTEM Command Commands Table 7-3.
ALTER SUBSYSTEM Command Commands Table 7-3.
ALTER SUBSYSTEM Command Commands Table 7-3.
ALTER SUBSYSTEM Command Commands Table 7-3. AUDIT-EXCLUDE-FIELDs and their corresponding values (page 5 of 5) AUDIT-EXCLUDE-FIELD ZSFG-VAL-AUDEXCOWNERISREMOTE Values for AUDIT-EXCLUDE-VALUE • • • • • • • • • • OSSFILESET SOCKET SYMLINK TTY PROCESSGROUP OSSPROCESS REMOTE LOCAL NONE UNKNOWN The following AUDIT-EXCLUDE-FIELD values have dynamic variable names and therefore no enums are defined.
ALTER SUBSYSTEM Command Commands • • • • • • ZSFG-VAL-AUDEXC-CREATORSYSTEMNUMBER ZSFG-VAL-AUDEXC-CREATORPROCESSNAME ZSFG-VAL-AUDEXC-CREATORAUTHLOCNAME ZSFG-VAL-AUDEXC-CREATORTERMINALNAME ZSFG-VAL-AUDEXC-CREATORAUTHLOCNUMBER ZSFG-VAL-AUDEXC-OBJECTNAME ZSFG-TKN-AUDIT-EXCLUDE-VALUE specifies the set of values (up to five) for the corresponding field names specified in the ZSFG-TKN-AUDIT-EXCLUDE-FIELD token. This token, must be used in conjunction with the token ZSFG-TKN-AUDIT-EXCLUDE-FIELD.
ALTER SUBSYSTEM Command Commands ZSFG-TKN-DYNAMIC-PROC-UPDATE ZSPI-VAL-TRUE specifies that the process identity attributes (AUDIT-USERACTION-PASS, AUDIT-USER-ACTION-FAIL, primary group, supplementary group list, and group count) are updated dynamically when the audit and group attributes of the corresponding user are modified. The default value is ZSPI-VAL-FALSE. Note. This token is supported only on systems running J06.10 and later J-series RVUs, and H06.21 and later H-series RVUs.
ALTER SUBSYSTEM Command Commands ZCOM-ERR-SPI-ERR is returned if one of the procedures (for example, SSGETTKN) returned an error. The SPI error list defines the procedure in error, the error status, and the token involved. ZCOM-ERR-SSID-INV is returned if the subsystem ID is in error. The error list identifies the invalid subsystem ID. ZCOM-ERR-TKN-CODE-INV is returned if an invalid, foreign, or unsupported token was found. The error list identifies the invalid token.
ALTER TERMINAL (LU) Command Commands ALTER TERMINAL (LU) Command The ALTER TERMINAL (LU) command alters, or modifies, an LU (terminal) definition.
ALTER TERMINAL (LU) Command Commands Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), an informational warning, or an error. These errors or warnings can occur in response to the ALTER TERMINAL command: ZCOM-ERR-SECUR-VIOL is returned if the requestor's process access ID does not have authority to perform the ALTER TERMINAL command.
ALTER TERMINAL (LU) Command Commands ZCOM-ERR-TKN-DUP is returned if the same token is specified more than once in the request buffer. The error list identifies the duplicate token. ZCOM-ERR-TKN-LEN-INV is returned when a token's length is invalid. The ZSPI-TKN-PARM-ERR within the error list defines the token that has an invalid length. ZCOM-ERR-TKN-VAL-INV is returned when a token's value is invalid. The ZSPI-TKN-PARM-ERR within the error list defines the token that has an invalid value.
ALTER USER Command Commands ALTER USER Command The ALTER USER command alters a user authentication record.
ALTER USER Command Commands ZSFG-MAP-REMOVE-OWNERS def ZSFG-DDL-MULOWNENT 02 ZTYPEID 02 ZGROUPNUM 02 ZUSERNUM 02 ZNODENUM end. type ZSPI-TYP-MAP type type type type ZSPI-DDL-ENUM ZSPI-DDL-INT ZSPI-DDL-INT ZSPI-DDL-INT ZSFG-TKN-PASSWORD ZSFG-TKN-PASSWORD64 ** ZSFG-TKN-DEFAULT-VOLSUBVOL ZSFG-MAP-DEFAULT-SECURITY def ZSFG-DDL-FILESECURITY 02 ZREAD 02 ZWRITE 02 ZEXECUTE 02 ZPURGE end.
ALTER USER Command Commands ZSFG-MAP-DEFAULT-ACCESS def ZSFG-DDL-ACCESS 02 ZDENY 02 ZTYPEID 02 ZGROUPNUM 02 ZUSERNUM 02 ZREAD 02 ZWRITE 02 ZEXECUTE 02 ZPURGE 02 ZCREATE 02 ZNODENUM end. ZSFG-MAP-REMOVE-DF-ACCESS def ZSFG-DDL-ACCESS 02 ZDENY 02 ZTYPEID 02 ZGROUPNUM 02 ZUSERNUM 02 ZREAD 02 ZWRITE 02 ZEXECUTE 02 ZPURGE 02 ZCREATE 02 ZOWNER 02 ZNODENUM end.
ALTER USER Command Commands Tokens in Response Buffer ZSPI-TKN-DATALIST ZSPI-TKN-RETCODE ZCOM-TKN-OBJTYPE ZCOM-TKN-OBJNAME ZSPI-TKN-ERRLIST ZSPI-TKN-ENDLIST ZSPI-TKN-ENDLIST ** token-type token-type token-type token-type token-type token-type token-type ZSPI-TYP-LIST ZSPI-TYP-ENUM ZSPI-TYP-ENUM ZSPI-TYP-STRING ZSPI-TYP-LIST ZSPI-TYP-SSCTL ZSPI-TYP-SSCTL Supported only on systems running H06.09 and later H-series RVUs and G06.31 and later G-series RVUs.
ALTER USER Command Commands ZSFG-TKN-RESET-TEXT-DESC is an optional token that resets the text description field for the user authentication record to a zero length and null value. The default is FALSE. ZSFG-TKN-RESET-BIN-DESC is an optional token that resets the binary description field for the user authentication record to a zero length and null value. The default is FALSE. ZSFG-MAP-REMOVE-OWNERS is an optional structured token that specifies owners to be removed from the secondary owner list.
ALTER USER Command Commands ZCOM-ERR-NO-MEM-SPACE is returned when the Security Manager Process (SMP) cannot obtain memory to service the ALTER request. Normally, this error should not occur, and it should be transient if it does occur. ZCOM-ERR-OBJ-NOT-FOUND is returned if the specified user ZCOM-TKN-OBJNAME does not exist. ZCOM-ERR-OBJNAME-INV is returned if the specified user ZCOM-TKN-OBJNAME is invalid.
ALTER USER Command Commands ZCOM-ERR-VSN-INCOMP is returned when the version of the command is greater than the subsystem version and the command contains unknown tokens, or a field in a structured token is greater than the subsystem version. The error list contains the subsystem version. ZSFG-ERR-SMALLUSERIDFILE is returned when the USERID file's record size is too small to support defaultprotection. The USERID and USERIDAK files must be converted to a larger record size (900 bytes) to avoid this error.
ALTER USER Command Commands ZSFG-ERR-PRI-GROUP-NOTFOUND is returned if an internal error occurs while attempting to update the primary group for the user. is returned if an invalid selection expression is specified. ZSFG-ERR-PSWD-QUAL-REJECT is returned when the event-exit process rejects the specified password. ZSFG-ERR-PSWD-QUAL-DENIED is returned when the event-exit process cannot rule on the specified password.
DELETE ALIAS Command Commands • • Special characters { } ! @ # $ % ^ & * ( ) - _ + = { } ~ ‘ : ; ? / > . < , . Space DELETE ALIAS Command The DELETE ALIAS command deletes a user alias authentication record.
DELETE ALIAS Command Commands Tokens in the Response Buffer For a description of the tokens present in the buffer received in response to a DELETE ALIAS command, see Section 6, Common Definitions. Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), an informational warning, or an error.
DELETE AUDIT POOL Command Commands ZCOM-ERR-SSID-INV is returned if the subsystem ID is in error. The error list identifies the invalid subsystem ID. ZSFG-ERR-SEL-CMPR-INV is returned if an invalid selection expression is specified. DELETE AUDIT POOL Command The DELETE AUDIT POOL command removes an audit pool definition. All audit files of the audit pool must be empty (released) in order for this command to be successful.
DELETE AUDIT POOL Command Commands Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), an informational warning, or an error. These errors or warnings can occur in response to the DELETE AUDIT POOL command: ZCOM-ERR-FS-ERR is returned when a file-system error occurs. The file-system error list describes the file-system error, the file-system procedure, and the file in question.
DELETE EVENT-EXIT-PROCESS (PROC) Command Commands DELETE EVENT-EXIT-PROCESS (PROC) Command The DELETE EVENT-EXIT-PROCESS (PROC) command deletes a Safeguard terminal definition.
DELETE EVENT-EXIT-PROCESS (PROC) Command Commands ZCOM-ERR-FS-ERR is returned when a file-system error occurs. The file-system error list describes the file-system error, the file-system procedure, and the file in question. ZCOM-ERR-NO-MEM-SPACE is returned when the Security Manager Process (SMP) cannot obtain memory to service the DELETE request. Normally, this error should not occur, and it should be transient if it does occur.
DELETE PROTECTIONRECORD Command Commands DELETE PROTECTIONRECORD Command The DELETE PROTECTIONRECORD command deletes a Safeguard object protection record.
DELETE PROTECTIONRECORD Command Commands ZCOM-ERR-FS-ERR is returned when a file-system error occurs while accessing the $volume.SAFE.GUARD file, accessing the $SYSTEM.SAFE.OTHER file, accessing the file being protected, or updating the audit file. The file-system error list describes the file-system error, the file-system procedure, and the file in question. ZCOM-ERR-NO-MEM-SPACE is returned when the Security Manager Process (SMP) cannot obtain memory to service the DELETE request.
DELETE GROUP Command Commands ZSFG-ERR-PAT-BAD-PATNAME is returned if the pattern-spec does not include at least one wildcard in either the subvolume or file name for a diskfile-pattern protection record command. DELETE GROUP Command The DELETE GROUP command deletes a Safeguard group definition record.
DELETE GROUP Command Commands Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), an informational warning, or an error. These errors or warnings can occur in response to the DELETE GROUP command: ZCOM-ERR-OBJ-NOT-FOUND is returned if the specified group name ZCOM-TKN-OBJNAME does not exist. ZCOM-ERR-OBJNAME-INV is returned if the specified group name ZCOM-TKN-OBJNAME is not valid.
DELETE REMOTEPASSWORD Command Commands DELETE REMOTEPASSWORD Command The DELETE REMOTEPASSWORD command deletes a user’s remote password.
DELETE REMOTEPASSWORD Command Commands ZCOM-ERR-NO-MEM-SPACE is returned when the Security Manager Process (SMP) cannot obtain memory to service the DELETE request. Normally, this error should not occur, and it should be transient if it does occur. ZCOM-ERR-OBJ-NOT-FOUND is returned if the specified user ZCOM-TKN-OBJNAME does not exist. ZCOM-ERR-OBJNAME-INV is returned if the specified user name ZCOM-TKN-OBJNAME is not valid.
DELETE TERMINAL (LU) Command Commands DELETE TERMINAL (LU) Command The DELETE TERMINAL (LU) command deletes a Safeguard terminal definition.
DELETE TERMINAL (LU) Command Commands ZCOM-ERR-FS-ERR is returned when a file-system error occurs. The file-system error list describes the file-system error, the file-system procedure, and the file in question. ZCOM-ERR-NO-MEM-SPACE is returned when the Security Manager Process (SMP) cannot obtain memory to service the DELETE request. Normally, this error should not occur, and it should be transient if it does occur.
DELETE USER Command Commands DELETE USER Command The DELETE USER command deletes a Safeguard user authentication record. Command ZCOM-CMD-DELETE Object Type ZCOM-OBJ-USER Tokens in Command Buffer ZSPI-TKN-MANAGER ZSPI-TKN-MAXRESP ZSPI-TKN-RESPONSE-TYPE ZSPI-TKN-ALLOW-TYPE ZSPI-TKN-COMMENT ZCOM-TKN-OBJNAME ZSPI-TKN-SEL-OPERAND def ZSPI-DDL-SEL-OPERAND 02 ZVALUE-TYPE 02 ZTKNCODE 02 ZINDEX 02 ZFUTURE1 02 ZFUTURE2 02 ZFUTURE3 02 ZFUTURE4 02 ZFUTURE5 end.
DELETE USER Command Commands Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), an informational warning, or an error. These errors or warnings can occur in response to the DELETE USER command: ZCOM-ERR-FS-ERR is returned when a file-system error occurs. The file-system error list describes the file-system error, the file-system procedure, and the file in question.
GETVERSION Command Commands ZSFG-ERR-ORPHANEDALIAS is returned if the specified user has aliases associated with it. GETVERSION Command The GETVERSION command returns version information for the Safeguard subsystem.
GETVERSION Command Commands ZCMK-TKN-PKG-BANNER is a type CHAR50 token whose content is the server ID banner of the common kernel (CMK) consisting of the CMK product name, CMK product number, and CMK release date. Operational Notes No summary state transition is associated with the GETVERSION command. Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is either a number identifying successful completion (ZCOM-ERR-OK) or an error.
INFO ALIAS Command Commands INFO ALIAS Command The INFO ALIAS command retrieves the attribute values currently stored in an alias authentication record. Command ZCOM-CMD-INFO Object Type ZCOM-OBJ-ALIAS Tokens in Command Buffer ZSPI-TKN-MANAGER ZSPI-TKN-MAXRESP ZSPI-TKN-CONTEXT ZSPI-TKN-RESPONSE-TYPE ZSPI-TKN-ALLOW-TYPE ZSPI-TKN-COMMENT ZCOM-TKN-OBJNAME ZSPI-TKN-SEL-OPERAND def ZSPI-DDL-SEL-OPERAND 02 ZVALUE-TYPE 02 ZTKNCODE 02 ZINDEX 02 ZFUTURE1 02 ZFUTURE2 02 ZFUTURE3 02 ZFUTURE4 02 ZFUTURE5 end.
INFO ALIAS Command Commands ZSFG-TKN-USERNAME token-type ZSPI-TYP-STRING ZSFG-MAP-USERID def ZSFG-DDL-USERID 02 ZGROUPNUM 02 ZUSERNUM end. type ZSPI-TYP-MAP ZSFG-MAP-OWNERID def ZSFG-DDL-OWNERID 02 ZTYPEID 02 ZGROUPNUM 02 ZUSERNUM end. type ZSPI-TYP-MAP ZSFG-MAP-OWNER-LIST def ZSFG-DDL-MULOWNENT 02 ZTYPEID 02 ZGROUPNUM 02 ZUSERNUM 02 ZNODENUM end. ZSFG-TKN-DEFAULT-VOLSUBVOL ZSFG-MAP-DEFAULT-SECURITY def ZSFG-DDL-FILESECURITY 02 ZREAD 02 ZWRITE 02 ZEXECUTE 02 ZPURGE end.
INFO ALIAS Command Commands ZSFG-TKN-DF-AUDIT-ACCESS-PASS ZSFG-TKN-DF-AUDIT-ACCESS-FAIL ZSFG-TKN-DF-AUDIT-MANAGE-PASS ZSFG-TKN-DF-AUDIT-MANAGE-FAIL token-type token-type token-type token-type ZSFG-MAP-DEFAULT-ACCESS def ZSFG-DDL-ACCESS 02 ZDENY 02 ZTYPEID 02 ZGROUPNUM 02 ZUSERNUM 02 ZREAD 02 ZWRITE 02 ZEXECUTE 02 ZPURGE 02 ZCREATE 02 ZOWNER 02 ZNODENUM end.
INFO ALIAS Command Commands Command-Specific Tokens in the Command Buffer See the token descriptions under the ADD ALIAS Command on page 7-11. Tokens in Response Buffer See the token descriptions under the ADD ALIAS Command on page 7-11. Additional tokens in the response buffer are as follows: ZSFG-TKN-LASTMODIFIED contains a timestamp of the last time the alias authentication record was modified. ZSFG-TKN-LASTLOGON contains a timestamp of the last time the alias logged on to the system.
INFO ALIAS Command Commands ZSPI-TKN-DESCBIN-LEN denotes the length of the binary description field associated with the alias. ZSFG-TKN-FAILLOGCOUNTRESETTIME denotes the time when the attribute, STATIC FAILED COUNT LOGON, was last reset. ZSFG-TKN-CREATOR-NAME indicates in external form, the group name.member name of the user who created the alias. Note. This token is supported only on systems running J06.04 and later J-series RVUs and H06.15 and later H-series RVUs.
INFO ALIAS Command Commands Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), an informational warning, or an error. These errors or warnings can occur in response to the INFO ALIAS command: ZCOM-ERR-FS-ERR is returned when a file-system error occurs. The file-system error list describes the file-system error, the file-system procedure, and the file in question.
INFO AUDIT POOL Command Commands token is greater than the subsystem version. The error list contains the subsystem version. ZSFG-ERR-SEL-CMPR-INV is returned if an invalid selection expression is specified. INFO AUDIT POOL Command The INFO AUDIT POOL command returns the current values of disk space allocation control parameters in the specified audit pool.
INFO AUDIT POOL Command Commands ZCOM-TKN-OBJNAME is a string that designates an existing audit pool or set of audit pools as the subject of this inquiry. For INFO AUDIT POOL, a missing or null string designates the currently active audit pool. Tokens in Response Buffer See the token descriptions under the ADD AUDIT POOL (FILESET) Command on page 7-25.
INFO EVENT-EXIT-PROCESS (PROC) Command Commands INFO EVENT-EXIT-PROCESS (PROC) Command The INFO EVENT-EXIT-PROCESS (PROC) command retrieves the attribute values currently stored in an event-exit configuration record.
INFO EVENT-EXIT-PROCESS (PROC) Command Commands Tokens in Response Buffer See the token descriptions in the ADD EVENT-EXIT-PROCESS (PROC) Command on page 7-28. ZSPI-TKN-CONTEXT is a special token that indicates (by its presence or absence) whether there are more reply messages to come. This token is only returned when the request contained a wild card name and the responses generated do not fit in one buffer. This token is described in the SPI Programming Manual.
INFO EVENT-EXIT-PROCESS (PROC) Command Commands ZCOM-ERR-TKN-CODE-INV is returned if an invalid, foreign, or unsupported token was found. The error list identifies the invalid token. ZCOM-ERR-SSID-INV is returned if the subsystem ID is in error. The error list identifies the invalid subsystem ID. ZCOM-ERR-VSN-INCOMP is returned when the version of the command is greater than the subsystem version and the command contains unknown tokens.
INFO GROUP Command Commands INFO GROUP Command The INFO GROUP command retrieves the attribute values currently stored in a Safeguard group definition record. INFO GROUP does not return a list of group members. To determine a list of group members, use the INFO ALIAS and INFO USER commands with group selection expressions members.
INFO GROUP Command Commands ZSFG-MAP-CREATOR-ID& def ZSFG-DDL-CREATORID 02 ZTYPEID 02 ZGROUPNUM 02 ZUSERNUM 02 ZNODENUM end.
INFO GROUP Command Commands ZSFG-TKN-CREATOR-NAME indicates in external form, the group name.member name of the user who created the group. Note. This token is supported only on systems running J06.08 and later J-series RVUs, H06.19 and later H-series RVUs and G06.32 and later G-series RVUs. ZSFG-TKN-CREATOR-TYPE indicates if the group is created by an alias or a user. The token value ZSPI-VALTRUE indicates that the group creator is an alias and ZSPI-VAL-FALSE indicates that the group creator is a user.
INFO GROUP Command Commands Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), an informational warning, or an error. Errors or warnings that can occur in response to the INFO GROUP command follow: ZCOM-ERR-SECUR-VIOL is returned if the requestor's process access ID does not have authority to execute the INFO GROUP command.
INFO PROTECTIONRECORD Command Commands INFO PROTECTIONRECORD Command The INFO PROTECTIONRECORD command retrieves the attribute values currently stored in a Safeguard object protection record.
INFO PROTECTIONRECORD Command Commands ZSFG-TKN-FROZEN ZSFG-TKN-AUDIT-ACCESS-PASS ZSFG-TKN-AUDIT-ACCESS-FAIL ZSFG-TKN-AUDIT-MANAGE-PASS ZSFG-TKN-AUDIT-MANAGE-FAIL ZSFG-TKN-AUDIT-PRIV-LGN^ ZSFG-TKN-PROCESS-ACCESS ZSFG-MAP-ACCESS def ZSFG-DDL-ACCESS 02 ZDENY 02 ZTYPEID 02 ZGROUPNUM 02 ZUSERNUM 02 ZREAD 02 ZWRITE 02 ZEXECUTE 02 ZPURGE 02 ZCREATE 02 ZOWNER 02 ZNODENUM end.
INFO PROTECTIONRECORD Command Commands Command-Specific Tokens in Response Buffer See the token descriptions in the ADD PROTECTIONRECORD Command on page 7-38. Tokens in Response Buffer See the token descriptions in the ADD PROTECTIONRECORD section. Additional tokens follow: ZSFG-TKN-LAST-MODIFIED contains a timestamp of the last time the protection record was modified. ZSPI-TKN-CONTEXT is a special token that indicates (by its presence or absence) whether or not there are more reply messages to come.
INFO PROTECTIONRECORD Command Commands ZSFG-TKN-PAT-LASTMOD-NAME identifies the user name or alias name that last modified this protection record. This token applies only to diskfile-pattern protection records. ZSFG-TKN-PAT-LASTMOD-ISALIAS indicates if this protection record was last modified by an alias. If true, the lastmod ID is the userid of the underlying user associated with the alias, and the lastmodname is the name of the alias. This token applies only to diskfile-pattern protection records.
INFO PROTECTIONRECORD Command Commands ZCOM-ERR-OBJNAME-INV is returned if the specified object ZCOM-TKN-OBJNAME is invalid. ZCOM-ERR-SECUR-VIOL is returned if the requestor's process access ID does not have authority to perform the INFO PROTECTIONRECORD command. For the rules for who can manage object security, see the Safeguard Reference Manual. ZCOM-ERR-SPI-ERR is returned if one of the procedures (for example, SSGETTKN) returned an error.
INFO REMOTEPASSWORD Command Commands INFO REMOTEPASSWORD Command The INFO REMOTEPASSWORD retrieves the remote password of a specified user.
INFO REMOTEPASSWORD Command Commands Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), an informational warning, or an error. Errors or warnings that can occur in response to the INFO REMOTEPASSWORD command follow: ZCOM-ERR-FS-ERR is returned when a file-system error occurs. The file-system error list describes the file-system error, the file-system procedure, and the file in question.
INFO REMOTEPASSWORD Command Commands ZCOM-ERR-VSN-INCOMP is returned when the version of the command is greater than the subsystem version and the command contains unknown tokens. Or a field in a structured token is greater than the subsystem version. The error list contains the subsystem version. ZSFG-ERR-SYS-NOT-FOUND is returned if the system identified by the ZCOM-TKN-OBJNAME does not exist.
INFO SUBSYSTEM Command Commands INFO SUBSYSTEM Command The INFO SUBSYSTEM command retrieves the current Safeguard configuration attributes.
INFO SUBSYSTEM Command Commands Command ZCOM-CMD-INFO Object Type ZCOM-OBJ-SUBSYSTEM Tokens in Command Buffer ZSPI-TKN-MANAGER ZSPI-TKN-MAXRESP ZSPI-TKN-RESPONSE-TYPE ZSPI-TKN-ALLOW-TYPE ZSPI-TKN-COMMENT token-type token-type token-type token-type token-type ZSPI-TYP-FNAME32 ZSPI-TYP-INT ZSPI-TYP-ENUM ZSPI-TYP-ENUM ZSPI-TYP-STRING Tokens in Response Buffer ZSPI-TKN-RETCODE ZCOM-TKN-OBJTYPE ZSPI-TKN-COMMENT ZSFG-TKN-AUTHEN-MAX-ATTEMPTS ZSFG-MAP-AUTHEN-FAIL-TO def ZSFG-DDL-AUTHEN-FAIL-TO 02 ZVALUE 02 ZUN
INFO SUBSYSTEM Command Commands ZSFG-TKN-DIRECTION-DEVICE ZSFG-TKN-COMBINATION-DEVICE ZSFG-TKN-ACL-REQUIRED-DEVICE ZSFG-TKN-CHECK-PROCESS ZSFG-TKN-CHECK-SUBPROCESS ZSFG-TKN-DIRECTION-PROCESS ZSFG-TKN-COMBINATION-PROCESS ZSFG-TKN-ACL-REQUIRED-PROCESS ZSFG-TKN-CHECK-VOLUME ZSFG-TKN-CHECK-SUBVOL ZSFG-TKN-CHECK-FILENAME ZSFG-TKN-DIRECTION-DISKFILE ZSFG-TKN-COMBINATION-DISKFILE ZSFG-TKN-ACL-REQUIRED-DISKFILE ZSFG-TKN-CLEARONPURGE ZSFG-TKN-AUDIT-AUTHEN-PASS ZSFG-TKN-AUDIT-AUTHEN-FAIL ZSFG-TKN-AUDIT-USER-MAN-PAS
INFO SUBSYSTEM Command Commands ZSFG-TKN-CI-LIB-XFNAME ZSFG-TKN-CI-PCPU ZSFG-TKN-CI-SWAP ZSFG-TKN-CI-PRI ZSFG-TKN-CI-PARAM-TEXT ZSFG-TKN-ASK-CMON ZSFG-TKN-CMON-TIMEOUT ZSFG-TKN-CMON-ERROR ZSFG-TKN-BLINDLOGON ZSFG-TKN-NAMELOGON ZSFG-TKN-LU-EXCLUSIVE-ACCESS ZSFG-TKN-CURRENTAUDITPOOL ZSFG-TKN-NEXTAUDITPOOL ZSFG-TKN-WRITETHROUGHCACHE ZSFG-TKN-EOFREFRESH ZSFG-TKN-AUDITRECOVERY ZSFG-TKN-AUDITSTATE ZSFG-TKN-CURRENTAUDITFILE ZSFG-TKN-LASTSWITCH ZSFG-TKN-WARN-SYSTEM-LEVEL ZSFG-TKN-WARN-FALLBACK ZSFG-TKN-AUD-CLIENT
INFO SUBSYSTEM Command Commands ZSFG-TKN-PSWD-REQ-MIN-UPCASE4 token-type ZSPI-TYP-UINT ZSFG-TKN-PSWD-REQ-MIN-LOWCASE4 token-type ZSPI-TYP-UINT ZSFG-TKN-PSWD-REQ-MIN-SPECIAL4 token-type ZSPI-TYP-UINT ZSFG-TKN-PSWD-MIN-NUMERIC4 token-type ZSPI-TYP-UINT ZSFG-TKN-PSWD-REQ-ALPHA4 token-type ZSPI-TYP-BOOLEAN ZSFG-TKN-PSWD-REQ-MIN-ALPHA4 token-type ZSPI-TYP-UINT ZSFG-TKN-AUDIT-EXCLUDE-FIELD@ token-type ZSPI-TYP-STRING ZSFG-TKN-AUDIT-EXCLUDE-VALUE@ token-type ZSPI-TYP-INT ZSFG-TKN-AUD-OSS-FILTER1 token-type ZSPI-
INFO SUBSYSTEM Command Commands ZSFG-VAL-AUDITSTATE-NEXTPOOL0 indicates that auditing is active but the next pool is not defined. ZSFG-VAL-AUDITSTATE-RECYCLING indicates that auditing is active; the next pool is not defined; and because the audit pool is full, audit files are being recycled on an as-needed basis. ZSFG-VAL-AUDITSTATE-SUSPENDED indicates that auditing is not active because the next pool is not defined and the current pool is full.
INFO SUBSYSTEM Command Commands ZCOM-ERR-FS-ERR is returned when a file-system error occurs. The file-system error list describes the file-system error, the file-system procedure, and the file in question. ZCOM-ERR-NO-MEM-SPACE is returned when the Security Manager Process (SMP) cannot obtain memory to service the INFO request. Normally, this error should not occur, and it should be transient if it does occur.
INFO TERMINAL (LU) Command Commands INFO TERMINAL (LU) Command The INFO TERMINAL (LU) command retrieves the attribute values currently stored in a terminal definition record.
INFO TERMINAL (LU) Command Commands contained a wild-card name and the responses generated do not fit in one buffer. For a description of this token, see the SPI Programming Manual. Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), an informational warning, or an error.
INFO TERMINAL (LU) Command Commands ZCOM-ERR-VSN-INCOMP is returned when the version of the command is greater than the subsystem version and the command contains unknown tokens. Or a field in a structured token is greater than the subsystem version. The error list contains the subsystem version.
INFO USER Command Commands INFO USER Command The INFO USER command retrieves the attribute values currently stored in a user authentication record. Command ZCOM-CMD-INFO Object Type ZCOM-OBJ-USER Tokens in Command Buffer ZSPI-TKN-MANAGER ZSPI-TKN-MAXRESP ZSPI-TKN-CONTEXT ZSPI-TKN-RESPONSE-TYPE ZSPI-TKN-ALLOW-TYPE ZSPI-TKN-COMMENT ZCOM-TKN-OBJNAME ZSPI-TKN-SEL-OPERAND def ZSPI-DDL-SEL-OPERAND 02 ZVALUE-TYPE 02 ZTKNCODE 02 ZINDEX 02 ZFUTURE1 02 ZFUTURE2 02 ZFUTURE3 02 ZFUTURE4 02 ZFUTURE5 end.
INFO USER Command Commands ZSFG-TKN-USERNAME ZSFG-MAP-USERID def ZSFG-DDL-USERID 02 ZGROUPNUM 02 ZUSERNUM end. token-type ZSPI-TYP-STRING type ZSPI-TYP-MAP ZSFG-MAP-OWNERID def ZSFG-DDL-OWNERID 02 ZTYPEID 02 ZGROUPNUM 02 ZUSERNUM end. type ZSPI-TYP-MAP ZSFG-MAP-OWNER-LIST def ZSFG-DDL-MULOWNENT 02 ZTYPEID 02 ZGROUPNUM 02 ZUSERNUM 02 ZNODENUM end.
INFO USER Command Commands end. ZSFG-TKN-DF-AUDIT-ACCESS-PASS ZSFG-TKN-DF-AUDIT-ACCESS-FAIL ZSFG-TKN-DF-AUDIT-MANAGE-PASS ZSFG-TKN-DF-AUDIT-MANAGE-FAIL ZSFG-MAP-DEFAULT-ACCESS def ZSFG-DDL-ACCESS 02 ZDENY 02 ZTYPEID 02 ZGROUPNUM 02 ZUSERNUM 02 ZREAD 02 ZWRITE 02 ZEXECUTE 02 ZPURGE 02 ZCREATE 02 ZOWNER 02 ZNODENUM end.
INFO USER Command Commands Command-Specific Tokens in the Command Buffer See the token descriptions under the ADD USER Command on page 7-54. Tokens in Response Buffer See the token descriptions under the ADD USER Command on page 7-54. Additional tokens in the response buffer follow: ZSFG-TKN-LASTMODIFIED contains a timestamp of the last time the user authentication record was modified. ZSFG-TKN-LASTLOGON contains a timestamp of the last time the user logged on to the system.
INFO USER Command Commands ZSPI-TKN-DESCBIN-LEN denotes the length of the binary description field associated with the user authentication record. ZSFG-TKN-CREATOR-NAME indicates in external form, the group name.member name of the user who created the user. Note. This token is supported only on systems running J06.08 and later J-series RVUs, H06.19 and later H-series RVUs, and G06.32 and later G-series RVUs. ZSFG-TKN-CREATOR-TYPE indicates that the creator is an alias. Note.
INFO USER Command Commands ZCOM-ERR-NO-MEM-SPACE is returned when the Security Manager Process (SMP) cannot obtain memory to service the INFO request. Normally, this error should not occur, and it should be transient if it does occur. ZCOM-ERR-OBJ-NOT-FOUND is returned if the specified user ZCOM-TKN-OBJNAME does not exist. ZCOM-ERR-OBJNAME-INV is returned if the specified user name ZCOM-TKN-OBJNAME is invalid.
LISTOBJECTS Command Commands LISTOBJECTS Command For all objects other than NULL, the LISTOBJECTS command lists all the object names of the specified type defined in the Safeguard software. For NULL, the command returns all object names of all types defined to the Safeguard software. If ZCOM-TKN-OBJNAME is supplied in the command buffer, LISTOBJECTS returns only objects with names matching the specified name pattern.
LISTOBJECTS Command Commands Tokens in the Response Buffer ZSPI-TKN-CONTEXT is a special token that indicates (by its presence or absence) whether or not there are more reply messages to come. This token is only returned when the request generated more responses than fit in one buffer. For a description of this token, see the SPI Programming Manual.
LISTOBJECTS ALIAS Command Commands LISTOBJECTS ALIAS Command The LISTOBJECTS ALIAS command lists all the aliases defined to the Safeguard software. Command ZCOM-CMD-LISTOBJECTS Object Type ZCOM-OBJ-ALIAS Tokens in Command Buffer ZSPI-TKN-MANAGER ZSPI-TKN-MAXRESP ZSPI-TKN-CONTEXT ZSPI-TKN-RESPONSE-TYPE ZSPI-TKN-ALLOW-TYPE ZSPI-TKN-COMMENT ZCOM-TKN-OBJNAME ZSPI-TKN-SEL-OPERAND def ZSPI-DDL-SEL-OPERAND 02 ZVALUE-TYPE 02 ZTKNCODE 02 ZINDEX 02 ZFUTURE1 02 ZFUTURE2 02 ZFUTURE3 02 ZFUTURE4 02 ZFUTURE5 end.
LISTOBJECTS ALIAS Command Commands Tokens in the Response Buffer For a description of the tokens present in the response buffer for the LISTOBJECTS ALIAS command, see Section 6, Common Definitions. Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), an informational warning, or an error.
LISTOBJECTS USER Command Commands LISTOBJECTS USER Command The LISTOBJECTS USER command lists all the users defined to the Safeguard software. Command ZCOM-CMD-LISTOBJECTS Object Type ZCOM-OBJ-USER Tokens in Command Buffer ZSPI-TKN-MANAGER ZSPI-TKN-MAXRESP ZSPI-TKN-CONTEXT ZSPI-TKN-RESPONSE-TYPE ZSPI-TKN-ALLOW-TYPE ZSPI-TKN-COMMENT ZCOM-TKN-OBJNAME ZSPI-TKN-SEL-OPERAND def ZSPI-DDL-SEL-OPERAND 02 ZVALUE-TYPE 02 ZTKNCODE 02 ZINDEX 02 ZFUTURE1 02 ZFUTURE2 02 ZFUTURE3 02 ZFUTURE4 02 ZFUTURE5 end.
LISTOBJECTS USER Command Commands Tokens in the Response Buffer For a description of the tokens present in the response buffer for the LISTOBJECTS USER command, see Section 6, Common Definitions. ZSPI-TKN-CONTEXT is a special token that indicates (by its presence or absence) whether or not there are more reply messages to come. This token is only returned when the request generates more responses than fit in one buffer. For a description of this token, see the SPI Programming Manual.
LISTOPENS Command Commands LISTOPENS Command The LISTOPENS command lists all the openers of $ZSMP.
LISTOPENS Command Commands Tokens in the Response Buffer ZCMK-MAP-LISTOP is an optional structured token that records each opening of the Security Manager Process ($ZSMP). ZCMK-MAP-LISTOP contains these fields: ZNODE specifies the node number of the node in which the process resides. ZBKUP-CPU specifies the number of the CPU in which the backup process resides. This field is relevant only if ZBKUP-PIN is nonzero. ZBKUP-PIN specifies the process ID number of the backup process.
LISTOPENS Command Commands ZCMK-TKN-LISTOP-XPNAM records the process name of the opener in external format. ZCMK-TKN-LISTOP-QUALIFS records the qualifiers used when the process was opened. For ZPROTO = ZSFGVAL-PROTO-SMP-BUF, the token value is a null string. For ZPROTO = ZSFGVAL-PROTO-SPI the token value is #ZSPI. ZCMK-MAP-LISTOP ZCMK-TKN-LISTOP-XPNAME ZCMK-TKN-LISTOP-QUALIF together describe an opener of $ZSMP.
NEXTFILE (SWITCH) Command Commands NEXTFILE (SWITCH) Command The NEXTFILE (SWITCH) command closes the current active audit file and opens the next audit file in sequence.
NEXTFILE (SWITCH) Command Commands Operational Notes ZCOM-TKN-OBJNAME is optional for the NEXTFILE command. If present, this token must have the value of the current audit pool. Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), an informational warning, or an error.
RELEASE AUDIT FILE Command Commands RELEASE AUDIT FILE Command The RELEASE AUDIT FILE command marks the specified audit files in the currently active audit pool as reusable.
RELEASE AUDIT FILE Command Commands Errors or warnings that can occur in response to the RELEASE AUDIT FILE command follow: ZCOM-ERR-SECUR-VIOL is returned if the requestor's process access ID does not have authority to perform the RELEASE AUDIT FILE command. For the rules about who may manage the audit service, see the Safeguard Reference Manual.
START TERMINAL (LU) Command Commands START TERMINAL (LU) Command The START TERMINAL (LU) command initiates the logon dialog with a Safeguard terminal.
START TERMINAL (LU) Command Commands ZCOM-ERR-FS-ERR is returned when a file-system error occurs. The file-system error list describes the file-system error, the file-system procedure, and the file in question. ZCOM-ERR-NO-MEM-SPACE is returned when the Security Manager Process (SMP) cannot obtain memory to service the START request. Normally, this error should not occur, and it should be transient if it does occur.
STATUS ALIAS Command Commands STATUS ALIAS Command The STATUS ALIAS command retrieves the status (frozen or thawed) of a specified user alias. Command ZCOM-CMD-STATUS Object Type ZCOM-OBJ-ALIAS Tokens in Command Buffer ZSPI-TKN-MANAGER ZSPI-TKN-MAXRESP ZSPI-TKN-CONTEXT ZSPI-TKN-RESPONSE-TYPE ZSPI-TKN-ALLOW-TYPE ZSPI-TKN-COMMENT ZCOM-TKN-OBJNAME ZSPI-TKN-SEL-OPERAND def ZSPI-DDL-SEL-OPERAND 02 ZVALUE-TYPE 02 ZTKNCODE 02 ZINDEX 02 ZFUTURE1 02 ZFUTURE2 02 ZFUTURE3 02 ZFUTURE4 02 ZFUTURE5 end.
STATUS ALIAS Command Commands • • ZCOM-VAL-SUMSTATE-SUSP (alias is frozen) ZCOM-VAL-SUMSTATE-UNKWN (returned when an error occurs) ZSPI-TKN-CONTEXT is a special token that indicates (by its presence or absence) whether or not there are more reply messages. This token is returned only when the request contains a wild-card name and the responses generated will not fit in one buffer. For a description of this token, see the SPI Programming Manual.
STATUS PROTECTIONRECORD Command Commands token is greater than the subsystem version. The error list contains the subsystem version. ZSFG-ERR-SEL-CMPR-INV is returned if an invalid selection expression is specified. STATUS PROTECTIONRECORD Command The STATUS PROTECTIONRECORD command retrieves the current status (frozen or thawed) of a specified protection record.
STATUS PROTECTIONRECORD Command Commands ZSPI-TKN-CONTEXT is a special token that indicates (by its presence or absence) whether or not there are more reply messages to come. This token is returned only when the request contained a wild card name and the responses generated do not fit in one buffer. For a description of this token, see the SPI Programming Manual.
STATUS SUBSYSTEM Command Commands ZSFG-ERR-PAT-MISSING-ALL is returned if the ZCOM-TKN-SUB token value is not ZCOM-VAL-SUB-ALL for a diskfile-pattern protection record ALTER, DELETE, SUSPEND(FREEZE), INFO, LISTOBJECTS, or ACTIVATE(THAW) command that contains a wildcard in the pattern-spec volume name. ZSFG-ERR-PAT-BAD-PATNAME is returned if the pattern-spec does not include at least one wildcard in either the subvolume or file name for a diskfile-pattern protection record command.
STATUS SUBSYSTEM Command Commands Error-Handling Notes ZSPI-TKN-RETCODE is the standard SPI return code token, whose value is a number identifying successful completion (ZCOM-ERR-OK), an informational warning, or an error. Errors or warnings that can occur in response to the STATUS SUBSYSTEM command follow: ZCOM-ERR-FS-ERR is returned when a file-system error occurs. The file-system error list describes the file-system error, the file-system procedure, and the file in question.
STATUS USER Command Commands STATUS USER Command The STATUS USER command retrieves the status (frozen or thawed) of a specified user. Command ZCOM-CMD-STATUS Object Type ZCOM-OBJ-USER Tokens in Command Buffer ZSPI-TKN-MANAGER ZSPI-TKN-MAXRESP ZSPI-TKN-CONTEXT ZSPI-TKN-RESPONSE-TYPE ZSPI-TKN-ALLOW-TYPE ZSPI-TKN-COMMENT ZCOM-TKN-OBJNAME ZSPI-TKN-SEL-OPERAND def ZSPI-DDL-SEL-OPERAND 02 ZVALUE-TYPE 02 ZTKNCODE 02 ZINDEX 02 ZFUTURE1 02 ZFUTURE2 02 ZFUTURE3 02 ZFUTURE4 02 ZFUTURE5 end.
STATUS USER Command Commands • • ZCOM-VAL-SUMSTATE-SUSP (user is frozen) ZCOM-VAL-SUMSTATE-UNKWN (returned when an error occurs) ZSPI-TKN-CONTEXT is a special token that indicates (by its presence or absence) whether or not there are more reply messages. This token is returned only when the request contains a wild-card name and the responses generated will not fit in one buffer. For a description of this token, see the SPI Programming Manual.
STOP Command Commands token is greater than the subsystem version. The error list contains the subsystem version. ZSFG-ERR-SEL-CMPR-INV is returned if an invalid selection expression is specified. STOP Command The STOP command stops the Safeguard subsystem.
STOP Command Commands ZCOM-ERR-NO-MEM-SPACE is returned when the Security Manager Process (SMP) cannot obtain memory to service the STOP request. Normally, this error should not occur, and it should be transient if it does occur. ZCOM-ERR-SECUR-VIOL is returned if the requestor's process access ID does not have authority to perform the STOP SUBSYSTEM command. For the rules about who may manage the Safeguard configuration, see the Safeguard Reference Manual.
SUSPEND ALIAS Command Commands SUSPEND ALIAS Command The SUSPEND ALIAS command suspends (freezes) a user alias authentication record. Command ZCOM-CMD-SUSPEND Object Type ZCOM-OBJ-ALIAS Tokens in Command Buffer ZSPI-TKN-MANAGER ZSPI-TKN-MAXRESP ZSPI-TKN-RESPONSE-TYPE ZSPI-TKN-ALLOW-TYPE ZSPI-TKN-COMMENT ZCOM-TKN-OBJNAME ZSPI-TKN-SEL-OPERAND def ZSPI-DDL-SEL-OPERAND 02 ZVALUE-TYPE 02 ZTKNCODE 02 ZINDEX 02 ZFUTURE1 02 ZFUTURE2 02 ZFUTURE3 02 ZFUTURE4 02 ZFUTURE5 end.
SUSPEND ALIAS Command Commands ZCOM-ERR-FS-ERR is returned when a file-system error occurs. The file-system error list describes the file-system error, the file-system procedure, and the file in question. ZCOM-ERR-NO-MEM-SPACE is returned when the Security Manager Process (SMP) cannot obtain memory to service the SUSPEND request. Normally, this error should not occur, and it should be transient if it does occur. ZCOM-ERR-OBJ-NOT-FOUND is returned if the specified alias ZCOM-TKN-OBJNAME does not exist.
SUSPEND PROTECTIONRECORD Command Commands SUSPEND PROTECTIONRECORD Command The SUSPEND PROTECTIONRECORD command suspends (freezes) an object protection record.
SUSPEND PROTECTIONRECORD Command Commands ZCOM-ERR-NO-MEM-SPACE is returned when the Security Manager Process (SMP) cannot obtain memory to service the SUSPEND request. Normally, this error should not occur and should be transient if it does occur. ZCOM-ERR-OBJ-NOT-FOUND is returned if the specified protection record ZCOM-TKN-OBJNAME does not exist. ZCOM-ERR-OBJNAME-INV is returned if the specified protection record ZCOM-TKN-OBJNAME is invalid.
SUSPEND TERMINAL (LU) Command Commands SUSPEND TERMINAL (LU) Command The SUSPEND TERMINAL (LU) command freezes a terminal definition record so that logon dialog at the terminal becomes disabled.
SUSPEND TERMINAL (LU) Command Commands ZCOM-ERR-VSN-INCOMP is returned when the version of the command is greater than the subsystem version and the command contains unknown tokens, or a field in a structured token is greater than the subsystem version. The error list contains the subsystem version. ZCOM-ERR-SECUR-VIOL is returned if the requestor's process access ID does not have authority to perform the SUSPEND TERMINAL command.
SUSPEND USER Command Commands SUSPEND USER Command The SUSPEND USER command suspends (freezes) a user authentication record. Command ZCOM-CMD-SUSPEND Object Type ZCOM-OBJ-USER Tokens in Command Buffer ZSPI-TKN-MANAGER ZSPI-TKN-MAXRESP ZSPI-TKN-RESPONSE-TYPE ZSPI-TKN-ALLOW-TYPE ZSPI-TKN-COMMENT ZCOM-TKN-OBJNAME ZSPI-TKN-SEL-OPERAND def ZSPI-DDL-SEL-OPERAND 02 ZVALUE-TYPE 02 ZTKNCODE 02 ZINDEX 02 ZFUTURE1 02 ZFUTURE2 02 ZFUTURE3 02 ZFUTURE4 02 ZFUTURE5 end.
SUSPEND USER Command Commands ZCOM-ERR-FS-ERR is returned when a file-system error occurs. The file-system error list describes the file-system error, the file-system procedure, and the file in question. ZCOM-ERR-NO-MEM-SPACE is returned when the Security Manager Process (SMP) cannot obtain memory to service the SUSPEND request. Normally, this error should not occur and should be transient if it does occur. ZCOM-ERR-OBJ-NOT-FOUND is returned if the specified user ZCOM-TKN-OBJNAME does not exist.
8 Event Management This section describes the information that the Safeguard subsystem provides the Event Management Service (EMS) by sending event messages about subsystem events. EMS is part of the Distributed Systems Management (DSM) system. EMS collects, logs, and distributes event messages that contain information to help you monitor the network environment, analyze failures, and recognize and solve critical problems.
Event-Message Filters Event Management • • • • Events related to the operation of a process, such as when it is started, when it is terminated, or when its backup takes over Events that report errors in creating, opening or accessing a file or process Events that report changes to the Safeguard configuration attributes Events that report the details of audit file switches and audit state changes as well as impending critical audit states Event-Message Filters EMS provides the capability of creating prog
Elements of Event Messages for Safeguard Subsystems Event Management -- Send the message on to the application. ELSE FAIL ELSE FAIL ELSE FAIL; END; -- This message concerns some other object. -- This is not a critical event message. -- This is not a SAFEGUARD event message -- of critical^SAFEGUARD/SAFEGUARD^messages. Elements of Event Messages for Safeguard Subsystems Safeguard event messages are made up of special codes called tokens.
Event Numbers Event Management defined by HP, do not begin any names defined in your application with uppercase or lowercase Z. Event Numbers In the Safeguard subsystem, event numbers are represented by symbolic names of the form ZSFG-EVT-name, where name identifies the event. Each event message is assigned a different number. The Safeguard subsystem uses some shared code that is named the common kernel.
Constructs Involving Multiple Tokens Event Management Field Types Field types used by the Safeguard subsystem are SPI standard field types and are represented by symbolic names of the form ZSPI-DDL-name, where name identifies the specific field type. Constructs Involving Multiple Tokens The Safeguard subsystem supports error lists as described in the SPI Programming Manual.
Event-Message Buffers Event Management For example, an application written in COBOL needs these definition files: ZSPIDEF.ZSPICOB SPI definitions ZSPIDEF.ZEMSCOB EMS definitions ZSPIDEF.ZGRDCOB Guardian definitions ZSPIDEF.ZFILCOB File-system definitions ZSPIDEF.ZCOMCOB Data communications definitions ZSPIDEF.ZCMKCOB Common kernel definitions ZSPIDEF.
SPI Standard Definitions in Safeguard Event Messages Event Management Table 8-1. Tokens That Appear in All Event Messages (page 2 of 2) Header Tokens Token Type ZEMS-TKN-PIN ZSPI-TYP-UINT ZEMS-TKN-SYSTEM ZSPI-TYP-UINT ZEMS-TKN-USERID ZSPI-TYP-BYTE-PAIR Data Portion Token Token Type ZEMS-TKN-SUBJECT-MARK ZSPI-TYP-MARK SPI Standard Definitions in Safeguard Event Messages Definitions whose names begin with ZSPI- are SPI standard definitions.
EMS Standard Definitions in Safeguard Event Messages Event Management ZSPI-TKN-SSID contains ZSFG-VAL-SSID, the subsystem ID of the Safeguard subsystem. ZSFGVAL-SSID has this structure: def ZSFG-VAL-SSID TACL SSID. 02 Z-FILLER 02 Z-OWNER 02 Z-NUMBER 02 Z-VERSION type character 8 value is ZSPI-VAL-TANDEM. redefines Z-FILLER type ZSPI-DDL-CHAR8. type ZSPI-DDL-INT value is ZSPI-SSN-ZSFG. type ZSPI-DDL-UINT value is ZSFG-VAL-VERSION. end.
Safeguard Definitions Event Management ZEMS-TKN-CPU contains the CPU number in which the reporting subsystem process is running. ZEMS-TKN-CRTPID contains the CRTPID in which the reporting subsystem process is running. This value is assigned to the name of the process that is generating the event. ZEMS-TKN-GENTIME contains the time when the event occurred. ZEMS-TKN-LOGTIME contains the time when the event was logged. ZEMS-TKN-PIN contains the PIN of the reporting subsystem process.
Safeguard Definitions Event Management Table 8-4. ZSFG Standard Definitions (page 2 of 2) Token Name Token Type ZSFG-TKN-SAFEGUARD-VERSION ZSPI-TYP-STRING ZSFG-TKN-SEEPRPLYINV ZSPI-TYP-ENUM ZSFG-TKN-USERNAME ZSPI-TYP-STRING ZSFG-TKN-AUDITSTATE contains the enumeration identifying the current audit state. ZSFG-TKN-CHANGED-TNM contains the token number identifying a token whose value has been altered. ZSFG-TKN-CURRENTAUDITFILE contains the name of the current audit file in external form.
Safeguard Event Messages Event Management ZSFG-TKN-USERNAME contains the name of the user performing the event. Safeguard Event Messages lists all the event messages that each Safeguard processes described can report. Table 8-5. Safeguard Event Messages (page 1 of 3) Number Symbolic Name (ZSFG-EVT-) Description 1 BAD-TOS-VERSION Safeguard and operating system versions do not match. 2 CREATED-SFG-FILE A Safeguard $vol.SAFE.GUARD file was created, allocated, and secured.
Safeguard Event Messages Event Management Table 8-5. Safeguard Event Messages (page 2 of 3) Number Symbolic Name (ZSFG-EVT-) Description 19 SMON-LOST-SMP A Safeguard monitor process could not communicate with the Safeguard manager process ($ZSMP). 20 CMON-MISSING The $CMON process was not found. 21 VIRT-OBJFILE-DOWN A file-system error occurred during an attempt to access a Safeguard file on a virtual disk. 22 FILE-LOCKED A lock was found on a Safeguard file while processing a request.
Event-Message Descriptions Event Management Table 8-5. Safeguard Event Messages (page 3 of 3) Number Symbolic Name (ZSFG-EVT-) Description 34 PSB-UPDATE-COMPLETE*** Safeguard successfully updated process attributes of user/alias name. 36 HELPER-LOST-SMP A Safeguard helper process could not communicate with the Safeguard manager process ($ZSMP). * Supported only on systems running J06.03 and later J-series RVUs, H06.14 and later H-series RVUs, and G06.32 and later G-series RVUs.
ZSFG-EVT-BAD-TOS-VERSION Event Management The box also contains the text version of the event message. The text version of an event message is available through the EMSTEXT procedure. It contains a standard header that includes the subsystem name, reporting process, and other information. The text shown in the box follows this standard header. For further information on the standard header, refer to the EMS Manual.
ZSFG-EVT-BAD-TOS-VERSION Event Management ZEMS-TKN-SUBJECT-MARK marks the token that follows it in the event-message buffer as the subject of the event message. In this message, the subject token is ZCOM-TKN-SUBJ-PROC. ZCOM-TKN-SUBJ-PROC is the name of the Safeguard Manager Process ($ZSMP). The value of this token corresponds to the value <1> in the text message. ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP).
ZSFG-EVT-CREATED-SFG-FILE Event Management Recommended Action Ensure compatible RVUs of the operating system and the Safeguard subsystem. Use the VPROC program to determine the RVU level of the SAFECOM, OSMP, and OSMON processes, and compare with the current operating system RVU. ZSFG-EVT-CREATED-SFG-FILE A Safeguard file was created, allocated, and secured.
ZSFG-EVT-CREATED-SFG-FILE Event Management ZCOM-TKN-SUBJ-PROC is the name of the Safeguard process ($ZSMP or $ZSnn). The value of this token corresponds to the value <1> in the text message. ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP). ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is not considered critical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual.
ZSFG-EVT-NEWPROCESS Event Management ZSFG-EVT-NEWPROCESS A Safeguard subsystem process (for example, SMON) was started normally. This event is noncritical.
ZSFG-EVT-NEWPROCESS Event Management ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is not considered critical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual. ZEMS-TKN-CPU ZEMS-TKN-CRTPID ZEMS-TKN-GENTIME ZEMS-TKN-LOGTIME ZEMS-TKN-PIN ZEMS-TKN-SYSTEM ZEMS-TKN-USERID are standard EMS tokens. See the EMS Manual. ZCMP-TKN-XPNAME contains the name of the process that the Safeguard subsystem started.
ZSFG-EVT-STOPPED-PROCESS Event Management ZSFG-EVT-STOPPED-PROCESS A Safeguard subsystem process was stopped normally.
ZSFG-EVT-STOPPED-PROCESS Event Management ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP). ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is not considered critical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual. ZEMS-TKN-CPU ZEMS-TKN-CRTPID ZEMS-TKN-GENTIME ZEMS-TKN-LOGTIME ZEMS-TKN-PIN ZEMS-TKN-SYSTEM ZEMS-TKN-USERID are standard EMS tokens. See the EMS Manual.
ZSFG-EVT-CONFIG-CHANGED Event Management ZSFG-EVT-CONFIG-CHANGED A Safeguard configuration attribute has been altered.
ZSFG-EVT-CONFIG-CHANGED Event Management ZEMS-TKN-SUBJECT-MARK marks the token that follows it in the event-message buffer as the subject of the event message. In this message, the subject token is ZCOM-TKN-SUBJ-PROC. ZCOM-TKN-SUBJ-PROC is the name of the Safeguard Manager Process ($ZSMP). The value of this token corresponds to the value <1> in the text message. ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP).
ZSFG-EVT-AUDITFILESWITCH Event Management ZCMK-TKN-XFNAME contains the name of the home terminal of the user who made the configuration change. This value corresponds to the value <6> in the text message. Subsystem Action Informational only. Recommended Action None. ZSFG-EVT-AUDITFILESWITCH An audit file rollover occurred. The current audit file was closed, and a new audit file was opened. This event is noncritical.
ZSFG-EVT-AUDITFILESWITCH Event Management ZEMS-TKN-EVENTNUMBER is the event number. Its value is ZSFG-EVT-AUDITFILESWITCH. ZEMS-TKN-SUBJECT-MARK marks the token that follows it in the event-message buffer as the subject of the event message. In this message, the subject token is ZCOM-TKN-SUBJ-PROC. ZCOM-TKN-SUBJ-PROC is the name of the Safeguard Manager Process ($ZSMP). The value of this token corresponds to the value <1> in the text message.
ZSFG-EVT-AUDITSTATES Event Management Recommended Action Depending on the security policy of the site, the file identified by ZSFG-TKNPREVIOUSAUDITFILE is available for backup and then release back to the audit pool. ZSFG-EVT-AUDITSTATES An audit state change occurred as the result of operator action, an audit pool full condition, or a system failure. This event is noncritical.
ZSFG-EVT-AUDITSTATES Event Management ZCOM-TKN-SUBJ-PROC is the name of the Safeguard Manager Process ($ZSMP). The value of this token corresponds to the value <1> in the text message. ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP). ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is considered noncritical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual.
ZSFG-EVT-AUDITSTATES Event Management ZSFG-VAL-AUDITSTATE-SUSPENDED indicates that auditing is not active because the Next Pool is not defined and the current pool is full. ZSFG-VAL-AUDITSTATE-DENYGRANTS indicates that auditing is effectively not active because the Next Pool is not defined and the current audit pool is full. Authorization and authentication requests that require auditing will be denied.
ZSFG-EVT-PENDINGAUDITSTATE Event Management ZSFG-EVT-PENDINGAUDITSTATE An audit state change is imminent unless operator action is taken. This event is noncritical.
ZSFG-EVT-PENDINGAUDITSTATE Event Management ZCOM-TKN-SUBJ-PROC is the name of the Safeguard Manager Process ($ZSMP). The value of this token corresponds to the value <1> in the text message. ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP). ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is noncritical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual.
ZSFG-EVT-PENDINGAUDITSTATE Event Management ZSFG-VAL-AUDITSTATE-NEXTPOOL0 indicates that auditing is active but the Next Pool is not defined. ZSFG-VAL-AUDITSTATE-RECYCLING indicates that auditing is active; the Next Pool is not defined; and because the audit pool is full, audit files are being recycled on an as-needed basis. ZSFG-VAL-AUDITSTATE-SUSPENDED indicates that auditing is not active because the Next Pool is not defined and the current pool is full.
ZSFG-EVT-CRITICALAUDITSTATE Event Management ZSFG-EVT-CRITICALAUDITSTATE An audit state change is imminent. It will result in: recycling audit files, suspending audit, or denying grants. This event is noncritical.
ZSFG-EVT-CRITICALAUDITSTATE Event Management ZCOM-TKN-SUBJ-PROC is the name of the Safeguard Manager Process ($ZSMP). The value of this token corresponds to the value <1> in the text message. ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP). ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is noncritical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual.
ZSFG-EVT-CRITICALAUDITSTATE Event Management ZSFG-TKN-PENDINGAUDITSTATE and ZSFG-TKN-AUDITSTATE contain one of these values: ZSFG-VAL-AUDITSTATE-NEXTPOOL0 indicates that auditing is active but the Next Pool is not defined. ZSFG-VAL-AUDITSTATE-RECYCLING indicates that auditing is active; the Next Pool is not defined; and because the audit pool is full, audit files are being recycled on an as need basis.
ZSFG-EVT-FILERELEASED Event Management ZSFG-EVT-FILERELEASED An audit file was released (purged and re-created) because of a RELEASE command. This event is noncritical.
ZSFG-EVT-FILERELEASED Event Management ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP). ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is noncritical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual. ZEMS-TKN-CPU ZEMS-TKN-CRTPID ZEMS-TKN-GENTIME ZEMS-TKN-LOGTIME ZEMS-TKN-PIN ZEMS-TKN-SYSTEM ZEMS-TKN-USERID are standard EMS tokens. See the EMS Manual.
ZSFG-EVT-FILERECYCLED Event Management ZSFG-EVT-FILERECYCLED An audit file was recycled in order to satisfy an audit rollover. This event is noncritical.
ZSFG-EVT-FILERECYCLED Event Management ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is noncritical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual. ZEMS-TKN-CPU ZEMS-TKN-CRTPID ZEMS-TKN-GENTIME ZEMS-TKN-LOGTIME ZEMS-TKN-PIN ZEMS-TKN-SYSTEM ZEMS-TKN-USERID are standard EMS tokens. See the EMS Manual. ZSFG-TKN-PREVIOUSAUDITFILE contains the external name of the audit file that was recycled.
ZSFG-EVT-BAD-SMON-NAME Event Management ZSFG-EVT-BAD-SMON-NAME An SMON was started with a process name other than $ZSnn (where nn is the CPU number). This event is critical.
ZSFG-EVT-BAD-SMON-NAME Event Management ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-TRUE, indicating that this event is critical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual. ZEMS-TKN-CPU ZEMS-TKN-CRTPID ZEMS-TKN-GENTIME ZEMS-TKN-LOGTIME ZEMS-TKN-PIN ZEMS-TKN-SYSTEM ZEMS-TKN-USERID are standard EMS tokens. See the EMS Manual. Subsystem Action OSMON is not started. The process is not run. Recommended Action Use the correct process name.
ZSFG-EVT-UNUSABLE-SFG-FILE Event Management ZSFG-EVT-UNUSABLE-SFG-FILE A Safeguard file with an unexpected attribute (file type or file code) has been found. This event is critical.
ZSFG-EVT-UNUSABLE-SFG-FILE Event Management ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP). ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-TRUE, indicating that this event is critical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual. ZEMS-TKN-CPU ZEMS-TKN-CRTPID ZEMS-TKN-GENTIME ZEMS-TKN-LOGTIME ZEMS-TKN-PIN ZEMS-TKN-SYSTEM ZEMS-TKN-USERID are standard EMS tokens. See the EMS Manual. ZCMK-TKN-XFNAME is the name of the Safeguard file in error.
ZSFG-EVT-PROC-FAILURE Event Management Recommended Action Rename or purge the file in error, and restart the Safeguard software. ZSFG-EVT-PROC-FAILURE The event-exit process terminated abnormally. This event is noncritical.
ZSFG-EVT-PROC-FAILURE Event Management ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP). ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is noncritical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual. ZEMS-TKN-CPU ZEMS-TKN-CRTPID ZEMS-TKN-GENTIME ZEMS-TKN-LOGTIME ZEMS-TKN-PIN ZEMS-TKN-SYSTEM ZEMS-TKN-USERID are standard EMS tokens. See the EMS Manual.
ZSFG-EVT-PROC-CHANGED Event Management ZSFG-EVT-PROC-CHANGED An event-exit process configuration token was changed. This event is noncritical.
ZSFG-EVT-PROC-CHANGED Event Management ZCOM-TKN-SUBJ-PROC is the name of the Safeguard process ($ZSMP). The value of this token corresponds to the value <1> in the text message. ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP). ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is noncritical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual.
ZSFG-EVT-PROC-KILL Event Management ZCMK-TKN-XFNAME contains the name of the home terminal of the user who made the configuration change. This value corresponds to the value <7> in the text message. Subsystem Action This message is informational only. Recommended Action None. ZSFG-EVT-PROC-KILL The Safeguard SMP detected a running process with the same process name as an enabled event-exit process. The SMP is attempting to kill the process. This event is noncritical.
ZSFG-EVT-PROC-KILL Event Management ZEMS-TKN-EVENTNUMBER is the event number. Its value is ZSFG-EVT-PROC-KILL. ZEMS-TKN-SUBJECT-MARK marks the token that follows it in the event-message buffer as the subject of the event message. In this message, the subject token is ZCOM-TKN-SUBJ-PROC. ZCOM-TKN-SUBJ-PROC is the name of the Safeguard process ($ZSMP). The value of this token corresponds to the value <1> in the text message. ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP).
ZSFG-EVT-EXIT-REPLY-ERROR Event Management ZSFG-EVT-EXIT-REPLY-ERROR The event-exit process returned an error in the message header. This error indicates that the event-exit process had a problem with the request. This event is noncritical.
ZSFG-EVT-EXIT-REPLY-ERROR Event Management ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP). ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is noncritical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual. ZEMS-TKN-CPU ZEMS-TKN-CRTPID ZEMS-TKN-GENTIME ZEMS-TKN-LOGTIME ZEMS-TKN-PIN ZEMS-TKN-SYSTEM ZEMS-TKN-USERID are standard EMS tokens. See the EMS Manual.
ZSFG-EVT-EXIT-REPLY-INV Event Management ZSFG-EVT-EXIT-REPLY-INV The event-exit process returned an invalid message reply. The message header or reply data was invalid. This event is noncritical.
ZSFG-EVT-EXIT-REPLY-INV Event Management ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP). ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is noncritical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual. ZEMS-TKN-CPU ZEMS-TKN-CRTPID ZEMS-TKN-GENTIME ZEMS-TKN-LOGTIME ZEMS-TKN-PIN ZEMS-TKN-SYSTEM ZEMS-TKN-USERID are standard EMS tokens. See the EMS Manual.
ZSFG-EVT-EXIT-REPLY-INV Event Management ZSFG-VAL-SEEPRPLYINV-CHLLNGOB indicates the challenge was too long (out of bounds). ZSFG-VAL-SEEPRPLYINV-PWDRSPOB indicates the password response error message was too long. ZSFG-VAL-SEEPRPLYINV-VERSION indicates the event-exit process was not capable of understanding this message version. ZSFG-VAL-SEEPRPLYINV-PWDRTNOB indicates the password returned was too long (out of bounds). ZSFG-VAL-SEEPRPLYINV-PWDRTNEB indicates the password returned had embedded blanks.
ZSFG-EVT-SMON-LOST-SMP Event Management ZSFG-EVT-SMON-LOST-SMP A Safeguard monitor process cannot determine the next audit file to use because the $ZSMP process is not responding to the request. This event is noncritical.
ZSFG-EVT-SMON-LOST-SMP Event Management ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP). ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is noncritical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual. ZEMS-TKN-CPU ZEMS-TKN-CRTPID ZEMS-TKN-GENTIME ZEMS-TKN-LOGTIME ZEMS-TKN-PIN ZEMS-TKN-SYSTEM ZEMS-TKN-USERID are standard EMS tokens. See the EMS Manual.
ZSFG-EVT-CMON-MISSING Event Management ZSFG-EVT-CMON-MISSING The $ZSMP process attempted to communicate with the $CMON process because the Safeguard configuration setting instructed it to do so. But a process named $CMON could not be found. This event is noncritical.
ZSFG-EVT-CMON-MISSING Event Management ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is noncritical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual. ZEMS-TKN-CPU ZEMS-TKN-CRTPID ZEMS-TKN-GENTIME ZEMS-TKN-LOGTIME ZEMS-TKN-PIN ZEMS-TKN-SYSTEM ZEMS-TKN-USERID are standard EMS tokens. See the EMS Manual. Subsystem Action The Safeguard subsystem recovers from this communication failure based on its configuration setting for CMONERROR.
ZSFG-EVT-VIRT-OBJFILE-DOWN Event Management ZSFG-EVT-VIRT-OBJFILE-DOWN A file-system error was returned on an attempt to access a Safeguard system file on a virtual disk. This event is noncritical.
ZSFG-EVT-VIRT-OBJFILE-DOWN Event Management ZCOM-TKN-SUBJ-PROC is the name of the Safeguard monitor process ($ZSnn, where nn is the CPU number). The value of this token corresponds to the value <1> in the text message. ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP). ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is noncritical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual.
ZSFG-EVT-FILE-LOCKED Event Management Messages” in the Operator Messages Manual.) The error might be on the physical disk indicated by ZFIL-TKN-XFILENAME in this message. ZSFG-EVT-FILE-LOCKED A lock ws detected when the Safeguard monitor process attempted to access the Safeguard system file USERID or LUSERID, or either of these file’s records. The lock can be placed by either the Safeguard manager process or some other process.
ZSFG-EVT-FILE-LOCKED Event Management ZCOM-TKN-SUBJ-PROC is the name of the Safeguard Manager Process ($ZSMP). The value of this token corresponds to the value <1> in the text message. ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP). ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is noncritical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual.
ZSFG-EVT-SEGALLOC-ERR Event Management Subsystem Action The Safeguard monitor process reads through the lock and prints an EMS message. Recommended Action None. ZSFG-EVT-SEGALLOC-ERR The pattern cache encountered a segment allocation error.
ZSFG-EVT-SEGALLOC-ERR Event Management ZCOM-TKN-SUBJ-PROC is the name of the Safeguard Manager Process ($ZSMP). The value of this token corresponds to the value <1> in the text message. ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP). ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is noncritical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual.
ZSFG-EVT-POOLDEFINE-ERR Event Management Recommended Action Follow the recovery action given for the underlying file system error (SEGMENT_ALLOCATE_). Possible recovery may include increasing the amount of free space on the volume; using NSKCOM to specify swap space; or increasing swap space. Use the information provided in the EMS message from <2> and <3>, and compare that information with the SEGMENT_ALLOCATE_ of the Guardian Procedure Calls Reference Manual for guidance on proper recovery.
ZSFG-EVT-POOLDEFINE-ERR Event Management ZEMS-TKN-SUBJECT-MARK marks the token that follows it in the event-message buffer as the subject of the event message. In this message, the subject token is ZCOM-TKN-SUBJ-PROC. ZCOM-TKN-SUBJ-PROC is the name of the Safeguard Manager Process ($ZSMP). The value of this token corresponds to the value <1> in the text message. ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP).
ZSFG-EVT-POOLGETSPACE-ERR Event Management Subsystem Action A file system error occurred while designating a memory pool with the POOL_DEFINE_ procedure in the flat segment. All pattern matching requests will be handled using file system I/O rather than using the application cache. Recommended Action Follow the recovery action given for the underlying file system error (POOL_DEFINE_). This error is not likely to occur, as most errors are caused by programmatic problems, not system resource problems.
ZSFG-EVT-POOLGETSPACE-ERR Event Management ZEMS-TKN-EVENTNUMBER is the event number. Its value is ZSFG-EVT-FILE-LOCKED. ZEMS-TKN-SUBJECT-MARK marks the token that follows it in the event-message buffer as the subject of the event message. In this message, the subject token is ZCOM-TKN-SUBJ-PROC. ZCOM-TKN-SUBJ-PROC is the name of the Safeguard Manager Process ($ZSMP). The value of this token corresponds to the value <1> in the text message.
ZSFG-EVT-POOLGETSPACE-ERR Event Management ZSFG-POOL-ADDR is the pool address. This value corresponds to the value <6> in the text message. Subsystem Action A file system error occurred while requesting space from the memory pool. All pattern matching requests will be handled using file system I/O rather than using the application cache. Recommended Action Follow the recovery action given for the underlying file system error (POOL_GETSPACE_).
ZSFG-EVT-MAX-LIMIT-CON-UA-REQ Event Management ZSFG-EVT-MAX-LIMIT-CON-UA-REQ Indicates the maximum number of concurrent USER_AUTHENTICATE_ requests that can be serviced.
ZSFG-EVT-MAX-LIMIT-CON-UA-REQ Event Management ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is noncritical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual. ZEMS-TKN-CPU ZEMS-TKN-CRTPID ZEMS-TKN-GENTIME ZEMS-TKN-LOGTIME ZEMS-TKN-PIN ZEMS-TKN-SYSTEM ZEMS-TKN-USERID are standard EMS tokens. See the EMS Manual. ZSFG-TKN-MAX-CON-UA-REQ contains the maximum number of concurrent USER_AUTHENTICATE_ requests that can be serviced.
ZSFG-EVT-MAX-CON-UA-REQ-EXCEED Event Management ZSFG-EVT-MAX-CON-UA-REQ-EXCEED The maximum limit for concurrent USER_AUTHENTICATE_ requests was exceeded.
ZSFG-EVT-MAX-CON-UA-REQ-EXCEED Event Management ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is noncritical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual. ZEMS-TKN-CPU ZEMS-TKN-CRTPID ZEMS-TKN-GENTIME ZEMS-TKN-LOGTIME ZEMS-TKN-PIN ZEMS-TKN-SYSTEM ZEMS-TKN-USERID are standard EMS tokens. See the EMS Manual. ZSFG-TKN-MAX-CON-UA-REQUESTS contains the number of concurrent USER_AUTHENTICATE_ requests at the time the maximum limit was exceeded.
ZSFG-EVT-THRESHOLD-CON-UA-REQ Event Management ZSFG-EVT-THRESHOLD-CON-UA-REQ This event occurs when the current number of concurrent USER_AUTHENTICATE_ requests exceeds 80%, 85%, 90%, or 95% of the maximum limit. It indicates the current number of concurrent USER_AUTHENTICATE_ requests and the percentage that was exceeded (80%, 85%, 90%, or 95%).
ZSFG-EVT-THRESHOLD-CON-UA-REQ Event Management ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP). ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is noncritical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual. ZEMS-TKN-CPU ZEMS-TKN-CRTPID ZEMS-TKN-GENTIME ZEMS-TKN-LOGTIME ZEMS-TKN-PIN ZEMS-TKN-SYSTEM ZEMS-TKN-USERID are standard EMS tokens. See the EMS Manual.
ZSFG-EVT-CONUA-BELOW-THRESHOLD Event Management ZSFG-EVT-CONUA-BELOW-THRESHOLD Indicates that the current number of concurrent USER_AUTHENTICATE_ requests is below the threshold of 80% of the maximum limit for concurrent USER_AUTHENTICATE_ requests.
ZSFG-EVT-CONUA-BELOW-THRESHOLD Event Management ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP). ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is noncritical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual. ZEMS-TKN-CPU ZEMS-TKN-CRTPID ZEMS-TKN-GENTIME ZEMS-TKN-LOGTIME ZEMS-TKN-PIN ZEMS-TKN-SYSTEM ZEMS-TKN-USERID are standard EMS tokens. See the EMS Manual.
ZSFG-EVT-INSUFFICIENT-OBI-SIZE Event Management ZSFG-EVT-INSUFFICIENT-OBI-SIZE Indicates that initialization of Safeguard processes failed due to insufficient memory available in the system global region.
ZSFG-EVT-INSUFFICIENT-OBI-SIZE Event Management ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP). ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is noncritical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual. ZEMS-TKN-CPU ZEMS-TKN-CRTPID ZEMS-TKN-GENTIME ZEMS-TKN-LOGTIME ZEMS-TKN-PIN ZEMS-TKN-SYSTEM ZEMS-TKN-USERID are standard EMS tokens. See the EMS Manual.
ZSFG-EVT-CONFIG-EXLVAL Event Management ZSFG-EVT-CONFIG-EXLVAL Indicates that a Safeguard configuration attribute has been altered.
ZSFG-EVT-CONFIG-EXLVAL Event Management ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP). ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is not considered critical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual. ZEMS-TKN-CPU ZEMS-TKN-CRTPID ZEMS-TKN-GENTIME ZEMS-TKN-LOGTIME ZEMS-TKN-PIN ZEMS-TKN-SYSTEM ZEMS-TKN-USERID are standard EMS tokens. See the EMS Manual.
ZSFG-EVT-BAD-HELPER-NAME Event Management ZSFG-EVT-BAD-HELPER-NAME Indicates that the Safeguard helper process was started with a process name other than $ZSTnn (where, nn is the CPU number).
ZSFG-EVT-BAD-HELPER-NAME Event Management ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-TRUE, indicating that this event is critical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual. ZEMS-TKN-CPU ZEMS-TKN-CRTPID ZEMS-TKN-GENTIME ZEMS-TKN-LOGTIME ZEMS-TKN-PIN ZEMS-TKN-SYSTEM ZEMS-TKN-USERID are standard EMS tokens. See the EMS Manual. Subsystem Action The Safeguard helper process does not start. The process is not run. Recommended Action Use the correct process name. Note.
ZSFG-EVT-BAD-PSB Event Management ZSFG-EVT-BAD-PSB Indicates that an error occurred while updating the process attributes of .
ZSFG-EVT-BAD-PSB Event Management ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is not critical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual. ZEMS-TKN-CPU ZEMS-TKN-CRTPID ZEMS-TKN-GENTIME ZEMS-TKN-LOGTIME ZEMS-TKN-PIN ZEMS-TKN-SYSTEM ZEMS-TKN-USERID are standard EMS tokens. See the EMS Manual. ZEMS-TKN-USERNAME contains the user or alias name whose process attributes have been altered.
ZSFG-EVT-PSB-UPDATE-COMPLETE Event Management ZSFG-EVT-PSB-UPDATE-COMPLETE Indicates that Safeguard successfully updated the process attributes of .
ZSFG-EVT-PSB-UPDATE-COMPLETE Event Management ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is not critical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual. ZEMS-TKN-CPU ZEMS-TKN-CRTPID ZEMS-TKN-GENTIME ZEMS-TKN-LOGTIME ZEMS-TKN-PIN ZEMS-TKN-SYSTEM ZEMS-TKN-USERID are standard EMS tokens. See the EMS Manual. ZEMS-TKN-USERNAME contains the user or alias name whose process attributes have been altered.
ZSFG-EVT-HELPER-LOST-SMP Event Management ZSFG-EVT-HELPER-LOST-SMP A Safeguard helper process is not able to determine the next audit file to use because the $ZSMP process is not responding to the request. This event is noncritical.
Event Management ZSPI-TKN-MANAGER is the name of the Safeguard Manager Process ($ZSMP). ZEMS-TKN-EMPHASIS contains the value ZSPI-VAL-FALSE, indicating that this event is noncritical. ZEMS-TKN-CONSOLE-PRINT contains the value ZSPI-VAL-TRUE. See the EMS Manual. ZEMS-TKN-CPU ZEMS-TKN-CRTPID ZEMS-TKN-GENTIME ZEMS-TKN-LOGTIME ZEMS-TKN-PIN ZEMS-TKN-SYSTEM ZEMS-TKN-USERID are standard EMS tokens. See the EMS Manual.
A Error Numbers and Error Lists This appendix lists the Safeguard error numbers and describes the corresponding error lists. Symbolic names for errors begin with ZSFG-ERR-. The Safeguard software returns an error list in the response buffer when it detects an error in the command syntax or command execution. Each error list begins with ZSPITKN-ERRLIST and ends with ZSPI-TKN-ENDLIST. The Safeguard software also sets the return token ZSPI-TKN-RETCODE to the error number to identify the error list.
Error Numbers and Error Lists Error-List Descriptions Error-List Descriptions The Safeguard error lists are described on the following pages.
Error Numbers and Error Lists 22 ZSFG-ERR-AUDITPOOL-NOTCURRENT 23 ZSFG-ERR-AUDITPOOL-CURRENT 24 ZSFG-ERR-AUDITPOOL-NEXT 25 ZSFG-ERR-AUDITPOOL-DIRTY 26 ZSFG-ERR-LU-INUSE 27 ZSFG-ERR-MAX-LUS-DEFINED 28 ZSFG-ERR-CANT-START-CI 29 ZSFG-ERR-ALIASGUARDIANID 30 ZSFG-ERR-ALIASGUARDNAME 31 ZSFG-ERR-ORPHANEDALIAS 32 ZSFG-ERR-GUARDALIASNAME 33 ZSFG-ERR-SEEP-AUTHN-BUSY 34 ZSFG-ERR--SEEP-AUTHZ-BUSY 35 ZSFG-ERR--SEEP-PSWD-BUSY 36 ZSFG-ERR-GROUP-MEMBERS 37 ZSFG-ERR-GROUP-DERIVED 38 ZSFG-ER
Error Numbers and Error Lists 48 ZSFG-ERR-MAX-PROC-EXCEEDED 49 ZSFG-ERR-PROGFILE-NULL 50 ZSFG-ERR-PROGFILE-REQUIRED 51 ZSFG-ERR-PROC-ENABLED 52 ZSFG-ERR-PSWD-QUAL-DENIED 53 ZSFG-ERR-PSWD-QUAL-REJECT 54 ZSFG-ERR-GROUP-SECVIOL 55 ZSFG-ERR-MEMBER-UPDATE 56 ZSFG-ERR-NO-MEMBER-UPDATE 57 ZSFG-ERR-SEL-CMPR-INV 58 ZSFG-ERR-USERID-EXISTS 59 ZSFG-ERR-SEEP-ALREADY-DEFINED 60 ZSFG-ERR-OWNER-NOTSPECIFIED 61 ZSFG-ERR-WARNMODE-OBJTYPE 62 ZSFG-ERR-PAT-BAD-VOLNAME 63 ZSFG-ERR-PAT-MISSING-ALL
Error Numbers and Error Lists 72 ZSFG-ERR-ACL-AUTHORITY-INVALID * 73 ZSFG-ERR-SECURITY-GROUP-INV * 74 ZSFG-ERR-PSWD-MINLEN-GT-MAXLEN 1 75 ZSFG-ERR-PSWD-MINLEN-DES-CLR 1 76 ZSFG-ERR-PSWD-MAXLEN-TOO-BIG 1 77 ZSFG-ERR-PSWD-MAXLEN-TOO-SMALL 1 78 ZSFG-ERR-PSWD-ATTRIB-NEED-HMAC & 79 ZSFG-ERR-PSWD-MAXLEN-LESS-MINLEN & 80 ZSFG-ERR-PSWD-LONG & 81 ZSFG-ERR-COMP-MODE & 82 ZSFG-ERR-PSWD-QUAL-NEED-HMAC 2 83 ZSFG-ERR-PSWD-SPACE-NEED-CMOFF 2 84 ZSFG-ERR-PSWD-MIN-QUAL 2 85 ZSFG-ERR-PSWD-INVALID-
Error Numbers and Error Lists 96 ZSFG-ERR-GROUP-MEMBER-RESTRICT5 97 ZSFG-ERR-CHECK-PROC-MAX-EXCEED6 98 ZSFG-ERR-CHECK-PROC-INVALID6 99 ZSFG-ERR-DISKOWNCHGPROGNOSET7 100 ZSFG-ERR-DISKFILEOWNCHG7 Error-List Descriptions @ Supported only on systems running G06.27 and later G-series RVUs and H06.03 and later H-series RVUs. ^ Supported only on systems running G06.27 and later G-series RVUs and H06.07 and later H-series RVUs. * Supported only on systems running G06.29 and later G-series RVUs and H06.
ZSFG-ERR-SMALLUSERIDFILE Error Numbers and Error Lists ZSFG-ERR-SMALLUSERIDFILE An attempt was made to add default protection for a user, but the user ID file's record size was too small to support default protection. ZSPI-TKN-ERRLIST ZSPI-TKN-ERROR ZCOM-TKN-OBJNAME ZSPI-TKN-ENDLIST token token token token type type type type ZSPI-TYP-LIST ZSPI-TYP-ERROR ZSPI-TYP-STRING ZSPI-TYP-SSCTL Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual.
ZSFG-ERR-INTERNAL Error Numbers and Error Lists step with a system load. If the Safeguard subsystem is not included with system generation, either perform a system load or perform these steps: 1. Stop and start the Safeguard software. 2. Use the PUP DOWN command to bring down all Expand line handlers, and then use PUP UP to bring up all Expand line handlers. 3. Check to determine if any other processes that open the USERID file have not switched: 4> fup listopens $SYSTEM.SYSTEM.
Error Numbers and Error Lists ZSFG-TKN-SFG-ERR is a further definition of the internal error. Probable Cause A programming problem occurred within the Safeguard software. Recommended Action Contact your HP representative.
ZSFG-ERR-SUBJGROUPNUM Error Numbers and Error Lists ZSFG-ERR-SUBJGROUPNUM An attempt was made to ADD USER with a group number in conflict with the existing group name and number. ZSPI-TKN-ERRLIST ZSPI-TKN-ERROR ZCOM-TKN-OBJNAME ZSPI-TKN-ENDLIST token token token token type type type type ZSPI-TYP-LIST ZSPI-TYP-ERROR ZSPI-TYP-STRING ZSPI-TYP-SSCTL Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual.
ZSFG-ERR-SQLOBJECT Error Numbers and Error Lists Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual. Its value consists of the Safeguard subsystem ID and the error number ZSFG-ERRSUBJGROUPNAME. This token is always present in the error list. ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list.
ZSFG-ERR-LICENSENONOBJ Error Numbers and Error Lists Probable Cause An attempt was made to add protection for an SQL disk file. The Safeguard software does not support SQL objects. Recommended Action Consider securing the data base by protecting SUBVOLUMEs or VOLUMEs. ZSFG-ERR-LICENSENONOBJ An attempt was made to license a disk file that was not an object file.
ZSFG-ERR-PROGIDNONOBJ Error Numbers and Error Lists ZSFG-ERR-PROGIDNONOBJ An attempt was made to set the PROGID for a disk file that was an object file. ZSPI-TKN-ERRLIST ZSPI-TKN-ERROR ZCOM-TKN-OBJNAME ZSPI-TKN-ENDLIST token token token token type type type type ZSPI-TYP-LIST ZSPI-TYP-ERROR ZSPI-TYP-STRING ZSPI-TYP-SSCTL Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual.
ZSFG-ERR-SYS-NOT-FOUND Error Numbers and Error Lists Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual. Its value consists of the Safeguard subsystem ID and the error number ZSFG-ERRMAX-ACL-EXCEEDED. This token is always present in the error list. ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list.
ZSFG-ERR-ORPHANED-ACL Error Numbers and Error Lists ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list. Probable Cause During an ADD REMOTEPASSWORD command, the specified system is not part of the network. Recommended Action Correct the system name portion of the object name. ZSFG-ERR-ORPHANED-ACL An attempt was made to add or alter protection, with the resulting ACL denying all owners access.
ZSFG-ERR-NONPERSIST Error Numbers and Error Lists ZSFG-ERR-NONPERSIST An attempt was made to perform the ALTER PROTECTION DISKFILE command, with the PERSISTENT attribute off, but the file did not exist. ZSPI-TKN-ERRLIST ZSPI-TKN-ERROR ZCOM-TKN-OBJNAME ZSPI-TKN-ENDLIST token token token token type type type type ZSPI-TYP-LIST ZSPI-TYP-ERROR ZSPI-TYP-STRING ZSPI-TYP-SSCTL Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual.
ZSFG-ERR-PSWD-DUPLICATE Error Numbers and Error Lists Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual. Its value consists of the Safeguard subsystem ID and the error number ZSFG-ERRPSWD-TOO-SOON. This token is always present in the error list. ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list.
ZSFG-ERR-PSWD-TOO-SHORT Error Numbers and Error Lists Probable Cause An attempt was made to perform the ALTER USER command, specifying the password attribute. The new password was found in the password history. Recommended Action Select a new password that is not in the password history. ZSFG-ERR-PSWD-TOO-SHORT An attempt was made to perform the ALTER USER command, specifying the password attribute. The new password was shorter than the Safeguard attribute PASSWORD-MINIMUM-LENGTH.
ZSFG-ERR-VOL-NONEXISTENT Error Numbers and Error Lists ZSFG-ERR-VOL-NONEXISTENT An attempt was made to perform the ADD PROTECTION DISKFILE command, and the volume in question does not exist, or an attempt was made to add or alter some attribute to a nonexistent volume.
ZSFG-ERR-AUDITFILE-MISSING Error Numbers and Error Lists ZSFG-ERR-AUDITFILE-MISSING An attempt was made to perform the RELEASE AUDIT FILE (FILESET) command, but the audit file in question did not exist. ZSPI-TKN-ERRLIST ZSPI-TKN-ERROR ZCOM-TKN-OBJNAME ZSPI-TKN-ENDLIST token token token token type type type type ZSPI-TYP-LIST ZSPI-TYP-ERROR ZSPI-TYP-STRING ZSPI-TYP-SSCTL Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual.
ZSFG-ERR-AUDITFILE-RLSED Error Numbers and Error Lists Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual. Its value consists of the Safeguard subsystem ID and the error number ZSFG-ERRAUDITFILE-FOREIGN. This token is always present in the error list. ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list.
ZSFG-ERR-AUDITFILE-RLSED Error Numbers and Error Lists Probable Cause An attempt was made to perform the RELEASE AUDIT FILE (FILESET) command, but the audit file had already been released. Recommended Action If necessary, change the reference to the correct audit file ZSFG-ERR-AUDITFILEINUSE An attempt was made to perform the RELEASE AUDIT FILE (FILESET) command, but the audit file was already in use.
ZSFG-ERR-AUDITPOOL-FULL Error Numbers and Error Lists ZSFG-ERR-AUDITPOOL-FULL An attempt was made to perform the NEXTFILE (SWITCH FILESET) command, but the audit pool had no available audit files. ZSPI-TKN-ERRLIST ZSPI-TKN-ERROR ZCOM-TKN-OBJNAME ZSPI-TKN-ENDLIST token token token token type type type type ZSPI-TYP-LIST ZSPI-TYP-ERROR ZSPI-TYP-STRING ZSPI-TYP-SSCTL Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual.
ZSFG-ERR-AUDITPOOL-NOTCURRENT Error Numbers and Error Lists Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual. Its value consists of the Safeguard subsystem ID and the error number ZSFG-ERRAUDITPOOL-MISSING. This token is always present in the error list. ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list.
ZSFG-ERR-AUDITPOOL-CURRENT Error Numbers and Error Lists Probable Cause An attempt was made to execute NEXTFILE (SWITCH FILESET) when the audit pool referenced was not the current audit pool. Recommended Action Change the value of ZCOM-TKN-OBJNAME to that for the current audit pool. You can give it a value of null, which indicates the current audit pool.
ZSFG-ERR-AUDITPOOL-NEXT Error Numbers and Error Lists ZSFG-ERR-AUDITPOOL-NEXT An attempt was made to perform the ALTER SUBSYS command specifying the CURRENT audit pool attribute, when the audit pool in question was already in use as the NEXT audit pool.
ZSFG-ERR-LU-INUSE Error Numbers and Error Lists Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual. Its value consists of the Safeguard subsystem ID and the error number ZSFG-ERRAUDITPOOL-DIRTY. This token is always present in the error list. ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list.
ZSFG-ERR-MAX-LUS-DEFINED Error Numbers and Error Lists Probable Cause An attempt was made to perform the DELETE TERMINAL (LU) command when the terminal definition in question was in the THAWED state. Recommended Action Perform a FREEZE TERMINAL prior to the DELETE TERMINAL. ZSFG-ERR-MAX-LUS-DEFINED An attempt was made to ADD TERMINAL (LU) when the maximum number of terminals have already been defined.
ZSFG-ERR-CANT-START-CI Error Numbers and Error Lists ZSFG-ERR-CANT-START-CI A command interpreter cannot be started. ZSPI-TKN-ERRLIST ZSPI-TKN-ERROR ZCOM-TKN-OBJNAME ZCMK-TKN-NPERR ZCMK-TKN-NPERR ZCMK-TKN-PROC-ORD ZSPI-TKN-ENDLIST token token token token token token token type type type type type type type ZSPI-TYP-LIST ZSPI-TYP-ERROR ZSPI-TYP-STRING ZSPI-TYP-INT ZSPI-TYP-INT ZSPI-TYP-ENUM ZSPI-TYP-SSCTL Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual.
ZSFG-ERR-ALIASGUARDIANID Error Numbers and Error Lists ZSFG-ERR-ALIASGUARDIANID An attempt was made to perform the ADD ALIAS command when the specified USERID token does not exist. ZSPI-TKN-ERRLIST ZSPI-TKN-ERROR ZCOM-TKN-OBJNAME ZSPI-TKN-ENDLIST token token token token type type type type ZSPI-TYP-LIST ZSPI-TYP-ERROR ZSPI-TYP-STRING ZSPI-TYP-SSCTL Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual.
ZSFG-ERR-ORPHANEDALIAS Error Numbers and Error Lists Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual. Its value consists of the Safeguard subsystem ID and the error number ZSFG-ERRALIASGUARDNAME. This token is always present in the error list. ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list.
ZSFG-ERR-GUARDALIASNAME Error Numbers and Error Lists Probable Cause An attempt was made to perform the DELETE USER command when the user has aliases defined for it. Recommended Action Delete all aliases for the user before attempting to delete the user. ZSFG-ERR-GUARDALIASNAME An attempt was made to perform the ADD USER command when the user name already exists as an alias.
ZSFG-ERR-SEEP-AUTHN-BUSY Error Numbers and Error Lists ZSFG-ERR-SEEP-AUTHN-BUSY An attempt was made to enable the event-exit process for authentication when another event-exit process has already been enabled for authentication.
ZSFG-ERR-SEEP-PSWD-BUSY Error Numbers and Error Lists Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual. Its value consists of the Safeguard subsystem ID and the error number ZSFG-ERRSEEP-AUTHZ-BUSY. This token is always present in the error list. ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list. ZCMK-TKN-XPNAME is the process name of the event-exit process.
ZSFG-ERR-GROUP-MEMBERS Error Numbers and Error Lists ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list. ZCMK-TKN-XPNAME is the process name of the event-exit process. This token is always present in the error list. Probable Cause An attempt was made to enable the event-exit process for password quality when another event-exit process has already been enabled for password quality.
ZSFG-ERR-GROUP-DERIVED Error Numbers and Error Lists Recommended Action Use ALTER GROUP to remove all members before attempting to delete the group. ZSFG-ERR-GROUP-DERIVED An attempt was made to remove a member from a group when the group is the member’s administrative group.
ZSFG-ERR-GROUP-PRIMARY Error Numbers and Error Lists ZSFG-ERR-GROUP-PRIMARY An attempt was made to alter a user or alias and set the primary group to a group to which the user or alias does not belong.
ZSFG-ERR-GROUP-MAX Error Numbers and Error Lists ZSFG-ERR-GROUP-MAX An attempt was made add a member to group when the member already belongs to the maximum number of groups. ZSPI-TKN-ERRLIST ZSPI-TKN-ERROR ZCOM-TKN-OBJNAME ZSFG-TKN-GROUPNAME ZSPI-TKN-ENDLIST token token token token token type type type type type ZSPI-TYP-LIST ZSPI-TYP-ERROR ZSPI-TYP-STRING ZSPI-TYP-STRING ZSPI-TYP-SSCTL Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual.
ZSFG-ERR-GROUP-NAME-NOTFOUND Error Numbers and Error Lists Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual. Its value consists of the Safeguard subsystem ID and the error number ZSFG-ERRGROUP-ID-NOTFOUND. This token is always present in the error list. ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list. ZSFG-TKN-GROUPID is the group ID of the group.
ZSFG-ERR-PRI-GROUP-NOTFOUND Error Numbers and Error Lists ZSFG-TKN-GROUPNAME is the name of the group. This token is always present in the error list. Probable Cause An internal error occurred while you were attempting to update a member’s group list. Recommended Action Contact your HP representative. ZSFG-ERR-PRI-GROUP-NOTFOUND An internal error occurred while you were attempting to update a member’s primary group.
ZSFG-ERR-GROUP-ID-EXISTS Error Numbers and Error Lists ZSFG-ERR-GROUP-ID-EXISTS An attempt was made to perform ADD GROUP, but the group number already exists. ZSPI-TKN-ERRLIST ZSPI-TKN-ERROR ZCOM-TKN-OBJNAME ZSFG-TKN-GROUPID ZSPI-TKN-ENDLIST token token token token token type type type type type ZSPI-TYP-LIST ZSPI-TYP-ERROR ZSPI-TYP-STRING ZSPI-TYP-INT2 ZSPI-TYP-SSCTL Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual.
ZSFG-ERR-CANT-START-PROCESS Error Numbers and Error Lists Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual. Its value consists of the Safeguard subsystem ID and the error number ZSFG-ERRGROUP-NAME-EXISTS. This token is always present in the error list. ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list. ZSFG-TKN-GROUPNAME is the name of the group.
ZSFG-ERR-MAX-PROC-EXCEEDED Error Numbers and Error Lists ZCMK-TKN-NPERR is the PROCESS_CREATE_ error code, in two parts, identifying the error. This token is always present in the error list. ZCMK-TKN-PROC-ORD is the procedure ordinal for PROCESS_CREATE_. This token is always present in the error list. Probable Cause PROCESS_CREATE_ returned an error in an attempt to start the event-exit process. Recommended Action Varies depending on the nature of the error.
ZSFG-ERR-PROGFILE-NULL Error Numbers and Error Lists Probable Cause An attempt was made to perform ADD PROCESS, but the maximum number is already defined. Recommended Action Delete an event-exit process before adding a new one. ZSFG-ERR-PROGFILE-NULL An attempt was made to perform ALTER PROCESS to clear the program file name, but the process is enabled.
ZSFG-ERR-PROGFILE-REQUIRED Error Numbers and Error Lists ZSFG-ERR-PROGFILE-REQUIRED An attempt was made to enable the event-exit process, but no program file name has been defined. ZSPI-TKN-ERRLIST ZSPI-TKN-ERROR ZCOM-TKN-OBJNAME ZSPI-TKN-PARM-ERROR ZSPI-TKN-ENDLIST token token token token token type type type type type ZSPI-TYP-LIST ZSPI-TYP-ERROR ZSPI-TYP-STRING ZSPI-TYP-PARM-ERR ZSPI-TYP-SSCTL Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual.
ZSFG-ERR-PSWD-QUAL-DENIED Error Numbers and Error Lists Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual. Its value consists of the Safeguard subsystem ID and the error number ZSFG-ERRPROC-ENABLED. This token is always present in the error list. ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list.
ZSFG-ERR-PSWD-QUAL-REJECT Error Numbers and Error Lists Recommended Action Troubleshoot the event-exit process. ZSFG-ERR-PSWD-QUAL-REJECT The event-exit process rejected as invalid a password that was sent to it.
ZSFG-ERR-GROUP-SECVIOL Error Numbers and Error Lists ZSFG-ERR-GROUP-SECVIOL An internal error occurred while you were attempting to add to a member’s group list. ZSPI-TKN-ERRLIST ZSPI-TKN-ERROR ZCOM-TKN-OBJNAME ZSFG-TKN-GROUPNAME ZSPI-TKN-ENDLIST token token token token token type type type type type ZSPI-TYP-LIST ZSPI-TYP-ERROR ZSPI-TYP-STRING ZSPI-TYP-STRING ZSPI-TYP-SSCTL Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual.
ZSFG-ERR-NO-MEMBER-UPDATE Error Numbers and Error Lists Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual. Its value consists of the Safeguard subsystem ID and the error number ZSFG-ERRMEMBER-UPDATE. This token is always present in the error list. The ZSPI-TKN-ERROR token in the nested error list provides additional details about this event. ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred.
ZSFG-ERR-SEL-CMPR-INV Error Numbers and Error Lists The ZSPI-TKN-ERROR token in the nested error list provides additional details about this event. ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list. Probable Cause An attempt to add or remove one or more members failed because the group list could not be updated. A common problem is lack of available memory. Recommended Action Correct the indicated problem.
ZSFG-ERR-USERID-EXISTS Error Numbers and Error Lists Recommended Action Specify a valid selection expression. ZSFG-ERR-USERID-EXISTS An attempt was made to perform ADD USER, but the specified user ID already exists.
ZSFG-ERR-SEEP-ALREADY-DEFINED Error Numbers and Error Lists ZSFG-ERR-SEEP-ALREADY-DEFINED An attempt was made to add an event-exit-process with a process name that is already in use by another event exit-process.
ZSFG-ERR-WARNMODE-OBJTYPE Error Numbers and Error Lists Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual. Its value consists of the Safeguard subsystem ID and the error number ZSFG-ERRSMALLUSERIDFILE. This token is always present in the error list. ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list.
ZSFG-ERR-PAT-BAD-VOLNAME Error Numbers and Error Lists Probable Cause The warning-mode attribute was specified for an object that is not a disk file, subvolume, volume, subdevice, device, subprocess, or process. Recommended Action Specify the correct type of object, or omit the warning-mode attribute. ZSFG-ERR-PAT-BAD-VOLNAME An ADD command was specified and the volume name of a pattern contained a wildcard.
ZSFG-ERR-PAT-MISSING-ALL Error Numbers and Error Lists ZSFG-ERR-PAT-MISSING-ALL The volume name of a pattern contained a wildcard, the command specified was ALTER/DELETE/FREEZE/INFO/LISTOBJECTS/THAW, or no token ZCOM-TKN-SUB with a ZCOM-VAL-SUB-ALL value was present.
ZSFG-ERR-MAX-CONUAREQ-EXCEEDED Error Numbers and Error Lists Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual. Its value consists of the Safeguard subsystem ID and the error number ZSFG-ERRSMALLUSERIDFILE. This token is always present in the error list. ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list.
ZSFG-ERR-TRUSTNONOBJ Error Numbers and Error Lists Recommended Action Note. This error token is supported only on systems running G06.27 and later G-series RVUs and H-series RVUs. When the maximum limit for concurrent USER_AUTHENTICATE_ requests is reached, wait at least two minutes before issuing the next request. ZSFG-ERR-TRUSTNONOBJ An attempt was made to assign a value to the TRUST attribute of a disk file that is not an object file.
ZSFG-ERR-MAX-OWN-EXCEEDED Error Numbers and Error Lists ZSFG-ERR-MAX-OWN-EXCEEDED An attempt to add or alter a user or alias record failed because the number of owners in the resulting OWNER-LIST would have exceeded the maximum allowed by Safeguard.
ZSFG-ERR-OWNER-LIST-INV-OWNER Error Numbers and Error Lists ZSFG-ERR-OWNER-LIST-INV-OWNER An attempt to add or alter a user or alias record specified a nonexistent user. ZSPI-TKN-ERRLIST ZSPI-TKN-ERROR ZCOM-TKN-OBJNAME ZSPI-TKN-ENDLIST token token token token type type type type ZSPI-TYP-LIST ZSPI-TYP-ERROR ZSPI-TYPE-STRING ZSPI-TYPE-SSCTL Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual.
ZSFG-ERR-OBJECTFCB-DIR-FULL Error Numbers and Error Lists Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual. Its value consists of the Safeguard subsystem ID and the error number ZSFG-ERRDESC-TEXTDATA-INVALID. This token is always present in the error list. ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list.
ZSFG-ERR-PATOBJECTFCB-DIR-FULL Error Numbers and Error Lists ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list. Probable Cause Safeguard cannot open more than 1000 SAFE.GUARD files. Any attempt to issue commands like ADD or INFO that makes Safeguard to open more than 1000 SAFE.GUARD files residing on different disks (including virtual disks), returns this error. Recommended Action None Note.
Error Numbers and Error Lists ZSFG-ERR-ACL-AUTHORITY-INVALID Recommended Action None Note. This error token is supported only on systems running G06.29 and later G-series RVUs and H06.08 and later H-series RVUs. ZSFG-ERR-ACL-AUTHORITY-INVALID An attempt was made to specify the ACL authority for security group.
ZSFG-ERR-PSWD-MINLEN-GT-MAXLEN Error Numbers and Error Lists Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual. Its value consists of the Safeguard subsystem ID and the error number ZSFG-ERRSECURITY-GROUP-INV. This token is always present in the error list. ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list.
ZSFG-ERR-PSWD-MINLEN-DES-CLR Error Numbers and Error Lists ZSFG-TKN-PSWD-MIN-LENGTH is the minimum length of the password. ZSFG-TKN-PSWD-MAX-LENGTH is the maximum length of the password. Probable Cause The PASSWORD-MINIMUM-LENGTH specified is greater than the PASSWORD-MAXIMUM-LENGTH. Recommended Action The PASSWORD-MINIMUM-LENGTH should be less than or equal to the PASSWORD-MAXIMUM-LENGTH. Note. This error token is supported only on systems running G06.31 and later G-series RVUs and H06.
ZSFG-ERR-PSWD-MAXLEN-TOO-BIG Error Numbers and Error Lists ZSFG-TKN-PSWD-MIN-LENGTH is the minimum length of the password. Probable Cause The PASSWORD-MINIMUM-LENGTH specified is greater than eight when PASSWORD-ALGORITHM is DES and PASSWORD-ENCRYPT is OFF. Recommended Action The PASSWORD-ALGORITHM should be HMAC256 and the PASSWORD-ENCRYPT should be ON. Note. This error token is supported only on systems running G06.31 and later G-series RVUs and H06.08 and later H-series RVUs.
Error Numbers and Error Lists ZSFG-ERR-PSWD-MAXLEN-TOO-SMALL Probable Cause An attempt was made to change the Safeguard attribute PASSWORD-MAXIMUM-LENGTH to a value greater than 64. Recommended Action Change the Safeguard attribute PASSWORD-MAXIMUM-LENGTH to a value lesser than or equal to 64. Note. This error token is supported only on systems running G06.31 and later G-series RVUs and H06.08 and later H-series RVUs.
ZSFG-ERR-PSWD-ATTRIB-NEED-HMAC Error Numbers and Error Lists Recommended Action Change the Safeguard attribute PASSWORD-MAXIMUM-LENGTH to a value greater than or equal to eight. Note. This error token is supported only on systems running G06.31 and later G-series RVUs and H06.08 and later H-series RVUs. ZSFG-ERR-PSWD-ATTRIB-NEED-HMAC An attempt was made to change the Safeguard attribute PASSWORD-MAXIMUM-LENGTH, when PASSWORD-ALGORITHM is DES and PASSWORD-ENCRYPT is OFF.
Error Numbers and Error Lists ZSFG-ERR-PSWD-MAXLEN-LESS-MINLEN Recommended Action The PASSWORD-ALGORITHM should be HMAC256 and PASSWORD-ENCRYPT should be ON. Note. This error token is supported only on systems running G06.31 and later G-series RVUs and H06.08 and later H-series RVUs. ZSFG-ERR-PSWD-MAXLEN-LESS-MINLEN An attempt was made to change the value of the Safeguard attribute PASSWORD-MAXIMUM-LENGTH to a value less than PASSWORD-MINIMUM-LENGTH.
ZSFG-ERR-PSWD-LONG Error Numbers and Error Lists Recommended Action The Safeguard attribute PASSWORD-MAXIMUM-LENGTH should be greater than or equal to PASSWORD-MINIMUM-LENGTH. Note. This error token is supported only on systems running G06.31 and later G-series RVUs and H06.08 and later H-series RVUs. ZSFG-ERR-PSWD-LONG An attempt was made to change or set the password to a length greater than the value specified by the PASSWORD-MAXIMUM-LENGTH.
ZSFG-ERR-COMP-MODE Error Numbers and Error Lists ZSFG-ERR-COMP-MODE An attempt was made to change or set the password to a length greater than eight characters, when PASSWORD-COMPATIBILITY-MODE is set to ON. ZSPI-TKN-ERRLIST ZSPI-TKN-ERROR ZCOM-TKN-OBJNAME ZSPI-TKN-ENDLIST token token token token type type type type ZSPI-TYP-LIST ZSPI-TYP-ERROR ZSPI-TYP-STRING ZSPI-TYP-SSCTL Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual.
Error Numbers and Error Lists ZSFG-ERR-PSWD-SPACE-NEED-CMOFF Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual. Its value consists of the Safeguard subsystem ID and the error number ZSFG-ERR-PSWD-QUAL-NEED-HMAC. This token is always present in the error list. ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list.
ZSFG-ERR-PSWD-MIN-QUAL Error Numbers and Error Lists ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list. Probable Cause An attempt was made to change or set the attribute PASSWORD-SPACE-ALLOWED, when PASSWORD-ALGORITHM is DES PASSWORD-ENCRYPT is OFF, or PASSWORD-COMPATIBILITY-MODE is ON.
ZSFG-ERR-PSWD-INVALID-PASS Error Numbers and Error Lists Probable Cause An attempt was made to change or set the attribute PASSWORD-MIN-QUALITY-REQUIRED to a value greater than the number of individual password quality attributes set to ON, or an attempt was made to alter any password quality attribute to OFF, such that the number of individual password quality attributes set to ON is greater than the value of the attribute PASSWORD-MINQUALITY-REQUIRED.
ZSFG-ERR-PSWD-EMBEDDED-SPACE Error Numbers and Error Lists Recommended Action The password must not contain comma (,), semicolon (;), or quote (“). Aliasname and corresponding password must not be in the form (< gid>, < uid>). Note. This error token is supported only on systems running G06.31 and later G-series RVUs and H06.09 and later H-series RVUs. Note. Safeguard returns error if the alias name and password contain only numeric characters and are in the form (< gid>,< uid>).
ZSFG-ERR-PSWD-CRIT-FAIL Error Numbers and Error Lists ZSFG-ERR-PSWD-CRIT-FAIL The password supplied do not meet the minimum password quality criteria. ZSPI-TKN-ERRLIST ZSPI-TKN-ERROR ZCOM-TKN-OBJNAME ZSPI-TKN-ENDLIST token token token token type type type type ZSPI-TYP-LIST ZSPI-TYP-ERROR ZSPI-TYP-STRING ZSPI-TYP-SSCTL Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual.
Error Numbers and Error Lists ZSFG-ERR-PRIVLGNNONOBJ Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual. Its value consists of the Safeguard subsystem ID and the error number ZSFG-ERR-PSWD-DUPLICATE-TKN. This token is always present in the error list. ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list.
ZSFG-ERR-AUDEXCLUDE-MAX-EXCEED Error Numbers and Error Lists Probable Cause An attempt was made to set the PRIV-LOGON attribute to ON for a disk file that is not an object file. Recommended Action None Note. This error token is supported only on systems running H06.11 and later H-series RVUs and G06.32 and later G-series RVUs.
ZSFG-ERR-AUDEXCLUDE-NEED-BOTH Error Numbers and Error Lists ZSFG-ERR-AUDEXCLUDE-NEED-BOTH ZSPI-TKN-ERRLIST ZSPI-TKN-ERROR ZCOM-TKN-OBJNAME ZSPI-TKN-ENDLIST token token token token type type type type ZSPI-TYP-LIST ZSPI-TYP-ERROR ZSPI-TYP-STRING ZSPI-TYP-SSCTL Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual. Its value consists of the Safeguard subsystem ID and the error number ZSFG-ERRAUDEXCLUDE-NEED-BOTH. This token is always present in the error list.
ZSFG-ERR-GROUP-NUMBER-RESTRICT Error Numbers and Error Lists ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list. Probable Cause The values specified by the attribute AUDIT-EXCLUDE-VALUE are not valid for the fieldname specified by AUDIT-EXCLUDE-FIELD. Recommended Action Specify values for the attribute AUDIT-EXCLUDE-VALUE that are valid for the fieldname set by the attribute AUDIT-EXCLUDE-FIELD. Note.
ZSFG-ERR-GROUP-NAME-RESTRICTED Error Numbers and Error Lists Recommended Action To add restricted group, specify the correct group name. To add a file sharing group, specify the group numbers within the range, that is, from 0 through 65535. Note. This error token is supported only on systems running J06.08 and later J-series RVUs and H06.18 and later H-series RVUs.
ZSFG-ERR-GROUP-NUMBER-RESERVED Error Numbers and Error Lists ZSFG-ERR-GROUP-NUMBER-RESERVED ZSPI-TKN-ERRLIST ZSPI-TKN-ERROR ZCOM-TKN-OBJNAME ZSFG-TKN-GROUPID ZSPI-TKN-ENDLIST token token token token token type type type type type ZSPI-TYP-LIST ZSPI-TYP-ERROR ZSPI-TYP-STRING ZSPI-INT2 ZSPI-TYP-SSCTL Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual. Its value consists of the Safeguard subsystem ID and the error number ZSFG-ERRGROUP-NUMBER-RESERVED.
ZSFG-ERR-CHECK-PROC-MAX-EXCEED Error Numbers and Error Lists Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual. Its value consists of the Safeguard subsystem ID and the error number ZSFG-ERRGROUP-MEMBER-RESTRICT. This token is always present in the error list. ZCOM-TKN-OBJNAME is the first object name provided with the command on which the error occurred. This token is always present in the error list. ZSFG-TKN-GROUPNAME is the name of the group.
ZSFG-ERR-CHECK-PROC-INVALID Error Numbers and Error Lists ZSFG-TKN-MAX-CHECKPROCESSVAL is the maximum number of values that can be specified for the field CHECKPROCESS-OPERATION. Probable Cause An attempt was made to set more than three values to the CHECK-PROCESSOPERATION attribute. Recommended Action Ensure that the CHECK-PROCESS-OPERATION attribute does not have more than three values set. Note. This error token is supported only on systems running J06.10 and later J-series RVUs and H06.
ZSFG-ERR-DISKOWNCHGPROGNOSET Error Numbers and Error Lists ° ALTPRI Note. This error token is supported only on systems running J06.10 and later J-series RVUs and H06.21 and later H-series RVUs. ZSFG-ERR-DISKOWNCHGPROGNOSET ZSPI-TKN-ERRLIST ZSPI-TKN-ERROR ZCOM-TKN-OBJNAME ZSPI-TKN-ENDLIST token token token token type type type type ZSPI-TYP-LIST ZSPI-TYP-ERROR ZSPI-TYP-STRING ZSPI-TYP-SSCTL Tokens ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual.
ZSFG-ERR-DISKFILEOWNCHG Error Numbers and Error Lists ZSFG-ERR-DISKFILEOWNCHG ZSPI-TKN-ERRLIST ZSPI-TKN-ERROR ZCOM-TKN-OBJNAME ZSPI-TKN-ENDLIST token token token token type type type type ZSPI-TYP-LIST ZSPI-TYP-ERROR ZSPI-TYP-STRING ZSPI-TYP-SSCTL ZSPI-TKN-ERROR is the standard SPI error token, as described in the SPI Programming Manual. Its value consists of the Safeguard subsystem ID and the error number ZSFG-ERRDISKFILEOWNCHG. This token is always present in the error list.
Error Numbers and Error Lists -19: ZCOM-ERR-OBJNAME-INV -22: ZCOM-ERR-SECUR-VIOL -23: ZCOM-ERR-SPI-ERR -24: ZCOM-ERR-SSID-INV -26: ZCOM-ERR-TKN-CODE-INV -27: ZCOM-ERR-TKN-DUP -28: ZCOM-ERR-TKN-LEN-INV -29: ZCOM-ERR-TKN-REQ -30: ZCOM-ERR-TKN-VAL-INV -32: ZCOM-ERR-VSN-INCOMP -33: ZCOM-ERR-EMPT-RSP -35: ZCOM-ERR-CNTXT-CODE-INV -36: ZCOM-ERR-TKN-CNTXT-VAL-INV Safeguard Errors These errors are described in detail in the SPI Common Extensions Manual.
B Example of Sharing a Binary Description Field The binary description field associated with a user or alias authentication record can be shared among multiple vendors. The field structure provides subfields for a vendor-ID, length, and data. Vendors must cooperate on the use of this field. HP assigns and maintains vendor IDs. Following is an example of code for sharing a user/alias binary description field among multiple vendors. Note. The binary description field is supported only on systems running G06.
Example of Sharing a Binary Description Field strcpy(&v[0].info[2], "Safeguard Subsystem - T9750"); /* v[0] will contain nonprintable data. */ BinaryBuf.length = sizeof(struct vendor); sprintf(BinaryBuf.string,"%s%d%s", v[0].ssid, v[0].length, v[0].info); 2. Add the binary description field to the user/alias record using an SPI procedure. For example: SSPUTTKN (spibuf, tok, (char*)value,,(short*)&sfg_ssid); where is the SPI buffer to be sent. is the binary description token ZSFG-TKN-DESC_BIN.
Example of Sharing a Binary Description Field c. ALTER the user/alias record with the binary description field by using an SPI procedure. For example: SSPUTTKN (spibuf, tok, (char*)value ,, (short*)&sfg_ssid); where spibuf is the SPI buffer to be sent. tok is the binary description token ZSFG-TKNDESC_BIN. value is the structure (BinaryBuf) to be stored in the binary description record. sfg_ssid is the Safeguard subsystem ID.
Example of Sharing a Binary Description Field Safeguard Management Programming Manual—422086-028 B-4
Glossary This glossary defines terms used in this manual and in related manuals for Distributed Systems Management. action command. A command that results in action on an object, as opposed to retrieval of information. See also information command. action event. An event that requires operator action to resolve. Each subsystem determines what events are action events by including a unique EMS token in the event message.
command number Glossary command number. A number that represents a particular command to a subsystem. Each subsystem or management process with a token-oriented programmatic interface can have its own set of command numbers, which are represented in DDL by constants and in programs by TAL literals or defines, COBOL level-01 variables, C #defines, or TACL text variables. The command number is a header token in command and response messages. compatibility.
context-sensitive server Glossary context-sensitive server. A server that retains information about previous processing. For instance, in performing a command on a list of objects, a context-sensitive subsystem might retain, between response messages, the name of the object it last processed. Context-sensitive servers limit or complicate the requester’s ability to interrupt or abandon the continuation of a series of response messages. context token.
current position Glossary current position. The location in the SPI buffer of the token whose token code, token value, or attribute has just been retrieved. Scans for the next token code (with the operations ZSPI-TKN-NEXTCODE and ZSPI-TKN-NEXTTOKEN) begin at the current position but always return a token code beyond the current position. See also next position and initial position. current token. The token in the current position. See current position. data communications standard definitions.
Distributed Name Service Glossary Distributed Name Service. A subsystem for the NonStop server that manages a distributed database of names. It allows you to store in your database the names (and aliases) of system and network objects, facts about their relationships, and instructions for replicating name definitions on remote nodes. The completed database, which you update as needed to reflect configuration changes, is an online resource to operators and management applications.
end-list token Glossary end-list token. A syntax token that ends a list. SPI defines a single end-list token, whose token code is ZSPI-TKN-ENDLIST. See also list token and syntax token. enumerated type. A 16-bit signed data type that has one of a specified list of values with designated meanings. The enumerated type is one of the standard token data types defined by SPI, but the list of acceptable values and what they mean varies depending on the token number and is defined by the subsystem. error.
event message Glossary event message. In programmatic interfaces based on SPI, a special kind of SPI message that describes an event occurring in the system or network. extensible structure. A structure declared for the value of an extensible structured token. See extensible structured token. Compare to fixed structure. extensible structured token. A token consisting of a token code and a value that is an extensible structure.
header token Glossary header token. A special kind of token that provides information pertaining to the SPI message as a whole. The header tokens are typically items common to all or most messages of a specific kind.
Linkage Section Glossary subsystem defines an is-present field referring to the contents of another field only if no null value can be recognized because every value that can fit in the other field is meaningful to the subsystem. Linkage Section. The SCREEN COBOL source program section that describes the structure of parameter data passed to a SCREEN COBOL subprogram by a CALL statement. See extras. list.
maximum field version Glossary maximum field version. In an SPI message, the latest version associated with any non-null field of any extensible structured token in the message. The maximum field version of the SPI message is contained in a header token. It corresponds to the version of the oldest server or requester that can successfully process the message. message. A block of information, usually in the form of a structure, that is sent from one process to another. See also SPI message. message buffer.
object Glossary made no explicit assignment to that field after calling the SSNULL procedure to initialize the structure. object. In SPI, an entity subject to independent reference and control by a subsystem; for example, the disk file $DATA or the data communications line $X2502. An object typically has a name and a type known to the controlling subsystem. In DDL, an item in a dictionary. DDL assigns each object a unique object number for identification. object-name template.
pass-through error Glossary object-name tokens, and subsystem-control tokens. See also syntax token. In event management, a token representing a parameter passed by an application to an eventmessage filter. These tokens are kept in a parameter buffer. For more information, see the EMS Manual. pass-through error. An error originally reported by one subsystem or system component but included in a response record produced by another subsystem.
qualified token code Glossary qualified token code. A token code that includes a subsystem ID. requester version. The software revision level of the definition files used in the compilation of a requester. Each subsystem has its own definitions, so the requester version can differ in requests to different subsystems. response. The information or confirmation supplied by a subsystem in reaction to a command.
sensitive command Glossary sensitive command. A command that can be issued only by a restricted set of users, such as the super group, because the subsystem restricts access to the command. For data communications subsystems, the sensitive commands are those that can change the state or configuration of objects. So for these subsystems, the sensitive commands are also action commands. See also nonsensitive command. server version.
SPI definitions Glossary codes for SSPUT are examples of SPI control codes. An SPI control code is a kind of special operation. See special operation. SPI definitions. See SPI standard definitions. SPI error number. A number that indicates whether a call to an SPI procedure completed successfully and why it failed if it did. This number is returned in the status parameter on calls to the SPI procedures. The SPI error number does not reflect the success or failure of a command.
Glossary status server, status collection server status server, status collection server. A server that gathers data. HP provides a default status server. You can write and configure additional status servers to augment or replace the functionality of the default status server. Typically, a status server issues programmatic commands to subsystems to find out how many or how much of some resource is available—for example, how many network nodes are available or how many terminals are up.
subsystem-control token Glossary subsystem-control token. A parameter token that influences how a subsystem performs a command. For instance, the standard SPI token ZSPI-TKN-ALLOW-TYPE, supported by some subsystems, is a subsystem-control token. It determines under what conditions the subsystems continue command processing on the next object in a sequence if errors or warnings occur. See also response-control token. subsystem definitions.
symbolic name Glossary to states. Examples of summary states are STARTED, STOPPED, SUSPENDED, ABORTING, and DIAGNOSTIC. symbolic name. A name used in programs to refer to a value or a variable. HP provides definition files that declare symbolic names for values, token codes, token maps, extensible structures, and other related variables used in management applications. syntax token. A token whose function is not to provide information for a command or response but to bracket or group other tokens.
token number Glossary token number. The number used by a subsystem to identify each kind of token that it defines. The token type and the token number together form the token code. token-oriented. Said of a programmatic interface that conveys information as a series of code-value pairs accessed by code rather than by address or ordinal position. SPI is used by application programs and subsystems to provide a token-oriented programmatic interface. token type.
warning Glossary Safeguard Management Programming Manual—422086-028 Glossary-20
Index A Action events 8-1 ACTIVATE ALIAS command 7-3 ACTIVATE PROTECTIONRECORD command 7-5 ACTIVATE TERMINAL (LU) command 7-7 ACTIVATE USER command 7-9 ADD ALIAS command 7-11 ADD AUDIT POOL command 7-25 ADD EVENT-EXIT-PROCESS command 7-28 ADD GROUP command 7-33 ADD PROTECTIONRECORD command 7-38 ADD REMOTEPASSWORD command 7-47 ADD TERMINAL (LU) command 7-50 ADD USER command 7-54 Alias authentication records adding 7-11 altering 7-69 deleting 7-135 obtaining information 7-153 suspending 7-217 Alias names, lis
C Index ALTER EVENT-EXIT-PROCESS command 7-80 ALTER GROUP command 7-84 ALTER PROTECTIONRECORD command 7-89 ALTER REMOTEPASSWORD command 7-94 ALTER SUBSYSTEM command 7-100 ALTER TERMINAL command 7-124 ALTER USER command 7-130 DELETE ALIAS command 7-135 DELETE AUDIT POOL command 7-137 DELETE EVENT-EXIT-PROCESS command 7-139 DELETE GROUP command 7-143 DELETE PROTECTIONRECORD command 7-141 DELETE REMOTEPASSWORD command 7-145 DELETE TERMINAL command 7-147 DELETE USER command 7-149 GETVERSION command 7-151 INFO
D Index DELETE GROUP 7-143 DELETE PROTECTIONRECORD 7-141 DELETE REMOTEPASSWORD 7-145 DELETE TERMINAL (LU) 7-147 DELETE USER 7-149 description of 7-1 discontinuing 5-2 GETVERSION 7-151 INFO ALIAS 7-153 INFO AUDIT POOL 7-159 INFO EVENT-EXIT-PROCESS (PROC) 7-161 INFO GROUP 7-164 INFO PROTECTIONRECORD 7-168 INFO REMOTEPASSWORD 7-173 INFO SUBSYSTEM 7-177 INFO TERMINAL (LU) 7-183 INFO USER 7-186 LISTOBJECTS 7-192 LISTOBJECTS ALIAS 7-194 LISTOBJECTS USER 7-196 LISTOPENS 7-198 NEXTFILE 7-201 notation used to desc
E Index ZSFG-ERR-AUDITFILEFOREIGN A-20 ZSFG-ERR-AUDITFILE-INUSE A-22 ZSFG-ERR-AUDITFILEMISSING A-20 ZSFG-ERR-AUDITFILE-RLSED A-21 ZSFG-ERR-AUDITPOOLCURRENT A-25 ZSFG-ERR-AUDITPOOL-DIRTY A-26 ZSFG-ERR-AUDITPOOL-FULL A-23 ZSFG-ERR-AUDITPOOLMISSING A-23 ZSFG-ERR-AUDITPOOL-NEXT A-26 ZSFG-ERR-AUDITPOOLNOTCURRENT A-24 ZSFG-ERR-CANT-START-CI A-29 ZSFG-ERR-CANT-STARTPROCESS A-42 ZSFG-ERR-COMP-MODE A-70 ZSFG-ERR-GROUP-DERIVED A-36 ZSFG-ERR-GROUP-ID-EXISTS A-41 ZSFG-ERR-GROUP-IDNOTFOUND A-38 ZSFG-ERR-GROUP-MAX A-38
E Index ZSFG-ERR-SMALLUSERIDFILE A-7 ZSFG-ERR-SQLOBJECT A-11 ZSFG-ERR-SUBJGROUPNAME A-10 ZSFG-ERR-SUBJGROUPNUM A-10 ZSFG-ERR-SYS-NOT-FOUND A-14 ZSFG-ERR-USERID-EXISTS A-51 ZSFG-ERR-VOL-NONEXISTENT A-19 ZSFG-ERR-WARNMODEOBJTYPE A-53 Errors COM-ERR-OBJNAME-INV ALTER REMOTEPASSWORD command 7-95 Errors ZCOM-ERR-AUDITFILE-FOREIGN RELEASE AUDIT FILE command 7-204 Errors ZCOM-ERR-AUDITFILE-INUSE RELEASE AUDIT FILE command 7-204 Errors ZCOM-ERR-AUDITFILE-MISSING RELEASE AUDIT FILE command 7-204 Errors ZCOM-ERR-AU
E Index STATUS SUBSYSTEM command 7-212 STATUS USER command 7-214 STOP command 7-215 SUSPEND ALIAS command 7-218 SUSPEND PROTECTIONRECORD command 7-219 SUSPEND TERMINAL command 7-221 SUSPEND USER command 7-224 Errors ZCOM-ERR-internal ALTER AUDIT POOL command 7-79 INFO AUDIT POOL command 7-160 RELEASE AUDIT FILE command 7-204 Errors ZCOM-ERR-LEN-INV ADD ALIAS command 7-22 ADD PROTECTIONRECORD command 7-45 ADD REMOTEPASSWORD command 7-49 ADD USER command 7-65 ALTER ALIAS command 7-75 ALTER PROTECTIONRECORD
E Index STATUS PROTECTIONRECORD command 7-210 STATUS SUBSYSTEM command 7-212 STATUS USER command 7-214 STOP command 7-216 SUSPEND ALIAS command 7-218 SUSPEND PROTECTIONRECORD command 7-220 SUSPEND TERMINAL command 7-221 SUSPEND USER command 7-224 Errors ZCOM-ERR-OBJNAME-INV ACTIVATE ALIAS command 7-4 ACTIVATE PROTECTIONRECORD command 7-6 ACTIVATE USER command 7-10 ADD ALIAS command 7-22 ADD EVENT-EXIT-PROCESS command 7-31 ADD GROUP command 7-36 ADD PROTECTIONRECORD command 7-44 ADD REMOTEPASSWORD command
E Index ALTER PROTECTIONRECORD command 7-92 ALTER REMOTEPASSWORD command 7-95 ALTER TERMINAL command 7-125 ALTER USER command 7-132 DELETE ALIAS command 7-136 DELETE AUDIT POOL command 7-138 DELETE EVENT-EXIT-PROCESS command 7-140 DELETE GROUP command 7-144 DELETE PROTECTIONRECORD command 7-142 DELETE REMOTEPASSWORD command 7-146 DELETE TERMINAL command 7-148 DELETE USER command 7-150 INFO ALIAS command 7-158 INFO AUDIT POOL command 7-160 INFO EVENT-EXIT-PROCESS command 7-162 INFO PROTECTIONRECORD command
E Index INFO PROTECTIONRECORD command 7-172 INFO REMOTEPASSWORD command 7-174 INFO SUBSYSTEM command 7-182 INFO TERMINAL command 7-184 INFO USER command 7-191 NEXTFILE command 7-202 RELEASE AUDIT FILE command 7-204 START TERMINAL command 7-206 STOP command 7-216 SUSPEND ALIAS command 7-218 SUSPEND PROTECTIONRECORD command 7-220 SUSPEND TERMINAL command 7-222 SUSPEND USER command 7-224 Errors ZCOM-ERR-SMALLUSERIDFILE ALTER ALIAS command 7-75 Errors ZCOM-ERR-SPI-ERR ACTIVATE ALIAS command 7-4 ACTIVATE PROTE
E Index ADD PROTECTIONRECORD command 7-45 ADD REMOTEPASSWORD command 7-49 ADD TERMINAL command 7-52 ADD USER command 7-65 ALTER ALIAS command 7-74 ALTER EVENT-EXIT-PROCESS command 7-81 ALTER PROTECTIONRECORD command 7-92 ALTER REMOTEPASSWORD command 7-95 ALTER SUBSYSTEM command 7-123 ALTER TERMINAL command 7-125 ALTER USER command 7-132 DELETE ALIAS command 7-137 DELETE AUDIT POOL command 7-138 DELETE EVENT-EXIT-PROCESS command 7-140 DELETE PROTECTIONRECORD command 7-142 DELETE REMOTEPASSWORD command 7-14
E Index DELETE ALIAS command 7-136 DELETE AUDIT POOL command 7-138 DELETE EVENT-EXIT-PROCESS command 7-140 DELETE PROTECTIONRECORD command 7-142 DELETE REMOTEPASSWORD command 7-146 DELETE TERMINAL command 7-148 DELETE USER command 7-150 INFO ALIAS command 7-158 INFO EVENT-EXIT-PROCESS command 7-163 INFO PROTECTIONRECORD command 7-172 INFO REMOTEPASSWORD command 7-174 INFO SUBSYSTEM command 7-182 INFO TERMINAL command 7-184 INFO USER command 7-191 LISTOBJECTS ALIAS command 7-195 LISTOBJECTS command 7-193 L
E Index Errors ZCOM-ERR-TKN-SSID-INV SUSPEND PROTECTIONRECORD command 7-220 Errors ZCOM-ERR-TKN-VAL-INV ADD ALIAS command 7-22 ADD EVENT-EXIT-PROCESS command 7-32 ADD GROUP command 7-36 ADD TERMINAL command 7-53 ALTER EVENT-EXIT-PROCESS command 7-82 ALTER GROUP command 7-86 ALTER TERMINAL command 7-126 Errors ZCOM-ERR-VAL-INV ADD PROTECTIONRECORD command 7-45 ADD USER command 7-65 ALTER ALIAS command 7-75 ALTER PROTECTIONRECORD command 7-92 ALTER REMOTEPASSWORD command 7-96 ALTER SUBSYSTEM command 7-123 A
E Index Errors ZSFG-ERR-CANT-STARTPROCESS ADD EVENT-EXIT-PROCESS command 7-32 ALTER EVENT-EXIT-PROCESS command 7-82 Errors ZSFG-ERR-GROUP-DERIVED ALTER GROUP command 7-86 Errors ZSFG-ERR-GROUP-ID-EXISTS ADD GROUP command 7-36 Errors ZSFG-ERR-GROUP-ID-NOTFOUND ADD GROUP command 7-37 ALTER GROUP command 7-86 Errors ZSFG-ERR-GROUP-MAX ADD GROUP command 7-36 ALTER GROUP command 7-86 Errors ZSFG-ERR-GROUP-MEMBERS DELETE GROUP command 7-144 Errors ZSFG-ERR-GROUP-NAME-EXISTS ADD GROUP command 7-36 Errors ZSFG-ER
E Index ADD PROTECTIONRECORD command 7-46 Errors ZSFG-ERR-PAT-MISSING-ALL ALTER PROTECTIONRECORD command 7-93 Errors ZSFG-ERR-PROC-ENABLED DELETE EVENT-EXIT-PROCESS command 7-140 Errors ZSFG-ERR-PROGFILE-NULL ALTER EVENT-EXIT-PROCESS command 7-82 Errors ZSFG-ERR-PROGFILE-REQUIRED ADD EVENT-EXIT-PROCESS command 7-32 ALTER EVENT-EXIT-PROCESS command 7-82 Errors ZSFG-ERR-PROGIDNONOBJ ADD PROTECTIONRECORD command 7-45 Errors ZSFG-ERR-PSWD-QUAL-DENIED ADD ALIAS command 7-23 ADD USER command 7-67 ALTER ALIAS co
F Index ADD PROTECTIONRECORD command 7-46 ErrorsZCOM-ERR-SPI-ERR ADD REMOTEPASSWORD command 7-48 ADD TERMINAL command 7-52 ADD USER command 7-65 ALTER ALIAS command 7-74 ALTER EVENT-EXIT-PROCESS command 7-81 ALTER PROTECTIONRECORD command 7-92 ALTER REMOTEPASSWORD command 7-95 ALTER TERMINAL command 7-125 Event exit deleting 7-139 Info 7-161 Event management 8-1 Event management strategy 8-1 Event messages 8-1 buffer size for 8-3 console-compatible-format text of 8-14 definitions for 6-1 displayed on oper
M Index Lists in event messages 8-3 LU Add 7-50 Alter 7-124 deleting 7-147 Info 7-183 M Management applications See Applications Management programming 2-1 N Network-management applications See Applications NEXTFILE command 7-201 O Object names, listing 7-192 Object protection records, suspending 7-219 Object types, listing 7-192 Objects, obtaining version information 7-151 P Processes Safeguard Security manager process 8-1 Safeguard Security monitor process 8-1 Programmatic interfaces, advantages of
S Index ALTER REMOTEPASSWORD command 7-94 ALTER SUBSYSTEM command 7-122 ALTER TERMINAL command 7-124 DELETE ALIAS command 7-136 DELETE AUDIT POOL command 7-137 DELETE EVENT-EXIT-PROCESS command 7-139 DELETE GROUP command 7-143 DELETE PROTECTIONRECORD command 7-141 DELETE REMOTEPASSWORD command 7-145 DELETE TERMINAL command 7-147 DELETE USER command 7-149 GETVERSION command 7-151 INFO ALIAS command 7-156 INFO AUDIT POOL command 7-160 INFO GROUP command 7-165 INFO REMOTEPASSWORD command 7-173 INFO SUBSYSTEM
T Index Syntax elements extensible structured tokens 4-7 field types 4-8 object names 4-2 object types 4-2 predefined value names 4-7 simple tokens 4-7 token types 4-7 T Terminal definition records, suspending 7-221 Tokens order of in event messages 8-13 use in SPI 4-1 ZCMK-TKN-FILE-ROLE 8-42 ZCMK-TKN-FSERR 8-59, 8-61 ZCMK-TKN-XFNAME 8-42, 8-52, 8-59, 8-61 ZCMK-TKN-XPNAME 8-21 ZCOM-TKN-OBJNAME 8-46, 8-52 ZFIL-TKN-XFILENAME 8-59, 8-61 ZSFG-TKN-AUDITSTATE 8-10, 8-27, 8-30, 8-33 ZSFG-TKN-CHANGED-TNM 8-10, 8
T Index Tokens ZSFG-MAP-REMOVE-ACCESS ALTER PROTECTIONRECORD command 7-90 Tokens ZSFG-MAP-REMOVE-DF-ACCESS ALTER ALIAS command 7-72 ALTER USER command 7-130 Tokens ZSFG-MAP-REMOVE-OWNERS ALTER ALIAS command 7-73 ALTER USER command 7-131 Tokens ZSFG-MAP-USERID ADD ALIAS command 7-14 ADD USER command 7-57 Tokens ZSFG-TKN-ACL-REQUIREDDEVICE ALTER SUBSYSTEM command 7-102 Tokens ZSFG-TKN-ACL-REQUIREDDISKFILE ALTER SUBSYSTEM command 7-103 Tokens ZSFG-TKN-ACL-REQUIREDPROCESS ALTER SUBSYSTEM command 7-103 Tokens
T Index ADD USER command 7-60 Tokens ZSFG-TKN-AUDIT-OBJECT-ACCFAIL ALTER SUBSYSTEM command 7-106 Tokens ZSFG-TKN-AUDIT-OBJECT-ACCPASS ALTER SUBSYSTEM command 7-106 Tokens ZSFG-TKN-AUDIT-OBJECT-MANFAIL ALTER SUBSYSTEM command 7-105 Tokens ZSFG-TKN-AUDIT-OBJECT-MANPASS ALTER SUBSYSTEM command 7-105 Tokens ZSFG-TKN-AUDIT-PROC-ACCFAIL ALTER SUBSYSTEM command 7-106 Tokens ZSFG-TKN-AUDIT-PROC-ACCPASS ALTER SUBSYSTEM command 7-106 Tokens ZSFG-TKN-AUDIT-PROC-MANFAIL ALTER SUBSYSTEM command 7-105 Tokens ZSFG-TKN-A
T Index ADD ALIAS command 7-20 ADD TERMINAL command 7-51 ADD USER command 7-63 ALTER SUBSYSTEM command 7-107 Tokens ZSFG-TKN-CI-XFNAME ADD ALIAS command 7-20 ADD TERMINAL command 7-50 ADD USER command 7-63 ALTER SUBSYSTEM command 7-107 Tokens ZSFG-TKN-CLEARONPURGE ADD PROTECTIONRECORD command 7-40 ALTER SUBSYSTEM command 7-103 Tokens ZSFG-TKN-CMON-ERROR ALTER SUBSYSTEM command 7-107 Tokens ZSFG-TKN-CMON-TIMEOUT ALTER SUBSYSTEM command 7-107 Tokens ZSFG-TKN-COMBINATIONDEVICE ALTER SUBSYSTEM command 7-102 T
T Index ALTER SUBSYSTEM command 7-102 Tokens ZSFG-TKN-ENABLED ADD EVENT-EXIT-PROCESS command 7-29 Tokens ZSFG-TKN-ENA-SEEP-AUTHN ADD EVENT-EXIT-PROCESS command 7-29 Tokens ZSFG-TKN-ENA-SEEP-AUTHZ ADD EVENT-EXIT-PROCESS command 7-29 Tokens ZSFG-TKN-ENA-SEEP-PSWD ADD EVENT-EXIT-PROCESS command 7-29 Tokens ZSFG-TKN-EOFREFRESH ALTER SUBSYSTEM command 7-108 Tokens ZSFG-TKN-FROZEN ADD ALIAS command 7-16 ADD PROTECTIONRECORD command 7-41 ADD TERMINAL command 7-51 ADD USER command 7-59 Tokens ZSFG-TKN-GROUPID INF
T Index ADD USER command 7-63 Tokens ZSFG-TKN-PROGTYPE ADD ALIAS command 7-20 ADD USER command 7-63 Tokens ZSFG-TKN-PROG-FNAME ADD EVENT-EXIT-PROCESS command 7-29 Tokens ZSFG-TKN-PSWD-EXPIRES ADD ALIAS command 7-16 ADD USER command 7-59 Tokens ZSFG-TKN-PSWD-EXPIRYGRACE ADD ALIAS command 7-19 ADD USER command 7-62 ALTER SUBSYSTEM command 7-106 Tokens ZSFG-TKN-PSWD-HISTORY ALTER SUBSYSTEM command 7-101 Tokens ZSFG-TKN-PSWD-MAY-CHANGE ALTER SUBSYSTEM command 7-101 Tokens ZSFG-TKN-PSWD-MAY-CHANGEDATE INFO ALI
U Index ALTER SUBSYSTEM command 7-109 Tokens ZSFG-TKN-WARN-SYSTEMLEVEL ALTER SUBSYSTEM command 7-109 Tokens ZSFG-TKNWRITETHROUGHCACHE ALTER SUBSYSTEM command 7-108 Tokens ZSPI-TKN-CONTEXT INFO GROUP command 7-166 Tokens ZSPI-TKN-RETCODE ADD PROTECTIONRECORD command 7-44 Tokens ZSPI-TKN-SERVER-BANNER GETVERSION command 7-151 U User authentication records adding 7-54 altering 7-127 deleting 7-149 obtaining information 7-186 suspending 7-223 User names, listing 7-196 User, obtaining status information 7-213
Z Index ZSPI-TKN-RETCODE ACTIVATE ALIAS command 7-4 ACTIVATE PROTECTIONRECORD command 7-6 ACTIVATE TERMINAL command 7-8 ACTIVATE USER command 7-10 ADD ALIAS command 7-21 ADD AUDIT POOL command 7-26 ADD EVENT-EXIT-PROCESS command 7-30 ADD GROUP command 7-36 ADD REMOTEPASSWORD command 7-48 ADD TERMINAL command 7-51 ADD USER command 7-64 ALTER ALIAS command 7-74 ALTER AUDIT POOL command 7-79 ALTER EVENT-EXIT-PROCESS command 7-81 ALTER GROUP command 7-85 ALTER PROTECTIONRECORD command 7-91 ALTER REMOTEPASSWOR
Special Characters Index Special Characters $ZSMP openers, listing 7-198 Safeguard Management Programming Manual—422086-028 Index-26
