XYGATE Access Control Reference Manual
XYGATE
®
Access Control Reference Manual
Appendix A: The ACCONF File
XYPRO Technology Corporation 103 Proprietary and Confidential
A13: EMS_CRITICAL_IF_DENIED
This keyword causes XAC to set the critical flag on an EMS audit message that reports
an attempt by a user to execute an unauthorized ACACL Command Entry. This
keyword only applies when at least one of the AUDIT entries points to EMS. Having
the critical flag set can affect the behavior of some EMS management products.
Syntax:
EMS_CRITICAL_IF_DENIED { ON | OFF }
Example:
EMS_CRITICAL_IF_DENIED ON
In this example, the EMS_CRITICAL_IF_DENIED flag is set to ON, so any time a user
attempts to access a command for which he or she is not authorized, the audit
message written to EMS will have the critical flag set.
This value can be overridden by the value in the individual ACACL Command Entry.
A14: HIGHPIN
When the XYPRO keyword HIGHPIN is set to ON, it causes XAC to start all processes
as NonStop-HIGHPIN Processes; that is, with a Process Identifier Number (PIN)
greater than 255. The LOWPIN keyword in the ACACL Command Entry will override
this parameter for the command which contains the keyword.
The default value is HIGHPIN OFF.
Syntax:
HIGHPIN { ON | OFF }
Example:
HIGHPIN ON
Note: There is no method available for XAC to determine whether or not an object file
can execute as a NonStop-HIGHPIN Process. XAC will start objects that are not
HIGHPIN compatible as a NonStop-LOWPIN Process, if the ACACL Command
Entry contains the HIGHPIN keyword, or the ACCONF file has the HIGHPIN
keyword to indicate that all processes should be started as a NonStop-HIGHPIN
Process.
If the HIGHPIN keyword is used in the ACCONF file, the LOWPIN keyword must
be used in the ACACL Command Entry for any object file that is not HIGHPIN
compatible.