XYGATE Access Control Reference Manual
XYPRO Technology Corporation 57 Proprietary and Confidential
Chapter 5. Command/User Access
Matrix
For many audit investigations, it is important to be able to show which users have
access to which COMMANDS. Use the XAC_ACCESS_MAP macro to generate this
information. (Refer to Appendix E7: on page 251.)
5.1 Procedure
The following is the syntax for the XAC_ACCESS_MAP macro.
Syntax:
XAC_ACCESS_MAP <output file>[ ! ]
Where:
<output file> is the entry sequenced, csv file that contains the information. If the
file does not exist, it will be created.
! If the optional exclamation point ( ! ) is specified, any existing file will
be purged as the new one is created. There cannot be a space
between the filename and the ! symbol.
In the following example, the output file is named $WORK.SECRPTS.XACUSR1.
Example: How to generate list of COMMANDS that each user can access
20> xac_access_map xacusr1
CREATED - $WORK.SECRPTS.XACUSR1
Exporting to $WORK.SECRPTS.XACUSR1
Loaded 001705 users
0035469 lines written
$WORK.SECRPTS
CODE EOF LAST MODIFIED OWNER RWEP PExt SExt
XACUSR1 0 4268032 09DEC2008 11:50 222,77 OOOO 128 128
21>
Format of the output file:
<command>,
<object>,
<group the command runs as, might be the GROUP keyword>,
<user the command runs as, might be the USER keyword>,
<description>,
<user|alias flag>,
<group>,
<user>,
<logon name>