XYGATE Compliance PRO (XSW) Reference Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series

201

202

203

204

205

206

207

208

209

210

XYGATE

Compliance PRO

™

Reference Manual

Chapter 11. Access Analysis Mapping

XYPRO Technology Corporation 187 Proprietary and Confidential

11.4.1 How User-Related Entries are Expanded in XOS Queries

Each OSGROUP mask is expanded for each user in the ACL as described below:

• *, 255 will expand to all groups that have a 255 user.

• SUPER.* or 255,* will expand to all members of the SUPER group.

• Alias:"joe*" will expand to all aliases that begin with the lowercase characters "joe".

• UNDERLYING:RA.* or UNDERLYING:232,* will expand to all aliases for any

member of the RA group on the local node.

• NETUNDERLYING:\*.RA.* or NETUNDERLYING:\*.232,* will expand to all aliases

for any member of the RA group.

ACLGROUPs will expand to their constituent userids and aliases. If the constituents

include any of the above wildcards, they will also be expanded as shown above.

• OBJECT_OWNER_GROUP.* will expand to all members of the file owner’s group.

• NETUNDERLYING:\*.OBJECT_OWNER_GROUP.\*. will expand to all aliases for

any member of the file owner’s group.

To help make it clear how XSW derived a specific userid or alias, the output grids

include the ACL_Name column, which contains the actual entry in the FOGROUP’s

ACL. So if the ACL entry is an ACLGROUP, the ACLGROUP name will be the

ACL_Name for any of the userids it includes.

Example 1: How an ACLGROUP user-list is expanded

ACLGROUP $JAY \*.CERT.JILL \*.1,* NETUNDERLYING:\*.1,*

NETUNDERLYING:\*.222,250

The ACLGROUP in Example 1 includes XYPRO.JILL, any members of Group 1, all

aliases with an underlying ID in Group 1, and all aliases with an underlying ID of

222,250. In this case, it expands to the 7 userids or aliases shown below:

Grp# User# GrpName UserName Alias Why included

222 30 CERT JILL \*.CERT.JILL

1 1 QA TEST \*.1,*

1 22 QA JAMES \*.1,*

1 1 QA TEST qa-james NETUNDERLYING:\*.1,*

222 250 CERT MGR james NETUNDERLYING:\*.222,250

222 250 CERT MGR jamesoss NETUNDERLYING:\*.222,250

222 250 CERT MGR jamesrsa NETUNDERLYING:\*.222,250

If this ACLGROUP is then included in the ACL of an FOGROUP, each of these userids

and aliases will have a row in the display for each file "protected" by the FOGROUP.

The userids and aliases will appear in the order they do in the ACLGROUP.