XYGATE Compliance PRO (XSW) Reference Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series

211

212

213

214

215

216

217

218

219

220

XYGATE

Compliance PRO

™

Reference Manual

Chapter 11. Access Analysis Mapping

XYPRO Technology Corporation 195 Proprietary and Confidential

11.7 The Guardian Access Queries

The available queries are:

• Files by User

• File Owners

Note: Depending upon the wildcarding, the resultant fileset may be very large and very

time-consuming. We strongly suggest not using $*.*.*.

11.7.1 Files by User Query

You may enter a specific user name and wildcard file mask. There will be one row per

file to which the user has access, based on the file’s security vector (RWEP). If the

user is granted R, W, E, or P, then the file is returned. For example, a file’s security

vector grants READ to either local or remote “everyone,” the file will be returned,

regardless of which user you select.

All available userids on a system are shown in the drop-down list. The list shows both

the user name and user number. The userids are displayed in order by group name

and user name.

Guardian access mapping does not take either XOS or Safeguard into consideration.

Use the XOS and Safeguard queries to determine what access they grant the user.

11.7.2 Files Owners Query

This query returns all of the distinct owners of files for the level of the search. This can

help you identify:

Where Safeguard, or XOS rules may be needed because a subvolume contains files

owned by more than one userid.

Files that are owned by the wrong userids.

Volume-level and subvolume-level searches behave a little differently:

• Volume level searches return a row per subvolume per distinct owner of files within

the subvolume. So for example, if you do a volume query such as "$SYSTEM.*.*",

there may be one row for $SYSTEM.SYS06 because all the files are owned by

SUPER.SUPER. But if $SYSTEM.NOSUBVOL has files owned by three different

users, there will be three rows, one for each of the three file owners.

• Subvolume-level searches return a row per file within the subvolume. So, for

example, if you run a query on "$SYSTEM.ZTCPIP.*", there will be one row for

each file in the ZTCPIP subvolume.