1 /AUDIT
Syntax:
/AUDIT [= (quoted-string [, quoted-string]...)]
/AUDIT=file-specification
/NOAUDIT
Use /AUDIT to create history list entries auditing the creation of
new access control list entries.
You can include explanatory text in history list entries in two ways:
o By including quoted strings. Enclose each quoted string in
double quotation marks, and enclose the series of strings in
parentheses. The parentheses are optional if you specify only
one quoted string.
o By specifying a file whose contents are to be included in the
history list entry. The file specification is a standard VMS
file specification, and the default file type is .DAT. You can
include no more than 64 input strings in a history list entry.
DMU ignores any excess.
With /NOAUDIT, no history list entries are created. The default is
/NOAUDIT.
2 /BANISH
Syntax:
/[NO]BANISH = privileges
/BANISH enumerates the privileges denied to the specified user(s) at
the current dictionary directory or subdictionary and all of its
descendants. /NOBANISH specifies the privileges that are not
banished. The specification of a privilege in /NOBANISH overrides
the specification of the same privilege in /BANISH.
The most common use for the combination of the two qualifiers is in
an example like "/BANISH=ALL/NOBANISH=(PASS,SEE)", where it is easier
to enumerate the privileges that are not to be banished than to do
the opposite.
Once banished, privileges cannot be granted further down in the
hierarchy.
Type "HELP specify privileges" for further information.
3 /DENY
Syntax:
/[NO]DENY = privileges
/DENY enumerates the privileges denied to the specified user(s) at
the current dictionary directory, subdictionary, or object. In
addition, denied privileges extend to descendants, but they can be
granted again at lower levels in the hierarchy. /NODENY specifies
the privileges that are not denied. The specification of a privilege
in /NODENY overrides the specification of the same privilege in
/DENY.
The most common use for the combination of the two qualifiers is in
an example like "/DENY=ALL/NODENY=(PASS,SEE)", where it is easier to
enumerate the privileges that are not denied than to do the opposite.
Type "HELP specify privileges" for further information.
4 /GRANT
Syntax:
/[NO]GRANT = privileges
/GRANT enumerates the privileges granted to the specified user(s).
/NOGRANT specifies the privileges that are not granted. The
specification of a privilege in /NOGRANT overrides the specification
of the same privilege in /GRANT.
The most common use for the combination of the two qualifiers is in
an example like "/GRANT=ALL/NOGRANT=(CONTROL,FORWARD,GLOBAL_DELETE)",
where it is easier to enumerate the privileges that are not granted
than to do the opposite.
Type "HELP specify privileges" for further information.
5 /PASSWORD
Syntax:
/PASSWORD = quoted-string
Use /PASSWORD to include a password in the user identification
criteria of an access control list entry. The quoted string can be
any string of printable characters other than open parenthesis [(],
close parenthesis [)], or period [.]. DMU translates lowercase
characters to uppercase. Enclose the string in double quotation
marks.
6 /POSITION
Syntax:
/POSITION = number
Use /POSITION to specify the relative position within the access
control list where you want to place the new entry. If you do not
specify the /POSITION qualifier, the default position is 1.
7 /RIGHTS
Syntax:
/RIGHTS = uic- or rights-specification
Use /RIGHTS to include user identification codes with the user
identification criteria of an ACL entry. You can specify any of
three alternative types of user identification code: a numeric UIC,
an alphanumeric UIC, or a rights identifier.
A numeric UIC consists of an octal group number and an octal member
number separated by a comma and enclosed by either square brackets
([]) or angle brackets (<>).
You can use the wildcard * in place of the group number to identify
all group numbers, and in place of the member number group to
identify all member numbers. A /UIC specification of [*,*] matches
all user identification codes.
An alphanumeric UIC consists of a single text string within brackets.
A rights identifier consists of a single text string which the system
manager has defined in the rights database to indicate all members of
a particular group.
/RIGHTS performs the same function as /UIC.
8 /TERMINAL
Syntax:
/TERMINAL = terminal-specification
Use /TERMINAL to include information about the terminal(s) in the
user identification criteria of an access control list entry.
The terminal specification can be any of the following:
o TTcn or TXcn -- a specific terminal number.
For example: /TERMINAL = TTA7.
o LOCAL -- terminals hardwired to the system.
For example: /TERMINAL = LOCAL.
o NON_LOCAL -- dial-up and remote terminals, and terminals
processing batch and network jobs.
For example: /TERMINAL = NON_LOCAL.
o BATCH -- terminals processing batch jobs.
For example: /TERMINAL = BATCH.
o NETWORK -- terminals processing network jobs.
For example: /TERMINAL = NETWORK.
9 /UIC
Syntax:
/UIC = uic- or rights-specification
Use /RIGHTS to include user identification codes with the user
identification criteria of an ACL entry. You can specify any of
three alternative types of user identification code: a numeric UIC,
an alphanumeric UIC, or a rights identifier.
A numeric UIC consists of an octal group number and an octal member
number separated by a comma and enclosed by either square brackets
([]) or angle brackets (<>).
You can use the wildcard * in place of the group number to identify
all group numbers, and in place of the member number group to
identify all member numbers. A /UIC specification of [*,*] matches
all user identification codes.
An alphanumeric UIC consists of a single text string within brackets.
A rights identifier consists of a single text string which the system
manager has defined in the rights database to indicate all members of
a particular group.
/RIGHTS performs the same function as /UIC.
10 /USERNAME
Syntax:
/USERNAME = string
Use /USERNAME to include a specific username with the user
identification criteria of an access control list entry.