Identifies the user or users for whom an entry is being added. You can specify any valid OpenVMS identifier in the identifier clause: o UIC identifier You cannot specify more than one UIC identifier in a DEFINE PROTECTION statement. o General identifier o System-defined identifier
1 – More
You can specify multiple identifiers in the identifier clause when combining an identifier with a system-defined identifier. However, you should regard the six system-defined identifiers as mutually exclusive. Do not attempt to use them in combination with each other. You can combine them with other identifiers (UICs and general identifiers). When you specify multiple identifiers, separate them with a plus sign (+). If you specify multiple identifiers in the identifier clause, you define one ACE that determines the access rights that users will receive when they hold ALL the identifiers specified in the identifier clause. Users who do not hold all of the identifiers specified in the identifier clause will not be governed by the ACE that is created. For example, the first of the two RDO statements in the following example defines a single ACE for users with both the [CLERK,DAVIES] and REMOTE identifiers, not one ACE for users with the [CLERK,DAVIES] identifier and another ACE for users with the REMOTE identifier. The second statement shows the ACE created in the second position in the ACL, as specified in the DEFINE PROTECTION statement: DEFINE PROTECTION FOR RELATION A1 POSITION 2 IDENTIFIER [CLERKS,DAVIES]+REMOTE ACCESS READ+WRITE+MODIFY. ! SHOW PROTECTION FOR RELATION A1 (IDENTIFIER=[DBS,RICK],ACCESS=READ+WRITE+MODIFY+ERASE+SHOW+DEFINE+ CHANGE+DELETE+CONTROL+OPERATOR+ADMINISTRATOR+REFERENCES+SECURITY) (IDENTIFIER=[CLERK,DAVIES]+REMOTE,ACCESS=READ+WRITE+MODIFY) (IDENTIFIER=[*,*],ACCESS=READ+MODIFY) To control which users have the ability to create databases, use the RDBVMS$CREATE_DB logical name and system rights identifier. See the "Oracle Rdb Guide to Database Design and Definition" for more information on the RDBVMS$CREATE_DB logical name and system rights identifier.