Generating user privileges: SECGEN

This section describes how to configure access management when not using Central Governance.

This command generates the actual privileges of a user or a user group from the parameter setting commands recorded in the security file.

Once active privileges have been generated, the various Transfer CFT components can call the security system to verify access rights to objects. Active privileges can be generated without stopping any components that are running.

The SECGEN command must be resubmitted each time changes are made to the security parameter settings.

Syntax

SECGEN
     [ID =     identifier,]
     [TYPE =     {SECUSER | SECGROUP},]
     [FNAME =     filename,]
     [MODE =     {BRIEF | DEBUG | FULL},]
     [ORIGIN =     {BOTH | LOCAL | REMOTE}]

Description

Use this command to generate the actual privileges of a user or a user group from the parameter setting commands recorded in the security file.

Parameters

[ID = identifier]

Identifier of a SECUSER or SECGROUP command.

This parameter requests the generation of privileges for a single user or a specified user group.

The * and ? wildcard characters cannot be used.

[FNAME = filename]

Name of the security file to be used as a basis for the generation.

If this parameter is omitted, the file name is determined from the most recent CONFIG command.

[MODE = {BRIEF | DEBUG | FULL}]

Display mode for messages during the generation process:

  • BRIEF: displays minimal details (success or failure of the operation  
  • DEBUG: displays everything that occurs during the process (including actions and basic objects
  • FULL: displays errors without explanation (indicates that a category cannot be found, but does not specify its name

[ORIGIN = {BOTH | LOCAL | REMOTE}]

Origin of the user group: local or remote.

You can use this parameter to assign different profiles to users who can execute both local and remote actions.

The REMOTE origin is not implemented in the current release.

[TYPE = {SECUSER | SECGROUP}]

Type of user whose privileges you are generating.

If the TYPE parameter is included in the command, the ID parameter is mandatory.

 

Related Links