Profiles to be defined to the FACILITY class used by the extended access control function
When the extended access control function (copy group access control function, specific command access control function, and the REVERSE RESYNC protection function) is installed in Installing Business Continuity Manager with SMP/E, you need to set the access control (RACF settings). After defining the profile to the RACF FACILITY class, set the READ permission for that profile to the user.
This section describes about the profile types to be defined in the FACILITY class and how to set the READ permission for the profile. For details on which profile's READ permissions to set for each user, see "Extended access control functions" in the Hitachi Business Continuity Manager User Guide.
The following table shows the profiles to be defined in the FACILITY class used by the extended access control functions:
Extended access control function |
Profiles to be defined to the FACILITY class |
---|---|
Copy group access control function |
STGADMIN.YKA.BCM.PFX.prefix (prefix profile) |
STGADMIN.YKA.BCM.CGTYPE.copy-type (copy type profile) |
|
STGADMIN.YKA.BCM.CGNAME.copy-group-ID (copy group profile) |
|
Specific command access control function |
STGADMIN.YKA.BCM.CLI.YKDELETE (YKDELETE command profile) |
STGADMIN.YKA.BCM.CLI.YKMAKE (YKMAKE command profile) |
|
STGADMIN.YKA.BCM.CLI.YKRECVER (YKRECVER command profile) |
|
STGADMIN.YKA.BCM.CLI.YKQRYDEV (YKQRYDEV command profile) |
|
STGADMIN.YKA.BCM.CGTYPE.copy-type (copy type profile) |
|
REVERSE RESYNC protection function |
STGADMIN.YKA.BCM.COMMANDS.REGRSYNC# (The profile of the function that prevents users to whom permission is not granted in this profile from performing resynchronization that transfers data in a direction that is the reverse of the current copy direction) |
STGADMIN.YKA.BCM.COMMANDS.REGRSYNC.ONL (The profile of the function that prevents users to whom permission is not granted in this profile from performing resynchronization that transfers data in a direction that is the reverse of the current copy direction of a copy pair while in an online state) |
- #
- REGRSYNC (REGressive ReSYNC) means that data that should not be overwritten (such as data that is being accessed from the current host -or active data-) by reversing resynchronization. For details on the REVERSE RESYNC protection function that uses this profile, see "REVERSE RESYNC protection function" in the Hitachi Business Continuity Manager User Guide.
For example, you can use a generic name such as STGADMIN.YKA.BCM.CGNAME.GRP* when specifying access permissions to copy group ID GRP01 to GRP09.
Procedure for setting the READ permission for the profile to the user
For details on how to set the READ permission for the profile to the user, see Procedure for setting the READ permission for the RACF profile to the user.