Why Is Not Neccessary To Add FLDXTR Attribute To Extract The New Field, whereas TSSAI Requires It?
search cancel

Why Is Not Neccessary To Add FLDXTR Attribute To Extract The New Field, whereas TSSAI Requires It?

book

Article ID: 10033

calendar_today

Updated On:

Products

Top Secret Top Secret - LDAP

Issue/Introduction

 

- We have defined a new field on the FDT. This field is on the base segment. My user use the « TSSAI » program to extract information about the signed on   user. This information is moved to the other server. We need to add the DUFXTR attribute to transfer the new field. 

- The DUFXTR attribute permits the extraction of the INSTDATA and the new field. We need to know if the DUFXTR attribute allows other action? 

- We want to know, why is not neccessery to add FLDXTR adttribute to extract the new field? 



Environment

z/OS

Resolution

 

- To be allowed to UPDATE/EXTRACT either an INSTDATA or a FDT field, an user must have the DUFXTR or/and DUFUPD attributes.

- There are no FLDXTR/FLDUPD attributes

- To UPDATE/EXTRACT either an INSTDATA or a FDT field with the TSSAI you must indicate what your request is.

  To do that you have to put in TSSAI TSSCLASS what your request is, either DUFXTR or DUFUPD or FLDXTR or FLDUPD
  Here, these keywords are used to tell to the TSSAI what kind of request it has to perform.

Additional Information

 

- If you give the DUFXTR attribute to all your users, they will all able to extract the INSDATA and FDT fields for any acid within their scope. 
  I.e. for a user type acid, just himself, for a DCA, all user belonging to his department. 

- DUFXTR is just to be able to extract (read data), then it should not harm anything, but the confidentiality of the data depends on what you have put in these fields. 

- If you want to have more information about the CA Top Secret application interface, the TSSAI go to link:

https://docops.ca.com/ca-top-secret-for-z-os/16-0/en/using/extending-security-using-the-application-interface/application-interface-components

- If you want to have more information about the CA Top Secret DUFXTR attribute, go to link:

https://docops.ca.com/ca-top-secret-for-z-os/16-0/en/using/issuing-commands-to-communicate-administrative-requirements/keywords/dufxtr-keywordcontrol-instdata-and-security-file-data-extraction