How can I identify all users that have any administration authority within CA TPX?
Article ID: 11324
Updated On:
Products
Issue/Introduction
Need to identify users defined to TPX that have any type of administrator authority. How can this be accomplished?
Environment
Resolution
You can check an individual user's Administrative capabilities using TPXADMIN:
option 1 TPX User/Group Maintenance
option 3 User Maintenance
select user
option 6 Maintain Administrator Capabilities
TPX User Maintenance
Panelid - TEN0169
Command ===> Userid - TPXADMIN
Termid - tttttttt
Userid: USERxxx Date - 11/07/17
Time - 17:28:58
TPX User Administrator: N STX User Administrator: N
TPX Master Administrator: N STX Master Administrator: N
TPX System Administrator: N STX System Administrator: N
TPX Operator Administrator: N
Groups this User Administrator can modify:
******************************** BOTTOM OF DATA *******************************
When you don't know the userid(s), the best way get a list of all users with to do this is via TPX batch extract and reporting.
Users have administrative authority when the values of these UINDEX variables are set to "Y":
- UIDXCMST - Master Administrator
- UIDXCSYS - System Administrator
- UIDXCOPR - Operator Administrator
- UIDXCADM - User Administrator
EXAMPLE 1: Selecting on a single type of administrator authority
Here's a sample extract and report showing all admin authority for users that have master administrator authority. It also shows the other levels of authority these users have been granted.
//BATCHADM EXEC TPXPROC,VNODE='*BATCH*'
//EXTFILE DD UNIT=SYSDA,SPACE=(CYL,(1,1))
//RPTFILE DD SYSOUT=*
//*
//SYSIN DD *
C
C extract from USER records if user has Master Admin authority
C
EXTRACT GIVING(EXTFILE) USER AND NO SESSIONS (UIDXCMST(Y))
SET RTITLE1 ' ======== === ADMINISTRATOR AUTHORITY === '
SET RTITLE2 ' USERID MASTER SYSTEM OPER USER'
SET RTITLE3 ' ======== ====== ====== ==== ===='
REPORT GIVING(RPTFILE) USING (EXTFILE)
((' &UIDXNAME' ' &UIDXCMST' '&UIDXCSYS' '&UIDXCOPR'
'&UIDXCADM' ))
======== === ADMINISTRATOR AUTHORITY ===
USERID MASTER SYSTEM OPER USER
======== ====== ====== ==== ====
MASTADM Y Y Y Y
NVIADMIN Y Y Y Y
TPXADMIN Y Y Y Y
USER001 Y Y Y Y
USER003 Y Y Y Y
USER005 Y Y Y Y
XXMASTER Y N N Y
EXAMPLE 2: Selecting users with multiple types of administrator authority
To list users that have multiple administrator authority, you can code all the variables to check within one EXRACT statement. For example, to list users that are both a master administrator AND a system administrator)
//BATCHADM EXEC TPXPROC,VNODE='*BATCH*'
//EXTFILE DD UNIT=SYSDA,SPACE=(CYL,(1,1))
//RPTFILE DD SYSOUT=*
//*
//SYSIN DD *
C
C extract from USER records if user has Master AND System Admin
C
EXTRACT GIVING(EXTFILE) USER AND NO SESSIONS (UIDXCMST(Y) UIDXCSYS(Y))
SET RTITLE1 ' ======== === ADMINISTRATOR AUTHORITY === '
SET RTITLE2 ' USERID MASTER SYSTEM OPER USER'
SET RTITLE3 ' ======== ====== ====== ==== ===='
REPORT GIVING(RPTFILE) USING (EXTFILE)
((' &UIDXNAME' ' &UIDXCMST' '&UIDXCSYS' '&UIDXCOPR'
'&UIDXCADM' ))
======== === ADMINISTRATOR AUTHORITY ===
USERID MASTER SYSTEM OPER USER
======== ====== ====== ==== ====
MASTADM Y Y Y Y
NVIADMIN Y Y Y Y
TPXADMIN Y Y Y Y
USER001 Y Y Y Y
USER003 Y Y Y Y
USER005 Y Y Y Y
EXAMPLE 3: Selecting users with any type of administrator authority
If you need to list users that have any administrator authority, but not necessarily more than one type, you need to code "OR" processing. This is not feasible within one EXTRACT statement. To achieve this you must code multiple EXTRACT statements with DISP=MOD on the EXTRACT DD statement.
//BATCHADM EXEC TPXPROC,VNODE='*BATCH*'
//EXTFILE DD UNIT=SYSDA,SPACE=(CYL,(1,1))
//RPTFILE DD SYSOUT=*
//*
C extract from USER records if user has any Admin authority
C
EXTRACT GIVING(EXTFILE) USER AND NO SESSIONS (UIDXCMST(Y))
EXTRACT GIVING(EXTFILE) USER AND NO SESSIONS (UIDXCSYS(Y))
EXTRACT GIVING(EXTFILE) USER AND NO SESSIONS (UIDXCOPR(Y))
EXTRACT GIVING(EXTFILE) USER AND NO SESSIONS (UIDXCADM(Y))
SET RTITLE1 ' ======== === ADMINISTRATOR AUTHORITY === '
SET RTITLE2 ' USERID MASTER SYSTEM OPER USER'
SET RTITLE3 ' ======== ====== ====== ==== ===='
REPORT GIVING(RPTFILE) USING (EXTFILE)
((' &UIDXNAME' ' &UIDXCMST' '&UIDXCSYS' '&UIDXCOPR'
'&UIDXCADM' ))
======== === ADMINISTRATOR AUTHORITY ===
USERID MASTER SYSTEM OPER USER
======== ====== ====== ==== ====
MASTADM Y Y Y Y
NVIADMIN Y Y Y Y
TPXADMIN Y Y Y Y
USER001 Y Y Y Y
USER003 Y Y Y Y
USER005 Y Y Y Y
XXMASTER Y N N Y
MASTADM Y Y Y Y
NVIADMIN Y Y Y Y
TPXADMIN Y Y Y Y
USER001 Y Y Y Y
USER002 N Y Y Y
USER003 Y Y Y Y
USER005 Y Y Y Y
XXSYS N Y N Y
MASTADM Y Y Y Y
NVIADMIN Y Y Y Y
TPXADMIN Y Y Y Y
USER001 Y Y Y Y
USER002 N Y Y Y
USER003 Y Y Y Y
USER005 Y Y Y Y
XXOPER N N Y Y
MASTADM Y Y Y Y
NVIADMIN Y Y Y Y
TPXADMIN Y Y Y Y
USER001 Y Y Y Y
USER002 N Y Y Y
USER003 Y Y Y Y
USER004 N N N Y
USER005 Y Y Y Y
XXMASTER Y N N Y
XXOPER N N Y Y
XXSYS N Y N Y
XXUSER N N N Y
You will likely have noticed that userids have been repeated for each type of authority that they possess. To make this report more useful, this report output should be massaged to remove duplicate rows and present the userids in sorted order.
To remove duplicate rows, it will be necessary further process the report output to remove these duplicates. There are many variations on how this can be accomplished and this should be based upon the utilities available to you at your site. Here is just one way to accomplish this using CA-SORT:
- Step BATCHADM: The TPX batch job sends the RPTFILE to a catalogued dataset rather than SYSOUT.
- Step SORT1: The first sort step captures the title lines.
- Step SORT2: The second sort step skips the title lines, then sorts the remaining lines discarding any duplicate lines.
- Step REPORT: The last step concatenates the titles and condensed report into one SYSOUT file.
//BATCHADM EXEC TPXPROC,VNODE='*BATCH*'
//EXTFILE DD UNIT=SYSDA,SPACE=(CYL,(1,1))
//RPTFILE DD SYSOUT=*
//RPTFILE DD UNIT=SYSDA,SPACE=(CYL,(1,1)),DISP=(NEW,CATLG),
// DSN=userid.TPX.RPTFILE
//SYSIN DD *
C
C extract from USER records if user has any Admin authority
C
EXTRACT GIVING(EXTFILE) USER AND NO SESSIONS (UIDXCMST(Y))
EXTRACT GIVING(EXTFILE) USER AND NO SESSIONS (UIDXCSYS(Y))
EXTRACT GIVING(EXTFILE) USER AND NO SESSIONS (UIDXCOPR(Y))
EXTRACT GIVING(EXTFILE) USER AND NO SESSIONS (UIDXCADM(Y))
SET RTITLE1 ' ======== === ADMINISTRATOR AUTHORITY === '
SET RTITLE2 ' USERID MASTER SYSTEM OPER USER'
SET RTITLE3 ' ======== ====== ====== ==== ===='
REPORT GIVING(RPTFILE) USING (EXTFILE)
((' &UIDXNAME' ' &UIDXCMST' '&UIDXCSYS' '&UIDXCOPR'
'&UIDXCADM' ))
/*
//*********************************************************************/
//SORT1 EXEC PGM=SORT,REGION=1024K
//SYSOUT DD SYSOUT=*
//SYSUDUMP DD SYSOUT=A
//SYSPUNCH DD SYSOUT=B
//SYSPRINT DD SYSOUT=*
//SORTIN DD DSN=userid.TPX.RPTFILE,
// UNIT=SYSDA,
// DISP=SHR
//SORTOUT DD DSN=userid.TPX.RPTFILE.TITLES,
// UNIT=SYSDA,
// SPACE=(TRK,(1,1)),
// DISP=(NEW,CATLG)
//SYSIN DD *
SORT FIELDS=COPY,STOPAFT=3
/*
//*********************************************************************/
//SORT2 EXEC PGM=SORT,REGION=1024K
//SYSOUT DD SYSOUT=*
//SYSUDUMP DD SYSOUT=A
//SYSPUNCH DD SYSOUT=B
//SYSPRINT DD SYSOUT=*
//SORTIN DD DSN=userid.TPX.RPTFILE,
// UNIT=SYSDA,
// DISP=SHR
//SORTOUT DD DSN=userid.TPX.RPTFILE.BODY,
// UNIT=SYSDA,
// SPACE=(TRK,(1,1)),
// DISP=(NEW,CATLG)
//SYSIN DD *
SORT FIELDS=(1,40,AC,A),
SKIPREC=3,
FILSZ=50
SUM FIELDS=NONE
/*
//*********************************************************************/
//REPORT EXEC PGM=IEBGENER
//SYSPRINT DD SYSOUT=*
//SYSUT1 DD DISP=SHR,DSN=userid.TPX.RPTFILE.TITLES
// DD DISP=SHR,DSN=userid.TPX.RPTFILE.BODY
//SYSUT2 DD SYSOUT=*
//SYSUT3 DD UNIT=3390,SPACE=(CYL,(10))
//SYSUT4 DD UNIT=3390,SPACE=(CYL,(10))
//SYSIN DD *
GENERATE MAXFLDS=1
//
======== === ADMINISTRATOR AUTHORITY ===
USERID MASTER SYSTEM OPER USER
======== ====== ====== ==== ====
MASTADM Y Y Y Y
NVIADMIN Y Y Y Y
TPXADMIN Y Y Y Y
USER001 Y Y Y Y
USER002 N Y Y Y
USER003 Y Y Y Y
USER004 N N N Y
USER005 Y Y Y Y
XXMASTER Y N N Y
XXOPER N N Y Y
XXSYS N Y N Y
XXUSER N N N Y
Feedback
