Need a query to list all persons with $DD-ADM profile

search cancel

Need a query to list all persons with $DD-ADM profile

book

Article ID: 40562

calendar_today

Updated On:

Products

Datacom DATACOM - AD Datacom/AD Datacom/DB

Issue/Introduction

I've been asked by auditors to provide a "system generated list" (ie, a query) of all users with administrative access.

I know people with administrative access have the $DD-ADM profile.

Can you help me with a DataQuery query or some command that will list PERSONS with the $DD-ADM profile.

Resolution

See below two ways to get the result via Data Query or DDUTILTY:

The following Data Query SYSIN should do it:
Continuation "+" in column 72
----+----1----+----2----+----3----+----4----+----5----+----6----+----7--
//SYSIN DD *
SIGN-ON DATACOM-INSTALL PASSWORD NEWUSER
OPTION QUERYLANG=DQL
FIND RELATIONSHIP RELATED BY SUBJ-OCC-NAME VIA ENTITY-NAME TO PERSON +
WITH PERSON.ENTITY-VER = RELATIONSHIP.SUBJ-VRS-NUM +
AND PERSON.STATUS NOT = 'H' +
AND RELATIONSHIP.ENTITY-NAME = 'PER-ATZ-AUTH' +
AND RELATIONSHIP.OBJ-OCC-NAME = '$DD-ADM' +
SORT RELATIONSHIP SUBJ-OCC-NAME OBJ-OCC-NAME +
PRINT FROM RELATIONSHIP SUBJ-OCC-NAME 'USER NAME' +
OBJ-OCC-NAME 'AUTHORIZATION'
EXECUTE *

or

The following DDUTILTY SYSIN should do it as well:

//SYSIN DD *
+USR DATACOM-INSTALL,NEWUSER
-DEF PATH,PERATZ
-DEF TRACE,AUTHORIZATION.PERSON,PER-ATZ-AUTH
-END
-RPT START,AUTHORIZATION,$DD-ADM(PROD,PRIV),PERATZ
-RPT INDEX
-END
/*

Feedback

thumb_up Yes

thumb_down No