HP 3000 Manuals HP 3000 Manuals
Phase B. Making Databases and Files Available for Read Access If PC users need to access data sources in a group and account other than the one they're logged on to, those databases or files need to have been "released," or you can open MPE group and account security. Refer to these MPE commands: RELEASE, ALTGROUP, ALTACCT, ALTSEC, and to the DBUTIL utility's RELEASE command.
NOTE You must also release data sources for remote data sources residing in an account other than the one specified in the logon defined for the remote system. You can, however, maintain remote data source security by first configuring the same Node several times with different Remote System names and different logons, then configuring your remote data sources using the Remote System name which logs on to the account it resides in.
Releasing Databases The two ways you can release data sources are discussed fully in Chapter 2, "Getting Started," in the Information Access Server: Database Administration manual. You can do either of the following: * Use the ALTGROUP and ALTACCT commands to allow all MPE users access to the groups where the data sources reside, or use the RELEASE command on individual files. If security has been set at the file level, you may also need to use ALTSEC. or * For IMAGE databases, use the RELEASE command in DBUTIL.PUB.SYS to suspend MPE security on the data sources. To use this option, you need to be the creator of the data source and you need to be logged on to the group and account where the data source resides. Whichever option you choose, you should also use the SET command in DBUTIL.PUB.SYS to add a maintenance word to the released databases. This will prevent unauthorized users from breaching data security by doing a DBSTORE or DBUNLOAD on the databases. For the first option, consult your System Manager. For the second option, and for details on the SET command, see the TurboIMAGE Database Management Systems Reference Manual. Releasing Files To temporarily suspend security provisions for files at all levels (file, group, and account), use the MPE command RELEASE filename. The suspension is valid after a job termination or a system failure followed by a coldload or reload, unless the system is reloaded from a tape created before the release was entered. The command does not affect the file's lockword, if any. The suspension remains in effect until a SECURE filename command is entered.