Change Location Rule

How to Get There

On the Work with Security by Location panel, enter option 2 next to a location rule.

What it Does

The Change Location Rule panel allows you to modify a Location Rule's attributes.

Field Descriptions

System

System indicates the target of any operations you perform. When you add rules, for example, those rules will be sent to, and will affect processing on, the System named.

Location

Location represents the source of a transaction. Location can hold an IP Address, a Location Group, or the name of an SNA Communications Device.

The special value *ALL, when used on a rule, means that the rule applies to any Location lacking a specific rule. When used as a subset or selection parameter, *ALL generally means to select all such rules for display or printing.

Server

A Server in Powertech Exit Point Manager for IBM i is a controlled entry point into your system. These entry points are determined and defined by IBM. Powertech Exit Point Manager for IBM i has assigned easy-to-remember names to these controlled entry points.

Function

A Function, or Server Function, in Powertech Exit Point Manager for IBM i represents a class of operations that a given Server may perform. For example, the *SIGNON Server classifies its operations as those pertaining to changing passwords, generating authentication tokens, and retrieving signon information. Powertech Exit Point Manager for IBM i has assigned easy-to-remember names to these Functions, such as CHGPWD, GENAUTTKN and RETRIEVE.

Authority

The authority assigned to the location for this server/function. If authority is left blank, Powertech Exit Point Manager for IBM i will remove the location's entry.

The possible values are:

*USER Powertech Exit Point Manager for IBM i will check server user authority. When *USER is selected for a Location rule, the Audit, Message and Capture flags are always set to Inherit (*). Flags defer to the User Rule that applies to the transaction's incoming user profile.

*ALLOW Powertech Exit Point Manager for IBM i will use normal system authority for the location.

*REJECT Powertech Exit Point Manager for IBM i will reject requests for the specified location.

*SWITCH Powertech Exit Point Manager for IBM i will use the authority of the switch profile for the specified location. A switch profile entry is required.

*MEMUSR Check Memorized Transactions (MTR) for authority. If no MTR authority is found, Exit Point Manager will check server user authority. This is only valid for location.

*MEMALLOW Check Memorized Transactions (MTR) for authority. If no MTR authority is found, Powertech Exit Point Manager for IBM i will use normal system authority for the location.

*MEMREJECT Check Memorized Transactions (MTR) for authority. If no MTR authority is found, Powertech Exit Point Manager for IBM i will reject requests for the specified location.

*MEMSWITCH Check Memorized Transactions (MTR) for authority. If no MTR authority is found, Powertech Exit Point Manager for IBM i will use the authority of the switch profile for the specified location. A switch profile entry is required.

*MEMOBJ Check Memorized Transactions (MTR) for authority. If no MTR authority is found, check Object Rules for authority. If no Object Rule authority is found, Exit Point Manager will use normal allow authority for the location.

*SRVFCN Powertech Exit Point Manager for IBM i will use the authority defined for the server/function.

Switch Profile

The Switch profile entry holds the name of a user profile whose authority is used to process the transaction instead of the authority of the User initiating the transaction. The transaction is executed as, and uses the authority of, this Switch profile. The job that processes the transaction continues to run under this switch profile until Exit Point Manager processes another transaction request for that job.

Switch profile is allowed only when Authority contains *SWITCH or *MEMSWITCH, if *MEMSWITCH is allowed. Otherwise, it must contain *NONE.

Audit

The Audit flag controls the logging of transactions to the Log Journal set up on the Work with Powertech Exit Point Manager for IBM i System Values panel.

The valid values are:

* Uses the value found in the rule above this one in the rule hierarchy.

Y Logs all requests when this rule is enforced.

N Logs only access failures (rejects) for this rule.

Message

The Message flag controls the sending of messages to the Log Message Queue set up on the Work with Powertech Exit Point Manager for IBM i System Values panel.

The valid values are:

* Uses the value found in the rule above this one in the rule hierarchy.

Y Sends a message when this rule is enforced.

N Does not send a message when this rule is enforced.

Capture

The Capture flag controls whether transactions are remembered in Powertech Exit Point Manager for IBM i for later memorization. Once captured, transactions can become Memorized Transactions, which can act as rules.

The valid values are:

* Uses the value found in the rule above this one in the rule hierarchy.

Y Captures the transaction when this rule is enforced.

N Does not capture the transaction when this rule is enforced.

Command Keys

F3 (Exit): Exit the panel without processing any pending changes.

F4 (Prompt): Displays a list of possible values.

F12 (Cancel): Exit the panel without processing any pending changes.

Copyright © Fortra, LLC and its group of companies.
All trademarks and registered trademarks are the property of their respective owners.
8.01 | 202306130759 | June 2023