Add IFS Exit Point Programs (ADDIFSEXTP)

The Add IFS Exit Point Programs (ADDIFSEXTP) command will add the exit programs for the QIBM_QP0L_SCAN_CLOSE, QIBM_QP0L_SCAN_OPEN and QIBM_QPWFS_FILE_SERV exit points. These programs will capture IFS-related events in order to encrypt/decrypt the files as needed.

This command requires that you have *ALLOBJ (all object) and *SECADM (security administrator) special authorities to add exit programs to the registration facility.

The following users can use this command:

• QSECOFR user profile (unless excluded in the Key Officer settings)
• A user profile with *SECADM authority (unless excluded in the Key Officer settings)
• A Key Officer who has a *YES specified for the "Maintain IFS Enc. Registry" authority setting

How to Get There

From the IFS Utility Menu, choose option 3, Add IFS Exit Point Programs. Or, prompt (F4) the command CRYPTO/ADDIFSEXTP.

Options

User profile (USRPRF)

The user profile under which the QIBM_QP0L_SCAN_CLOSE and QIBM_QP0L_SCAN_OPEN exit programs will be called.

This user profile should have the following authorities.

• *USE authority to the exit program CRRP041, located in the CRYPTO library.
• *EXECUTE authority to the CRYPTO library.
• *ALL authority to the Directory(s) to encrypt and all the files in the directory(s).
• *ALL authority to the Directory(s) that hold the encrypted files and the files in the directory(s).
• *CHANGE authority to the files CRPFIFS, CRPFIFSL1, CRPFIFSL2, CRPFIFSL3, CRPFIFSL4, CRPFIFS2, CRPFIFSLOG Files which are located in the CRYPTO library.
• *CHANGE authority to the data areas CRDEBUG, CRLSTSEQ and CRSRVRUN, which are located in the CRYPTO library.
• *Use Authority to the CRJNI001 Journal and all Journal Receivers, which are located in the CRYPTO library.

If the user profile is not valid or accessible at the time the exit program is called, the action on the IFS file will be ignored, which may cause the file to NOT be encrypted or decrypted at the appropriate time.

The possible values are: