The following are the field and record definitions for the data files used in the VSAM
ESM file directory, and their corresponding YAML configuration names.
Users.dat
| Data File Attribute Name
|
YAML Configuration Equivalent
|
Character Limit
|
Integer Digit Limit
|
Notes
|
| user-name
|
UserId
|
8
|
N/A
|
|
| long-name
|
AltId
|
100
|
N/A
|
|
| user-allowed-logon
|
AllowLogon
|
1
|
N/A
|
Single character Y or N boolean flag.
|
| user-description
|
Description
|
100
|
N/A
|
|
| user-custom-text
|
CustomText
|
100
|
N/A
|
|
| user-expire-date
|
ExpirationDate
|
17
|
N/A
|
ISO8601 date-time string
|
| user-default-group
|
DefaultGroup
|
8
|
N/A
|
|
| user-password
|
Verifier
|
108
|
N/A
|
|
| user-password-expire-date
|
ExpirationDate
|
17
|
N/A
|
ISO8601 date-time string
|
| user-password-change
|
MustChange
|
1
|
N/A
|
Single character Y or N boolean flag.
|
| user-create-token
|
CreateToken
|
4
|
N/A
|
|
| user-use-token
|
UseToken
|
4
|
N/A
|
|
| user-last-logon-time
|
LastLoginTime
|
17
|
N/A
|
ISO8601 date-time string
|
| user-logon-attempts
|
LoginAttempts
|
N/A
|
4
|
|
| user-audit
|
Audit
|
1
|
N/A
|
Single character Y or N boolean flag.
|
| user-mto-priority
|
Priority
|
N/A
|
4
|
|
| user-mto-timeout
|
Timeout
|
N/A
|
4
|
|
| user-mto-operator-class
|
OperatorClass
|
N/A
|
4
|
|
| user-mto-operator-id
|
OperatorID
|
3
|
N/A
|
|
| user-mto-group-prefix
|
GroupPrefix
|
8
|
N/A
|
|
PasswordHistories.dat
| Data File Attribute Name
|
YAML Configuration Equivalent
|
Character Limit
|
Integer Digit Limit
|
Notes
|
| user-id
|
UserId
|
8
|
N/A
|
|
| password-history-value
|
An element in the History sequence
|
126
|
N/A
|
|
Groups.dat
| Data File Attribute Name
|
YAML Configuration Equivalent
|
Character Limit
|
Integer Digit Limit
|
Notes
|
| group-name
|
GroupId
|
8
|
N/A
|
|
| group-description
|
Description
|
100
|
N/A
|
|
| group-custom-text
|
CustomText
|
100
|
N/A
|
|
| group-audit
|
Audit
|
1
|
N/A
|
Single character Y or N boolean flag.
|
Memberships.dat
| Data File Attribute Name
|
YAML Configuration Equivalent
|
Character Limit
|
Integer Digit Limit
|
Notes
|
| membership-group-id
|
GroupId
|
8
|
N/A
|
|
| membership-member-id
|
An element in the Member sequence
|
8
|
N/A
|
|
| membership-group-ind
|
CustomText
|
1
|
N/A
|
Single character Y if the member id corresponds to a group, OR N if the member id corresponds to a user.
|
Classes.dat
| Data File Attribute Name
|
YAML Configuration Equivalent
|
Character Limit
|
Integer Digit Limit
|
Notes
|
| class-name
|
ClassID
|
44
|
N/A
|
|
| class-description
|
Description
|
100
|
N/A
|
|
| class-custom-text
|
CustomText
|
100
|
N/A
|
|
Rules.dat
| Data File Attribute Name
|
YAML Configuration Equivalent
|
Character Limit
|
Integer Digit Limit
|
Notes
|
| resource-name
|
RuleID
|
1000
|
N/A
|
|
| resource-description
|
Description
|
100
|
N/A
|
|
| resource-custom-text
|
CustomText
|
100
|
N/A
|
|
| resource-audit
|
Audit
|
1
|
N/A
|
Single character Y or N boolean flag.
|
ACEs.dat
| Data File Attribute Name
|
YAML Configuration Equivalent
|
Character Limit
|
Integer Digit Limit
|
Notes
|
| ace-id
|
N/A
|
N/A
|
8
|
Not end user defined.
|
| resource-id
|
RuleID
|
8
|
N/A
|
|
| actor-name
|
substring of an entry in ACEs sequence
|
8
|
N/A
|
Single character Y or N boolean flag.
|
| ace-group-ind
|
substring of an entry in ACEs sequence
|
1
|
N/A
|
Single character Y or N boolean flag.
|
| ace-type
|
substring of an entry in ACEs sequence
|
5
|
N/A
|
Either ALLOW or DENY .
|
| ace-perm
|
substring of an entry in ACEs sequence
|
80
|
N/A
|
|
Security Data files can be edited with
Micro Focus Data File Tools. See the file definitions below:
Note: The level-88 items specify valid values for some fields.
fd users.
01 user-rec. *>502
05 user-name pic x(8).
05 long-name pic x(100).
05 user-allowed-logon pic x.
88 is-allowed-logon value "Y" false "N".
05 user-description pic x(100).
05 user-custom-text pic x(100).
05 user-expire-date pic x(17).
05 user-default-group pic x(8).
05 user-password pic x(108).
05 user-password-expire-date pic x(17).
05 user-password-change pic x.
88 is-password-change-required value "Y" false "N".
05 user-last-password-change-time pic x(17).
05 user-create-token pic x(4).
05 user-use-token pic x(4).
05 user-last-logon-time pic x(17).
05 user-logon-attempts pic x(4) comp-x.
05 user-audit pic x.
88 is-audit value "Y" false "N".
05 user-mto-priority pic x(4) comp-x.
05 user-mto-timeout pic x(4) comp-x.
05 user-mto-operator-class pic x(4) comp-x.
05 user-mto-operator-id pic x(3).
05 user-mto-group-prefix pic x(8).
fd password-historys.
01 password-history-rec.
05 password-history-key.
10 password-history-value pic x(126).
10 user-id pic x(8).
fd groups.
01 group-rec.
05 group-name pic x(8).
05 group-description pic x(100).
05 group-custom-text pic x(100).
05 group-audit pic x.
88 is-audit value "Y" false "N".
fd memberships.
01 membership-rec.
05 membership-key.
10 membership-group-id pic x(8).
10 membership-member-id pic x(8).
10 membership-group-ind pic x.
88 is-group value "Y".
fd classes.
01 class-rec.
05 class-name pic x(44).
05 class-description pic x(100).
05 class-custom-text pic x(100).
fd resources.
01 resource-rec.
05 resource-name pic x(1000).
05 resource-description pic x(100).
05 resource-custom-text pic x(100).
05 resource-audit pic x.
88 is-audit value "Y" false "N".
fd aces.
01 ace-rec.
05 ace-id pic x(8) comp-x.
05 resource-id pic x(1000).
05 ace-actor.
10 actor-name pic x(8).
10 ace-group-ind pic x.
88 is-group value "Y" false "N".
05 ace-type pic x(5).
88 is-allow value "ALLOW" false "DENY ".
05 ace-perm pic x(80).