Re-validation reporting with CARLa

This CARLa program shows you how to produce a report of who has a RACF system-wide SPECIAL, OPERATIONS, or AUDITOR attribute. The purpose of the report is to enable security managers to revalidate these attributes to ensure that they are assigned to only the appropriate functionaries. This CARLa program generates the required report in XML format. In addition, the generated report is directly emailed to the interested parties.

In this particular CARLa program, a BOOLEAN attribute is used. A BOOLEAN is a flip switch attribute that contains only a value of YES (when TRUE) or NO (when FALSE). In this example, if the pertinent user ID did not access the system for at least 300 days, the pertinent user ID is reported as “Unused”. In addition, the output modifier “hb” is used, which is the abbreviation for the “hdr$blank” format. This format prints the header when the corresponding BOOLEAN is true or blanks if it is false. For example, CARLa code revoke('Revoked',7,hb)results in printing “Revoked” when the user ID is revoked or blanks when the user ID is not revoked.

CARLa program example:

Sample output:

When opening the attached file with MS Excel it looks like:

 

Exercise:

 

  1. The report shown previously must be adjusted to include an additional column called “Business justification”. This column allows the manager that conducts the revalidation to specify why the user ID must retain the system-wide attribute.Please add this new field to the CARLa program and then run it to produce the required output. Do not forget to adjust the “mailto=” statement to that of your own email address.
     
  2. When the report is successfully emailed to your mailbox, open the attachment that contains the report. Then, “right click” the attachment to open it as an MS Excel spreadsheet. Save the report and then email it to yourself containing a “Business justification” to retain the system-wide attribute that is assigned your training user ID!

 

 

View Suggested samples and answers

 

Continue with Using an external file as input

 

© Copyright IBM Corp. 2012, 2020

IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.