Authorization for VMSCHED QUERY  ( USER *   

Document ID : KB000128957
Last Modified Date : 07/03/2019
Show Technical Document Details
Issue:
What authorization do we need to give a user so they can issue VMSCHED QUERY  ( USER *   
 
Resolution:
If you don't have the authorization to QUERY, VM:Schedule responds with: 

vmsched query (user * 
VMDQRY0207E Authorization is required to perform a QUERY on multiple userids. 
Ready(00024); 


The PRODUCT VMSECURE record factors into this as well. 


As documented in VM:Secure's doc under Controlling VM:Schedule Commands: 

Use the VM:Schedule interface to VM:Secure to control the CANCEL, QUERY, and SCHEDULE commands. When this interface is in place, VM:Schedule first determines whether the user has VM:Schedule NOPASS authorization. If not, the rules database is searched for an applicable rule. 

To simplify and not have to define a VM:Secure Rule, give the user OPERATOR and NOPASS authorizations as shown here: 

AUTHORIZ NOPASS newuser 

AUTHORIZ OPERATOR newuser 


which are AUTHORIZ records in the VMSCHED CONFIG file. 

Also make sure you have a PRODUCT VMSECURE VMSECURE record in the VMSCHED CONFIG. 


 
 
Additional Information:
If your preference however is to do this using VM:Secure Rules, review this section in the VM:Secure doc for additional information; 

https://docops.ca.com/ca-vm-secure/3-1/en/rules-facility/security-with-the-rules-facility/controlling-ca-vm-schedule-commands 

Use the VM:Schedule interface to VM:Secure to control the CANCEL, QUERY, and SCHEDULE commands. When this interface is in place, VM:Schedule first determines whether the user has VM:Schedule NOPASS authorization. If not, the rules database is searched for an applicable rule. 

If a pertinent rule is not found, VM:Schedule prompts users for the logon password of the user ID that will own the job. If users are scheduling a job for their own user ID, they are prompted for their logon password (unless they have VM:Schedule SKIPPASS authorization). 

* Note that VM:Schedule security is available if rules are not found. For that reason, you want to maintain your current VM:Schedule SKIPPASS and NOPASS authorizations.