Work with Operators for Authority on Demand

In addition to the standard iSecurity definition of operators (as shown in the iSecurity Installation & Base Support Manual), Authority on Demand uses specific definitions, primarily related to emergency rules (as shown in Emergency Rules).

To establish these definitions, select 12. Work with AOD, P-R Operators in the BASE Support menu (STRAOD> 89 > 12). The Work with Operators screen appears.

​                           ​ Work with Operators​                                                                                                                   ​ Type options, press Enter.                 ​                                       ​ 1=Select   4=Delete​  ​ Authority level: 1=*USE​ ​ 9=*FULL​                                                                                                         ​ Opt​ User​         ​ System​   ​ AOD​ ​ P-R​ ​ MFA​ ​ Adm​                                  ​ ​  ​ ​ *AUD#SECAD​   ​ RLDEV   ​  ​ 9​   ​ 9​   ​ 9​   ​ 9​                                    ​  ​ ​ ADAM      ​   ​ RLDEV   ​  ​ 4​   ​  ​   ​  ​   ​ 9​                                    ​  ​ ​ AMNON     ​   ​ RLDEV   ​  ​ 9​   ​ 9​   ​ 9​   ​ 9​                                    ​  ​ ​ CS        ​   ​ RLDEV   ​  ​ 9​   ​ 9​   ​ 9​   ​ 9​                                    ​  ​ ​ OD        ​   ​ RLDEV   ​  ​ 9​   ​ 5​   ​ 9​   ​ 9​                                    ​  ​ ​ QSECOFR   ​   ​ RLDEV   ​  ​ 9​   ​ 9​   ​ 9​   ​ 9​                                    ​  ​ ​ TEST      ​   ​ RLDEV   ​  ​ 9​   ​ 9​   ​  ​   ​  ​                                    ​  ​ ​ TEVG      ​   ​ RLDEV   ​  ​ 9​   ​ 9​   ​ 9​   ​ 9​                                    ​  ​ ​ VV1       ​   ​ RLDEV   ​  ​ 9​   ​ 9​   ​ 9​   ​ 9​                                                                                                                                                                                                                                                                                                                                                        ​       Bottom​  ​ AOD=Authority on Demand​  ​ PR=Password Reset​   ​ MFA=Multi Factor Authentication​                                                 ​ Adm=Administrator​                ​ F3=Exit    F6=Add new​   ​ F8=Print​  ​ F11=*SECADM/*AUDIT authority​  ​ F12=Cancel​                                                                                    ​                                                                                 ​

The body of the screen contains lines that show users on specific systems (or *ALL) and their authority levels for various programs, including, in the AOD column, Authority on Demand.

To view and modify these authorities, enter 1 in the Opt column of that line. The Modify Operator screen appears.

​                                ​ Modify Operator​                                                                                                                  ​ Type choices, press Enter.                                                    ​                                                                                   ​ Operator  . . . . . . . . . .​  ​ *AUD#SECAD​                                      ​ System  . . . . . . . . . . .​  ​ RLDEV   ​       ​ *ALL, Name          ​            ​ Operator password . . . . . .​  ​ *SAME     ​     ​ Name, *SAME, *BLANK​                                                                                              ​ Authorities by subject:​                                                         ​ Authority on Demand . . . . .​  ​ 9​              ​ 1=*USE, 4=Limited *EMERGENCY​                                                    ​ 5=*EMERGENCY, 8=Limited *FULL​                                                   ​ 9=*FULL​                         ​ Password Reset  . . . . . . .​  ​ 9​              ​ 1=*USE, 5=*WEAK, 9=*FULL ​       ​ Multi Factor Authentication .​  ​ 9​              ​ 1=*USE, 9=*FULL          ​       ​ Product Administrator . . . .​  ​ 9​              ​ 1=*USE, 9=*FULL​                                                                                                  ​ Note: Emergency operator can enable or modify emergency rules. This allows  ​          ​ solving of critical problems without the intervention of the security ​          ​ administrator.                                                        ​    ​      ​ The term Limited denotes that the user cannot change PIN codes.​                                                                                            ​ F3=Exit​   ​ F12=Cancel​                                                                                                                                            ​                                                                                 ​

The Authority on Demand field contains a numeric value representing these sets of authorities:

• 1: *USE Can use rules but not change them.
• 4: Limited *EMERGENCY Can modify emergency rules, but cannot change their PIN codes.
• 5: *EMERGENCY Can modify emergency rules, including their PIN codes.
• 8: Limited *FULL Can modify all rules, but cannot change their PIN codes.
• 9: *FULL Can modify all rules, but cannot change their PIN codes.