The DELETE subcommand lets users with the account privilege delete logonid records.
The DELETE subcommand lets users with the account privilege delete logonid records. By default, this subcommand also deletes any access rule set whose key matches any deleted logonid record.
DELETE * LOGONID LIKE(LIDMASK) UID(UIDMASK) IF(FIELD, ...,FIELDN) NORULE TARGET(NULL/=/?/NODEMASK1, ...,NODEMASKN) NOSIGNAL ARCHIVE INTO(dsname(member)
Example: Delete logonids with a specific privilege
A logonid with the CONSULT privilege is known as a consultant. Logonids with the CONSULT privilege have powerful privileges such as viewing the
CA ACF2databases. As a security administrator, your organization requires you to delete consultant logonids when the consultant is no longer employed. Delete all logonids with the CONSULT privilege:
The following prompt displays:DELETE IF (consult)
Type "Y" to DELETE.ACF67046 MULTIPLE RECORDS IN LID MODE MAY BE DELETED. ENTER Y TO DELETE OR N TO CANCEL
In this example, three logonids with the CONSULT privilege were deleted.ACF60013 3 LOGONID(S) DELETED
- ASTERISK ( *)Specifies that you want to delete the last logonid record that you referenced in your current TSO session. You cannot delete your own logonid.
- LOGONIDA one to eight-character name of the logonid record you want to delete.
- LIKE (LOGONID-MASK)A one to eight-character name of the logonid or a group of logonid records that match the mask you want to delete.
- UID (UIDMASK)Specifies that you want to delete a group of logonid records whose UIDs match the mask.
- IF (FIELD1, FIELD2 ...FIELDN)Specifies that you want to delete a group of logonid records with the specified fields. You can specify up to 16 Fields.
- NORULESpecifies that you want to delete the logonid record, but not the access rules whose high-level qualifier matches the logonid. By default,CA ACF2deletes these rules whenever you delete a logonid.
- TARGET (null/=/?/NODEMASK1, ..., NODEMASKN)Specifies that you want to process logonid records or user profile records for a target node or group nodes.
- RULE (RULEID)Specifies the index of the access rule set to be deleted.
- NOSIGNALSpecifies that no ENF 71 signal is emitted when NOSIGNAL is in effect. An ENF 71 signal provides notification about the change to the user's security record. Applications that receive the signal can take action.
- ARCHIVEActivates building the commands that are used to recreate a user. Also, re-adds a user to any role where they are included.
- INTO (DSNAME(MEMBER))Specifies a specific dataset name and member that would be used to store the output of the archive. Required when archive is specified on a delete command.