List the references to and from a user, group, class, or resource.
Security objects (users, groups, classes, and resources) refer to one another in various ways. A user may refer to a default group, and be referred to by groups as a member of those groups. A user may also be referred to by access control entries (ACEs) in resource rules. Groups refer to users and may be referred to by users and resources. Resources refer to users and groups and are referred to by the class they belong to. Classes refer to the resources they contain.
Often administrators need to understand these relationships, for example to find out what explicit permissions a group has been granted, or to ensure a user has been removed from all groups before deleting that user. The LISTREFERENCES command can be used to discover them.
Each reference is listed with three attributes: its name, its type (user, group, etc), and a comment indicating how it is related to the object being queried.
For listing a user's references:
For listing a group's references:
For listing a class's references:
For listing a resource's references:
ESF EM 1000 I ESM1: MLDAP ESM initialized ESF MI 200 I Loaded module mldap_esm for ESM (1) "mldap_esm": MLDAP ESM version 2.0.2 ESF PI 101 I External Security Manager version 2.1.0 initialized LIST Command results: List 1 contains 6 items. NAME=CICSUSER TYPE=USER COMMENT=The user itself NAME=ALLUSER TYPE=GROUP COMMENT=User's default group NAME=ALLUSER TYPE=GROUP COMMENT=Explicit group member NAME=DEVGROUP TYPE=GROUP COMMENT=Explicit group member NAME=* TYPE=RESOURCE COMMENT=Class TCICSTRN, ACE allow:CICSUSER:read ESF EM 1002 I ESM1: MLDAP ESM exiting Command processing completed successfully
The list output shows the following references: the CICSUSER object itself, its default group, the groups it is an explicit member of, and a resource that has an ACL that names the user specifically.