Users logged into the sys group on the master domain manager

user masterop cpu=$master + group=sys

###########################################################
# APPLIES TO USERS LOGGED INTO THE SYS GROUP ON THE
# MASTER DOMAIN MANAGER.
user masterop  cpu=$master + group=sys
begin
#  OBJECT     ATTRIBUTES       ACCESS CAPABILITIES
# ----------  ------------     ----------------------
job           cpu=@ + logon="TWS_domain\TWS_user"
                   + folder = /  access=@
job           cpu=@ + logon=root  + folder = /
                                  + cpufolder = /
                                 access=adddep,altpri,cancel,confirm,
                                 deldep,release,reply,rerun,submit,use
job           cpu=@ + logon=@ ~ logon=root  + folder = /
                                  + cpufolder = /
                                 access=add,adddep,altpri,cancel,confirm,deldep,
                                 release,reply,rerun,submit,use
schedule      cpu=$thiscpu   + folder = /  + cpufolder = /  access=@
schedule      cpu=@   + folder = /  + cpufolder = /
                                     access=adddep,altpri,cancel,
                                     deldep,limit,release,submit
resource      + folder = /      access=add,display,resource,use
file          name=globalopts   access=display
file          name=prodsked     access=display
file          name=symphony     access=display
file          name=trialsked    access=build, display
calendar      + folder = /                  access=display,use
cpu           cpu=@     + folder = /         access=@
parameter     name=@ ~ name=r@  + folder = /  access=@
report        name=RUNHIST,RUNSTATS  access=display
wkldappl      name=@   + folder = /         access=add,delete,display,modify,list,unlock
lob           name=@            access=use
folder        name=/            access=@
end
This user definition applies to users logged into the sys group on the master domain manager. They are given a unique set of access capabilities. Multiple object statements are used to give these users specific types of access to different sets of objects. For example, there are three job statements:
  • The first job statement permits unrestricted access to jobs that run on any workstation (@) under the user's name (TWS_domain\TWS_user).
  • The second job statement permits specific types of access to jobs that run on any workstation and that run as root.
  • The third job statement permits specific types of access to jobs that run on any workstation. Jobs that run as root are excluded.
They are the only users defined on the master domain manager, different from maestro or root, who can generate trial and forecast plans.