Save Security Data (SAVSECDTA)
Where allowed to run: All environments (*ALL)
Threadsafe: NoParameters
Examples
Error messagesThe Save Security Data (SAVSECDTA) command saves all security information without requiring a system in a restricted state. The SAVSECDTA command saves the same security information that is saved when a Save System (SAVSYS) command is run including the following:
- User Profiles
- Authorization Lists
- Authority Holders
Information saved with the SAVSYS or SAVSECDTA command can be restored using the Restore User Profiles (RSTUSRPRF) and Restore Authority (RSTAUT) commands.
Restrictions:
- You must have save system (*SAVSYS) special authority to run this command.
- Changes made to user profiles while the SAVSECDTA command is being run may not be reflected on the media, depending on when the changes occurred in relation to the save operation.
- Concurrent running of other SAVSECDTA commands is not allowed.
- If *YES is specified for the Object pre-check (PRECHK) parameter and a security object cannot be saved, the save operation ends.
Top
Parameters
Keyword Description Choices Notes DEV Device Single values: *SAVF
Other values (up to 4 repetitions): NameRequired, Positional 1 VOL Volume identifier Single values: *MOUNTED
Other values (up to 75 repetitions): Character valueOptional SEQNBR Sequence number 1-16777215, *END Optional EXPDATE File expiration date Date, *PERM Optional ENDOPT End of media option *REWIND, *LEAVE, *UNLOAD Optional USEOPTBLK Use optimum block *YES, *NO Optional SAVF Save file Qualified object name Optional Qualifier 1: Save file Name Qualifier 2: Library Name, *LIBL, *CURLIB OPTFILE Optical file Path name, * Optional ASPDEV ASP device Name, *ALLAVL, *, *SYSBAS, *CURASPGRP Optional CLEAR Clear *NONE, *ALL, *AFTER, *REPLACE Optional PRECHK Object pre-check *NO, *YES Optional DTACPR Data compression *DEV, *NO, *YES, *LOW, *MEDIUM, *HIGH Optional COMPACT Data compaction *DEV, *NO Optional OUTPUT Output *NONE, *PRINT, *OUTFILE Optional OUTFILE File to receive output Qualified object name Optional Qualifier 1: File to receive output Name Qualifier 2: Library Name, *LIBL, *CURLIB OUTMBR Output member options Element list Optional Element 1: Member to receive output Name, *FIRST Element 2: Replace or add records *REPLACE, *ADD
Top
Device (DEV)
Specifies the name of the device used for the save operation. The device name must already be known on the system by a device description.
This is a required parameter.
Single values
- *SAVF
- The save operation is done using the save file specified for the Save file (SAVF) parameter.
Other values
- optical-device-name
- Specify the name of the optical device used for the save operation.
- tape-media-library-device-name
- Specify the name of the tape media library device used for the save operation.
- tape-device-name
- Specify the names of one or more tape devices used for the save operation. If a virtual tape device is used, it must be the only device specified. If multiple tape devices are used, they must have compatible media formats and their names must be specified in the order in which they are used. Using more than one tape device permits one tape volume to be rewound and unloaded while another tape device processes the next tape volume.
Top
Volume identifier (VOL)
Specifies the volume identifiers of the volumes, or the cartridge identifiers of tapes in a tape media library device, on which the data is saved. The volumes must be placed in the device in the same order as specified for this parameter.
Single values
- *MOUNTED
- The data is saved on the volumes placed in the device. For a media library device, the volume to be used is the next cartridge in the category mounted by the Set Tape Category (SETTAPCGY) command.
This value cannot be specified when using an optical media library device.
Other values (up to 75 repetitions)
- character-value
- Specify the identifiers of one or more volumes in the order in which they are placed in a device and used to save the data.
Top
Sequence number (SEQNBR)
Specifies, when tape is used, the sequence number to use as the starting point for the save operation.
- *END
- The save operation begins after the last sequence number on the first tape. If the first tape is full, an error message is issued and the operation ends.
- 1-16777215
- Specify the sequence number of the file to be used for the save operation.
Top
File expiration date (EXPDATE)
Specifies the expiration date of the file created by the save operation. If a date is specified, the file is protected and cannot be overwritten until the specified expiration date.
Notes:
- This parameter is valid for tape and optical files.
- Specifying this parameter does not protect against a later save operation specifying CLEAR(*ALL).
- *PERM
- The file is protected permanently.
- date
- Specify the date when protection for the file ends.
Top
End of media option (ENDOPT)
Specifies the operation that is automatically done on the tape or optical volume after the save operation ends. If more than one volume is used, this parameter applies only to the last volume used; all other volumes are unloaded when the end of the volume is reached.
This parameter is valid only if a tape or optical device name is specified for the DEV parameter. For optical devices, *UNLOAD is the only special value supported, *REWIND and *LEAVE will be ignored.
- *REWIND
- The tape is automatically rewound, but not unloaded, after the operation has ended.
- *LEAVE
- The tape does not rewind or unload after the operation ends. It remains at the current position on the tape drive.
- *UNLOAD
- The tape is automatically rewound and unloaded after the operation ends. Some optical devices will eject the volume after the operation ends.
Top
Use optimum block (USEOPTBLK)
Specifies whether or not the optimum block size is used for the save operation.
Specifying USEOPTBLK(*YES) may result in a tape that can be duplicated only to a device that supports the same block size.
- *YES
- The optimum block size supported by the device is used for Save commands. If the block size that is used is larger than a block size that is supported by all device types, then:
- Performance may improve.
- The tape file that is created is only compatible with a device that supports the block size used. Commands such as Duplicate Tape (DUPTAP) do not duplicate files unless the files are being duplicated to a device which supports the same block size that was used.
- The value for the DTACPR parameter is ignored.
- *NO
- The optimum block size supported by the device is not used. Save commands use the default block size supported by all device types. The tape volume can be duplicated to any media format using the Duplicate Tape (DUPTAP) command.
Top
Save file (SAVF)
Specifies the save file that is used to contain the saved data. The save file must be empty, unless *ALL is specified for the Clear (CLEAR) parameter.
A value must be specified for this parameter if *SAVF is specified for the Device (DEV) parameter.
Qualifier 1: Save file
- name
- Specify the name of save file to be used.
Qualifier 2: Library
- *LIBL
- All libraries in the library list for the current thread are searched until the first match is found.
- *CURLIB
- The current library for the thread is used to locate the save file. If no current library entry exists in the library list, the QGPL library is used.
- name
- Specify the name of the library where the save file is located.
Top
Optical file (OPTFILE)
Specifies the path name of the optical file that is used for the save operation, beginning with the root directory of the volume.
For more information on specifying path names, refer to "Object naming rules" in the CL concepts and reference topic in the iSeries Information Center at http://www.ibm.com/eserver/iseries/infocenter.
- *
- The system generates an optical file name in the root directory of the optical volume.
- 'optical-directory-path-name/*'
- The system generates an optical file name in the specified directory of the optical volume.
Top
ASP device (ASPDEV)
Specifies the auxiliary storage pool (ASP) device from which private authorities are to be saved.
- *ALLAVL
- The private authorities from the system ASP (ASP number 1), all basic user ASPs (ASP numbers 2-32), and all available independent ASPs are saved.
- *
- The private authorities from the system ASP, all basic user ASPs, and, if the current thread has an ASP group, all independent ASPs in the ASP group are saved.
- *SYSBAS
- The private authorities from the system ASP and all basic user ASPs are saved.
- *CURASPGRP
- If the current thread has an ASP group, the private authorities from all independent ASPs in the ASP group are saved.
- name
- Specify the ASP device name from which private authorities are to be saved.
Top
Clear (CLEAR)
Specifies whether active data on the media is automatically cleared or replaced. Active data is any file on the media that has not expired. For saves to tape, clearing active data will make any files on the tape volume beyond the last file written by the save operation no longer accessible. For saves to optical, the files written by the save operation can be automatically replaced while other files on the volume remain active, or all active files can be automatically cleared. Clearing does not erase the data, it just makes the files no longer accessible.
Notes:
- Clearing a tape does not initialize it. You should initialize tapes to a standard label format before the save command is issued by using the Initialize Tape (INZTAP) command and specifying a value for the NEWVOL parameter.
- Clearing an optical volume does initialize it.
- If a volume that is not initialized is encountered during the save operation, an inquiry message is sent and an operator can initialize the volume.
- *NONE
- None of the media is automatically cleared. If the save operation encounters active data on a tape volume or in a save file, an inquiry message is sent, allowing the operator to either end the save operation or clear the media. If the save operation encounters the specified optical file, an inquiry message is sent, allowing the operator to either end the save operation or replace the file.
- *ALL
- All of the media is automatically cleared.
If tapes are used and a sequence number is specified for the SEQNBR parameter, the first tape is cleared beginning at that sequence number. All tapes following that first tape are completely cleared. To clear the entire first tape, SEQNBR(1) must be specified.
- *AFTER
- All media after the first volume is automatically cleared. If the save operation encounters active data on the first tape volume, an inquiry message is sent, allowing the operator to either end the save operation or clear the media. If the save operation encounters the specified optical file on the first volume, an inquiry message is sent, allowing the operator to either end the save operation or replace the file.
The *AFTER value is not valid for save files.
- *REPLACE
- Active data on the media is automatically replaced. Optical volumes are not initialized. Other media is automatically cleared in the same way as the *ALL value.
Top
Object pre-check (PRECHK)
Specifies whether the save operation should end if all objects specified by this command do not satisfy the following conditions of the save operation: (1) the objects exist, (2) they were not previously found to be damaged, (3) they are not locked by another job, and (4) the requester of the save operation has authority to save the objects.
- *NO
- The save operation continues, saving only those objects that can be saved.
- *YES
- If, after all specified objects are checked, one or more objects cannot be saved, the save operation ends before any data is written.
Top
Data compression (DTACPR)
Specifies whether data compression is used. If the save is running while other jobs on the system are active and software compression is used, the overall system performance may be affected.
If *DEV is specified for both this parameter and the Data compaction (COMPACT) parameter, only device data compaction is performed if device data compaction is supported on the device. Otherwise, data compression is performed.
If *YES is specified for this parameter and *DEV is specified for the COMPACT parameter, both device data compaction and device data compression are performed if supported on the device.
- *DEV
- If the save is to tape and the target device supports compression, hardware compression is performed. Otherwise, no data compression is performed.
- *NO
- No data compression is performed.
- *YES
- If the save is to tape and the target device supports compression, hardware compression is performed. If compression is not supported, or if the save data is written to optical media or to a save file, software compression is performed. Low software compression is used for all devices except optical DVD, which uses medium software compression.
- *LOW
- If the save operation is to a save file or optical, software data compression is performed with the SNA algorithm. Low compression is usually faster and the compressed data is usually larger than if medium or high compression is used.
This value is not valid for tape.
- *MEDIUM
- If the save operation is to a save file or optical, software data compression is performed with the TERSE algorithm. Medium compression is usually slower than low compression but faster than high compression. The compressed data is usually smaller than if low compression is used and larger than if high compression is used.
This value is not valid for tape.
- *HIGH
- If the save operation is to a save file or optical, software data compression is performed with the LZ1 algorithm. High compression is usually slower and the compressed data is usually smaller than if low or medium compression is used.
This value is not valid for tape.
Top
Data compaction (COMPACT)
Specifies whether device data compaction is performed.
- *DEV
- Device data compaction is performed if the data is saved to tape and all tape devices specified for the Device (DEV) parameter support the compaction feature.
If *DEV is specified for both the Data compression (DTACPR) parameter and this parameter, only device data compaction is performed if device data compaction is supported on the device. Otherwise, data compression is performed if supported on the device.
If *YES is specified for the DTACPR parameter and *DEV is specified for this parameter, both device data compaction and device data compression are performed if supported on the device.
- *NO
- Device data compaction is not performed.
Top
Output (OUTPUT)
Specifies whether a list with information about the saved objects is created. The information can be printed with the job's spooled output or directed to a database file.
- *NONE
- No output listing is created.
- The output is printed with the job's spooled output.
- *OUTFILE
- The output is directed to the database file specified for the File to receive output (OUTFILE) parameter.
You must specify a database file name for the File to receive output (OUTFILE) parameter when OUTPUT(*OUTFILE) is specified.
Top
File to receive output (OUTFILE)
Specifies the database file to which the information is directed when *OUTFILE is specified for the Output (OUTPUT) parameter. If the file does not exist, this command creates a database file in the specified library. If a new file is created, the system uses QASAVOBJ in QSYS with the format name QSRSAV as a model.
Qualifier 1: File to receive output
- name
- Specify the name of the database file to which output from the command is directed. If this file does not exist, it is created in the specified library.
Qualifier 2: Library
- *LIBL
- All libraries in the library list for the current thread are searched until the first match is found.
- *CURLIB
- The current library for the thread is used to locate the file. If no library is specified as the current library for the job, the QGPL library is used.
- name
- Specify the name of the library to be searched.
Top
Output member options (OUTMBR)
Specifies the name of the database file member to which the output is directed when *OUTFILE is specified for the Output (OUTPUT) parameter.
Element 1: Member to receive output
- *FIRST
- The first member in the file receives the output. If OUTMBR(*FIRST) is specified and the member does not exist, the system creates a member with the name of the file specified for the File to receive output (OUTFILE) parameter.
- name
- Specify the name of the file member that receives the output. If OUTMBR(member-name) is specified and the member does not exist, the system creates it.
If the member exists, you can add records to the end of the existing member or clear the existing member and add the records.
Element 2: Replace or add records
- *REPLACE
- The existing records in the specified database file member are replaced by the new records.
- *ADD
- The new records are added to the existing information in the specified database file member.
Top
Examples
Example 1: Automatically Clearing Uncleared Tapes
SAVSECDTA DEV(TAP01) CLEAR(*ALL)This command saves the security information, including user profiles, authorization lists, authority holders. They are saved on the TAP01 tape drive. CLEAR(*ALL) automatically clears all uncleared tapes when they are encountered.
Example 2: Sending Message When Storage Capacity Exceeded
SAVSECDTA DEV(TAP01) VOL(ABC)This command saves the security information on the TAP01 tape drive, starting on the tape volume labeled ABC. If the save operation exceeds the storage capacity of one tape, a message requesting that another volume be put on the TAP01 tape drive is shown to the operator.
Top
Error messages
*ESCAPE Messages
- CPF2206
- User needs authority to do requested function on object.
- CPF222E
- &1 special authority is required.
- CPF370A
- Not all security objects saved to save file &3.
- CPF3709
- Tape devices do not support same densities.
- CPF3727
- Duplicate device &1 specified on device name list.
- CPF3728
- Device &1 specified with other devices.
- CPF3731
- Cannot use &2 &1 in library &3.
- CPF3733
- &2 &1 in &3 previously damaged.
- CPF3735
- Storage limit exceeded for user profile &1.
- CPF3737
- Save and restore data area &1 not found.
- CPF3738
- Device &1 used for save or restore is damaged.
- CPF3767
- Device &1 not found.
- CPF3768
- Device &1 not valid for command.
- CPF3782
- File &1 in &2 not a save file.
- CPF3793
- Machine or ASP storage limit reached.
- CPF3794
- Save or restore operation ended unsuccessfully.
- CPF3812
- Save file &1 in &2 in use.
- CPF384E
- USEOPTBLK(*YES) not valid for CD-ROM premastering.
- CPF388B
- Optical file path name not valid.
- CPF3893
- Not all security objects saved.
- CPF3894
- Cancel reply received for message &1.
- CPF38A4
- ASP device &1 not correct.
- CPF5729
- Not able to allocate object &1.
- CPF9809
- Library &1 cannot be accessed.
- CPF9812
- File &1 in library &2 not found.
- CPF9814
- Device &1 not found.
- CPF9833
- *CURASPGRP or *ASPGRPPRI specified and thread has no ASP group.
- CPF9845
- Error occurred while opening file &1.
- CPF9846
- Error while processing file &1 in library &2.
- CPF9847
- Error occurred while closing file &1 in library &2.
- CPF9850
- Override of printer file &1 not allowed.
- CPF9851
- Overflow value for file &1 in &2 too small.
- CPF9860
- Error occurred during output file processing.
- CPFB8ED
- Device description &1 not correct for operation.
Top