All MYWINDOM windows users logged in on any workstation

user default cpu=@ + logon=MYWINDOM\\@

###########################################################
# APPLIES TO ALL "MYWINDOM" WINDOWS USERS LOGGED IN ON ANY 
# WORKSTATION.
user default  cpu=@ +  logon=MYWINDOM\\@ 
begin
#  OBJECT     ATTRIBUTES       ACCESS CAPABILITIES
# ----------  ------------     ----------------------
job           cpu=@    + folder = /  
                       + cpufolder = /   access=@
schedule      cpu=@    + folder = /  
                       + cpufolder = /   access=@
resource       + folder = /  + cpufolder = /   access=@
prompt         + folder = /                    access=@
file                                     access=@
calendar       + folder = /              access=@
cpu           cpu=@     + folder = /     access=@
parameter     name=@    + folder = /  + cpufolder = / access=@
userobj       cpu=@ + logon =MYWINDOM\\r@  + cpufolder = / access=display
userobj       cpu=@ + logon=@   + cpufolder = / access=@
eventrule     name=@     + folder = /    access=add,delete,display,modify,list,unlock
action        provider=@        access=display,submit,use,list
event         provider=@        access=use
report        name=@            access=display  
runcygrp      name=@   + folder = /      access=add,delete,display,modify,use,list,unlock
vartable      name=g@,$default  + folder = /  access=add,delete,display,modify,use,list,unlock
wkldappl      name=@     + folder = /     access=add,delete,display,modify,list,unlock
lob           name=@            access=use
folder         name=/           access=@
end
############################################################

Windows Users in MYWINDOM whose name begins with 'r' can display only userjobs. All others MYWINDOM Windows user that are logged in on any workstation are given unrestricted access to all objects. Access to workstations is limited to workstations defined in the root (/) folder. Access to scheduling objects that can be defined in folders is limited to the root (/) folder, as specified. For example, access to prompts is limited to prompts defined in the root folder prompt + folder = / access=@. They are the only ones who can generate all kinds of plans and who can create, update, and delete event rule definitions. All users have access to all variable tables beginning with "g" and to the default table, irrespective of the default variable table name.

user default  cpu=@ +  logon=MYWINDOM\@
..........................................
userjob       cpu=@ + logon =MYWINDOM\r@  access=display