--------------------------<snip>------------------------------
But you still need to prevent testers from submitting jobs with a
production USERID. We used a TSO exit to remove USER/PASSWORD parms from
the JOB statement. Got a better idea?
Sure; don't have passwords for production jobs. Only allow them to be
submitted by a user with surrogate access to the production user id. Only
give that surrogate access to user ids that need it, e.g., scheduler.
----------------------------<unsnip>-------------------------------
We eventually did just that. I set the password to a "private" value and
never told anyone what it was. Surrogate access was the ONLY way to
submit a production job, either by the automation or the production
support staff.
Rick
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
