Luo Johnny wrote:
Yes.At this time I use 'setr protectall(warning)' to let system notify
me when a data set is not-racf-protected.
Perhaps another question which puzzles me for long is how to
make an ordinary user can only create data sets which HLQ is
his user-id?
Say,on my system ,now user 'md0006' can create data sets with
HLQ=MD0007 while 'md0007' is another user-id.I want to forbid
this ,but don't know how to do.
It is quite simple.
Just create dataset profiles. You should create profiles for all
datasets you have and switch to PROTECTALL(FAILURE).
Now start with the following:
(I assume, that MD0007 is existing user)
AD 'MD0007.**' UACC(N) OW(MD0007)
Now (after refresh) only (*) user MD0007 can create MD0007.some.thing
datasets.
In general, you should create at least HLQ.** for every HLQ in your system.
(*) There are some exceptions, like OPERATIONS users or
PRIVILEGED/TRUSTED started tasks.
HTH
--
Radoslaw Skorupka
Lodz, Poland
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
