Hello group,
I'd be much appreciate that someone can help this SDSF problem.
We recently migrated from z/OS 1.9 to 1.11 and some TSO users can't access
other people's spool output anymore.
We have RACF JESSPOOL class activated and some users had profiles defined to
protect JOB output in spool. In order to have SYSPROG and Production support
to be able to access individual's job, we use ISFUSER to fall back using
ISFPARMS.
There is USERID/GROUP filter("GOD" user) in PRESAF exit point to set RC to
04 and CMDAUTH(ALL) and DSPAUTH(ALL) are given in corresponding ISFGRP
statements.
It doesn't work anymore with z/OS 1.11.
If there is an profile defined in JESSPOOL to protect such userid output, I
see ICH408I message in SYSLOG, doesn't matter it's a "GOD" or regular user.
If there is no profile defined in JESSPOOL for such userid, "GOD" user has
no problem to browse those user's job output.
What changed in z/OS 1.11 SDSF?
Thanks for your time/help.
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
