"Vernooij, CP - SPLXM" <kees.verno...@klm.com> wrote in message news:<ce3ffbb7e42033469ef752a1d8a19ba1eef...@kl1221tc.cs.ad.klmcorp.net> ... > "Mary Anne Matyaz" <maryanne4...@gmail.com> wrote in message > news:<9689019850953527.wa.maryanne4psugmail....@bama.ua.edu>... > > TSS does not have a single attribute that equals the RACF TRUSTED=YES > > but there are bypass attributes like NODSNCHK, NOVOLCHK, NORESCHK, > NOSUBCHK, > > and NOLCFCHK, that can be given to an acid to bypass security checks. > > > > All of the Bypass attributes together pretty much equal TRUSTED but > > usually not all of the Bypass attributes are necessary, such as if the > > > acid is never going to be used in Batch then NOSUBCHK is not > necessary. > > > > IMHO, you'd be better off going after the saf requirements for BCPII > > > > Did you run a TSS trace to see what specific profile the violation is > on? > > > > Here's a good techdoc on the entire process. > > > http://www-03.ibm.com/support/techdocs/atsmastr.nsf/5cb5ed706d254a818625 > 6c71006d2e0a/2f3c49c0a320bdca862576f5005fb64d/$FILE/SFM%20with%20BCPii.p > df > > > > MA > > > > Mary Ann, > > Thanks for the techdoc, it enlightens a lot. Especially because we are > developping an HMC interface to automatically set and change LPAR > settings like Weights and Group Capacity limits for various situations. > > No, we cannot get any trace not audit output out of XCFAS, maybe because > it starts before TSS is started. > > Yes, I will ask IBM to specify the saf requirements clearly. > > Kees.
For the archives: I asked IBM for a solution and they came up with an other PMR, where a customer asked the same question. That user has also asked CA for a solution and CA answered then to "add "HWI.TARGET.netid.nau" permit with the APPLDATA(community-name) for the TSS ALL record" I tried this and it works, only after an IPL of all the LPARs to make XCFAS pick up the autorization. Kees. ******************************************************** For information, services and offers, please visit our web site: http://www.klm.com. This e-mail and any attachment may contain confidential and privileged material intended for the addressee only. If you are not the addressee, you are notified that no part of the e-mail or any attachment may be disclosed, copied or distributed, and that any other action related to this e-mail or attachment is strictly prohibited, and may be unlawful. If you have received this e-mail by error, please notify the sender immediately by return e-mail, and delete this message. Koninklijke Luchtvaart Maatschappij NV (KLM), its subsidiaries and/or its employees shall not be liable for the incorrect or incomplete transmission of this e-mail or any attachments, nor responsible for any delay in receipt. Koninklijke Luchtvaart Maatschappij N.V. (also known as KLM Royal Dutch Airlines) is registered in Amstelveen, The Netherlands, with registered number 33014286 ******************************************************** ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
