In order to have another user have the same access capabilitites as the default (IBM deleivered with a new install of z/os) IBMUSER, you would have to join it to all of the same groups as IBMUSER. You also would have to give it access to many of the facility class options as well. On top of that, you would need to permit the user to various TSO based resources. The default IBMUSER also has been given access to a SH*Tload of dataset rules.
I don't think that (as a rule) that rules should be written to an individual, only to groups. It will make life much easier for everyone, especially at a site that has a lot of personnel movement. Is there something specific that you want this new user to do? There really isn't anything special about IBMUSER itself, it just is a default that IBM and a lot of site (which really should not, but do any way), have given a lot of default resource access to. It's much better to create a group, (say SYSTEMS) and then give all of the permissions and resource access to that group, so that if you add a new systems programmer loose the main systems programmer, you don't have to make a whole lot of individual changes. Personally I think that IBMUSER is one of the first ID's that should be removed after a new system installation, there are too many sites that keep that ID around, and it's a security problem waiting to happen. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
