In my opinion, a properly impelemented security structure would have no user-id's named in security rules, instead all rules would have group (or role) names in them, so a connect/disconnect of a user to a group is all that is needed to grant access. If done that way, the only time the ID is referenced is in the connect command. I do agree that from the standpoint of management, allowing users to select ID's is problematic, and could cause collision issues. However, I also feel that embedding the departmental function in a userid is a bad idea, because then the ID has to change if the user gets transferred from one department to another. Just my $.02 Wayne Driscoll Product Developer JME Software LLC NOTE: All opinions are strictly my own.
-----Original Message----- From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On Behalf Of Ed Gould Sent: Thursday, May 31, 2007 8:08 AM To: [email protected] Subject: Re: SPAM-LOW: Re: Limit to the number of Aliases in a User Catalog On May 31, 2007, at 7:43 AM, Rick Fochtman wrote: > -------------SNIP------------------------- > At my last place, we had about 4400 users and we split them by > departmental function. OPS got "COPY###", etc., using employee numbers > in the ### field. > > The vast majority of our users were customers who selected their own > ID's and we split them alphabetically across several other small > catalogs. > > (Most of their usage was CICS.) > Rick, Just out of curiosity, by doing that wasn't it difficult to write security rules? Ed ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
