On Jun 20, 2007, at 8:24 PM, Phil Knight wrote:
Ditto....ever have "users" cruise your parmlib and then tell you
how to tune the system? Solution: UACC(NONE).
Phil,
Exactly. One place where I worked there were quite a few
"consultants" They were always complaining about X (take you pick
what X was) It took time to research each complaint. So what we did
was to keep a running total of hours spent in researching each call.
At the end of the month We would summarize it by sysprog. I seemed to
be the leading number as I was usually quite nice to the complainer
(there were exceptions). The number of hours came out to be about a
man week per month. When I showed the numbers to upper management
they immediately threw out access to PARMLIB. I also convinced them
(because it was in the standards manual that I had helped write) that
access all but a few SYS1 datasets should be denied. In a day I had
produced a list and gave it to the auditors. I had to explain what
each data set was and why they should not have access to it. The
auditors "suggested" the adoption to IT management and got the OK.
The security people did their thing and turned on logging. After a
month of monitoring they turned off access. The consultants howled as
they could no longer assemble programs (no access to sys1.maclib)
they also croaked a lot about parmlib. The auditors stood their
ground as well as we did as well.
The regular staff people mostly did not care 1 iota they were not
conversant in BAL and that gave them an edge to say NO to the
consultants which were running rough shod over the staff.
The SDSF issue was really never an issue per se. From Day one they
access only to their USERID type jobs. That settled quite a few
arguments because we indicated that syslog had security related
information that was not their concern. Looking into jobq's was not
an issue because we had service level agreements and we met them so
there was no need for anyone to monitor them. I regularly produced
reports of violators and management did back them up with a pointed
question as to why the violated them.
I was also in weekly contact with several VP's in the applications
group and I listened to complaints before they got to the DC. I was
either able to address the complaints with a personal phone call or a
conference with the people involved (most of the time). We tried to
stay on friendly terms and that meant going out to lunch or out
drinking with them. We also listened. They also knew that we would
attempt to address the issue before it became a political hotdog.
One area where I felt I fell down was performance capacity planning.
Our VP would only order more capacity if the CEO OK'd it. He would
never go and ask. It was a real pain as I explained to the people its
out of my control. Start working on the CEO to convince him we need
more power. I think the VP was a little miffed at me but I got tired
of begging. We were growing at about 20 percent a year. The people
would show him the charts and he would just say so? The guy was so
tight with the money he was practically a thief when it came to
paying for licensing for the other site we had. I didn't know what
was going on till we had a audit and I spotted the issue. I was told
to shut up it was a management issue. I had a difficult time keeping
the "secret". I finally told IBM about it and they said well they
knew about the issue but wanted to keep our business so they kept quiet.
Ed
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
