Excellent idea, we use the JCL include to set up the joblibs and job variables that are global to every job of our applications.
Sounds like just a different application of the same principle. Darren -----Original Message----- From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On Behalf Of McKown, John Sent: Wednesday, October 24, 2007 9:55 AM To: [email protected] Subject: "different" TSO logon proc, depending on system. Restricting who can logon to a specific system I just had a minor flash of insight which I thought might be of interest to people. Suppose you have multiple z/OS systems. Also suppose that you share the RACF database. And suppose you want to have a __different__ logon proc for people, depending on which system they log on to. Now, RACF only supports remembering a single logon proc name in the database. So either the user has to change the logon proc in the logon screen, depending on the system [s]he was logging on to, or you had to have a different TSO proclib, with the same proc names, for each system. I just had an epiphany on this. Instead, use the // INCLUDE MEMBER= to dynamically create the name of the JCL library member to be included, based on the &SYSNAME. For an example, suppose your standard TSO proc name was STDTSO. You would have a proc with that name in the shared TSO proclib. It would look something like: //STDTSO PROC // INCLUDE MEMBER=TSOP&SYSNAME Then, in the same proclib, you'd have a number of TSOPnnnn members, one for each system. If there are a number of shared statements for all procs, then include those statements in the STDTSO proc and only include the system unique statements in the TSOPnnnn member. Extending this slightly, suppose that you have a restricted system that you only want certain users to log on to. In the TSOP&SYSNAME for that system, simply have a DD statement similar to: //RESTRICT DD DISP=SHR,DSN=HLQ.SYS&SYSNAME.&SYSUID Replace HLQ is some reasonable high level qualifier. Now, on that system, for each valid user, create the appropriate dataset. If the dataset does not exist, then when the user attempts to log on, they get a JCL error and the LOGON fails. Or am I just insane? -- John McKown Senior Systems Programmer HealthMarkets Keeping the Promise of Affordable Coverage Administrative Services Group Information Technology The information contained in this e-mail message may be privileged and/or confidential. It is for intended addressee(s) only. If you are not the intended recipient, you are hereby notified that any disclosure, reproduction, distribution or other use of this communication is strictly prohibited and could, in certain circumstances, be a criminal offense. If you have received this e-mail in error, please notify the sender by reply and delete this message without copying or disclosing it. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
