That's assuming the OEM product issues the RACROUTE call to verify the user has access to the command.
-----Original Message----- From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On Behalf Of Edward Jaffe Sent: Sunday, December 09, 2007 9:12 PM To: [email protected] Subject: Re: MVS Command Authorization Phillips, Peter wrote: > We are looking at tightening control over MVS command authorization. We > are a JES3 shop running Flasher, Omegamon, Solve etc. with ACF2. Of > course we have batch production jobs streams, operators, MVS sysprogs > all issuing MVS commands at different times and in different situations. > > Our management would like two keys areas addressed, firstly how to best > control who can issue commands MVS commands and secondly once the > command is issued how to best track and note that the command has been > issued. > > I assume control of MVS command issuing is a fairly common requirement > so I was hoping people could pass on the benefit their wisdom and > knowledge and how they have seen this done. > Take a look at activating the OPERCMDS class in your security product. -- Edward E Jaffe Phoenix Software International, Inc 5200 W Century Blvd, Suite 800 Los Angeles, CA 90045 310-338-0400 x318 [EMAIL PROTECTED] http://www.phoenixsoftware.com/ ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
