On Tue, 7 Aug 2012 06:57:27 -0400, Mark Jacobs <[email protected]> wrote:
>I was given bad information prior to my initial posting. The root cause >of the problem wasn't RACF audit being turned on, but cleanup of the >access list of several CSFKEYS profiles. We're getting tons of racf >violation messages in syslog/operlog. MPF can't process them fast >enough, which in turn doesn't allow Netview/SA to have timely access to >the messages it cares about. > >It's an application design problem that eventually has to be fixed by >them, but in the short term we need a solution to this problem. In the short term your best solution may be to recognize that you can not clean up the access lists, and to undo those changes. Unless the "application" is a server using SSL that already supports delegated ACEEs, in which case your solution would be to add "RACF-DELEGATED" to the APPLDATA for the profiles. -- Walt ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
