On Wed, 6 Mar 2013 21:14:13 +0800, Robin Atwod <[email protected]> wrote:
>This is a rather arcane topic but hopefully one of you out there might have >some insight. I am working on a problem where a customer uses our >application to submit jobs to JES2, and then, when the output is available, >the application reads it from the spool and sends it back to the customer. >This uses the SAPI (function 79) JES2 call and has worked well for years. >Now a customer wants to use a surrogate userid to submit the jobs which run >under various different userids. Submission works fine, as long as the RACF >rules are defined, but when I try to pick up the output, I get RC=4, nothing >found. First, just to make sure we're using the same terminology, there are two important user IDs to consider here: (a) the execution user, specified in your case via USER= on the JOB statement, and (b) the user who submits the job (which is the surrogate user). JESSPOOL security processing will allow the execution user to view/retrieve output without any profiles defined. However, the submitter (surrogate user) does not have authority to the job output unless a JESSPOOL profile allows it. That will also affect the SAPI processing, but I really don't know what kind of return codes you'd get. You might be able to see some JES2 error messages if you first issue "$T DEBUG,SECURITY=YES" if the SAPI function works like normal spool access/selection does, but I"m not sure. -- Walt ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
