I had a couple of thoughts. 1) let them fail. Fix security rules as needed or plan it a bit better. I think the STIGs are more in line with this thinking. 2) TSSINSTX may be used to alter the behavior you are talking about. But I still think that #1 is the way to go.
Rob On Tue, May 24, 2022 at 1:04 PM Larre Shiller < [email protected]> wrote: > Mark - > > We use Top Secret as well and had the same issue that you are describing > when we initially activated JESSPOOL control. We happen to be using (E)JES > instead of SDSF, but essentially we did the same thing that Robert > described here--we use an (E)JES exit to alter the RACF call for JESSPOOL > and set LOG=NOFAIL (as well as MSGSUPP=YES). It does exactly what is > necessary to make this function as you wish. Obviously, I cannot comment > on why the change that you made to SDSF did not appear to work, but if you > can get SDSF to set LOG=NOFAIL for the security calls, Top Secret should > "honor" that. If you can't get it to work, perhaps you could open a Case > with Broadcom and trace the security call to figure out what's going on. > > Larre Shiller > US Social Security Administration > "The opinions expressed in this e-mail are mine personally and do not > necessarily reflect the opinion of the US Social Security Administration or > the US Government.” > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to [email protected] with the message: INFO IBM-MAIN > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
