On Mon, 21 Jul 2014 13:58:57 -0400, Ken Smith <[email protected]> wrote:
>ISKLM = IBM Security Key Life Cycle Manager - used for Tape (and DASD >subsystem) encryption. > >Working fine except the piece that can create SMF audit records type 83/6 - >security events isn't working. IBM Level 2 stumped. Works for them under >RACF they say. CA says sectrace indicates ACF2 isn't getting called for >permission to Facility Class RAUDITX. Just wondering if anyone else is >running it. As I recall, R_auditx is a callable service. There may be FACILITY resource to control its use, but it would be the security product making that check as part of its callable service processing. There would be no check by the application against any FACILITY resources. The application would simply issue the SAF call to the R_auditx service, and the security product would take it from there, including any authorization checking to determine whether the application is allowed to use the service. Make sure their sectrace covers the non-RACROUTE callable services. -- Walt ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
