Mark Pace wrote: >Thank you. I noted in a listing of STARTED tasks I had ** with a user of >IBMUSER. I updated it to be =MEMBER.
Both you and Alva Nims are of course correct. I do not see any problem with that. But I prefer to use an id, say STCUSR as user and its group, say STCGROUP. That id is RESTRICTED + PROTECTED + REVOKED and both id and group do not have any access to what ever profiles there are including no segments whatever. That is set up in both the member and STARTED class. This is simply to force my colleagues and clients to declare any new STCs to the RACF team, so their systems can be protected properly. So, no warning as per Alva's description, but outright failure. Groete / Greetings Elardus Engelbrecht ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
