Hello
.
I am not a RACF Security Administrator by any means, after reading several
documents
I need some help setting up a RACF Facility Class and Permitting Access To a
Started Task Userid (STCUSRID) and My Userid (PAULD01).
Do the following RACF Commands Define a Facility Class BLUE_RIBBON.SYS1.MSTRUPDT
and Have I permitted the Started Task Userid (STCUSRID) Update access to the
Facility
and My Userid PAULD01 Read access ?
*
RDEFINE FACILITY BLUE_RIBBON.SYS1.MSTRUPDT UACC(NONE)
PERMIT BLUE_RIBBON.SYS1.MSTRUPDT CLASS(FACILITY) ID(STCUSRID) ACCESS(UPDATE)
PERMIT BLUE_RIBBON.SYS1.MSTRUPDT CLASS(FACILITY) ID(PAULD01) ACCESS(READ)
*
*
No for the code ...
*
*
FACILITY$ DC CL8'FACILITY'
STEM DC H'00',H'00'
DC CL13'BLUE_RIBBON.SYS1.MSTRUPDT'
STEM# EQU *-STEM
*
DS 0D
RACLAB RACROUTE REQUEST=AUTH,ATTR=READ,CLASS='FACILITY', XX
RELEASE=1.9,MF=L
DS XL8
RACLAB# EQU *-RACLAB
MVC SEC_ENTITY,STEM
RACROUTE REQUEST=AUTH, **
WORKA=(R10), **
ATTR=READ, **
ENTITYX=SEC_ENTITY, **
CLASS=FACILITY$, **
MSGSUPP=NO, **
LOG=ASIS, **
MF=(E,RACLAB)
*
*
Does the Above RACROUTE REQUEST=AUTH macro verify that the userid has
Read Authority to the Facility ?
Have I coded it properly ?
.
.
Without specifying a Userid, Is the ACEE used to verify the user ?
*
*
Should a Userid be explicitly specified on the command ?
*
*
Thank You
Paul D'Angelo
*
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
