Are you saying that you are using the DIRMAINT/RACF interface and it's not
generating VMBATCH right?   If so, I'm not sure how much you can alter
this..   I'd have to read up on these options in CONFIGRC DATADVH where the
following line is from:

RACF_RDEFINE_VMBATCH_DEFAULTS=          UACC(NONE) AUDIT(FAILURES(READ))

I don't think that allows you to specify the generic profile though..

I have found that you're fairly limited in what you can do with the
DIRMAINT/RACF 'interface' ..  you would likely have to use a DIRMAINT exit
- or simpler - an EXEC you run after adding a new user via DIRMAINT to
tweak RACF the way you really want it.   Either that or I just don't know
all the right RACFxxxxx = values in CONFIGRC DATADVH.....

Scott Rohling


On Wed, Jun 12, 2013 at 10:31 AM, Will, Chris <[email protected]> wrote:

> Here is a display of a new userid I set up with dirmaint.  It looks like
> the vmbatch resource is not generic which I want
>
> rac rlist vmbatch linmon
> CLASS      NAME
> -----      ----
> VMBATCH    LINMON
>
> LEVEL  OWNER      UNIVERSAL ACCESS  YOUR ACCESS  WARNING
> -----  --------   ----------------  -----------  -------
>  00    DIRMAINT        NONE              ALTER    NO
>
> When I initial set up racf using the procedures in the the Virtualization
> Cookbook for z/VM 6.2 all ids used a generic vmbatch.  Here is an example
> from another lpar.
> rac rlist vmbatch linmon
> CLASS      NAME
> -----      ----
> VMBATCH    ** (G)
>
> LEVEL  OWNER      UNIVERSAL ACCESS  YOUR ACCESS  WARNING
> -----  --------   ----------------  -----------  -------
> 00    IBMUSER         NONE              ALTER    NO
>
> How do I change these ids to use the generic vmbatch?
>
> Chris Will
>
>
>
>
>
>
>
> The information contained in this communication is highly confidential and
> is intended solely for the use of the individual(s) to whom this
> communication is directed. If you are not the intended recipient, you are
> hereby notified that any viewing, copying, disclosure or distribution of
> this information is prohibited. Please notify the sender, by electronic
> mail or telephone, of any unintended receipt and delete the original
> message without making any copies.
>
>  Blue Cross Blue Shield of Michigan and Blue Care Network of Michigan are
> nonprofit corporations and independent licensees of the Blue Cross and Blue
> Shield Association.
>
> ----------------------------------------------------------------------
> For LINUX-390 subscribe / signoff / archive access instructions,
> send email to [email protected] with the message: INFO LINUX-390 or
> visit
> http://www.marist.edu/htbin/wlvindex?LINUX-390
> ----------------------------------------------------------------------
> For more information on Linux on System z, visit
> http://wiki.linuxvm.org/
>

----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO LINUX-390 or visit
http://www.marist.edu/htbin/wlvindex?LINUX-390
----------------------------------------------------------------------
For more information on Linux on System z, visit
http://wiki.linuxvm.org/

Reply via email to