subject:"Re\: RMDS"

Re: RMDS for reporting on Mainframe

2017-04-10 Thread Lucas Rosalen

Just for correctness, if I recall correctly CA-View is the old SAR and just
do syslog/joblog archival/retrieval.
I'm quite sure my former customer used CA-Dispatch for report distribution.

Lucas

On Apr 10, 2017 16:37, "Lizette Koehler"  wrote:

There are products out there

Systemware XPTR (not sure of today's name)

CA View (Old Mobius product I think)

$AVERS

And more

It will depend on $$ to spend and what features you need.

Searching the internet should be able to start your review process.

Not only look at the features, but how the conversion from RMDS to new
product will be handled.

Lizette


> -Original Message-
> From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On
> Behalf Of SrinivasG
> Sent: Monday, April 10, 2017 2:28 AM
> To: IBM-MAIN@LISTSERV.UA.EDU
> Subject: RMDS for reporting on Mainframe
>
> Hi,
>
> Is anyone using RMDS on Mainframe?
> Since its being discontinued , I am interested in knowing what other
shops are
> doing.
> Please share your solutions as far as RMDS is concerned.
>
> Thanks in advance.
>
> Regards,
> Srinivas G
>

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: RMDS for reporting on Mainframe

2017-04-10 Thread John McKown

On Mon, Apr 10, 2017 at 9:37 AM, Lizette Koehler 
wrote:

> There are products out there
>
> Systemware XPTR (not sure of today's name)
>
> CA View (Old Mobius product I think)
>
> $AVERS
>
> And more
>
> It will depend on $$ to spend and what features you need.
>

One thing that is (now) of greater importance to me is "Where is the data
stored?". There there seems to be two choices in today's world: individual
sequential(?) data sets for each job or in a single "data store" data set
which contains a "directory" and comes with "management software" to do
things such as request a reprint or archive old output. I rather liked the
"one PS data set per job/report" philosophy because it was easy to read
reports via ISPF 3.4. Even better, IMO, would be "one UNIX file per
report". Why UNIX you ask? Because it is _easy_ to use something like
"grep" to find complicated search strings. Well, it is easy so long as you
know regular expressions; which I do. Also, depending on your company's
technical expertise, it would be "easy" to transfer the reports to a
distributed system and index it similar to a "web search" engine so that
your user could do a Google (or Bing) like search.

We actually use a product which is PC resident (Report 2 Web). The z/OS
system uses JQP from MacKinney Software to send reports to a "LAN printer",
which is actually a "service" on a Windows machine. This service looks at
the data in the report (which includes a job separator which we use to
communicate with the service) to classify it. It can then do a number of
things with the data (including creating a subset from an embedded "table"
which is stored in an Excel spreadsheet), but we manly just store it in a
reformatted file on a LAN disk. The "index" to this is kept in an Oracle
data base (but, IIRC, it could use any ODBC compliant data base). Users are
defined to the software for access to specific reports. The users access
the reports to which they are authorized via their browser (thus to "2 Web"
part of the name). The file format on disk is undocumented, but fairly
simple to figure out.

>
> Searching the internet should be able to start your review process.
>
> Not only look at the features, but how the conversion from RMDS to new
> product will be handled.
>

We converted from Mobius Infopack. We had help from a consulting firm
which basically wrote some programs to parse the output from an Infopack
report on available reports, and create "print" jobs which sent the "print"
out to the "LAN printer". Basically, it was a programmed operator to
request a reprint of every report in Infopack. Mobius was not well pleased
about the "automation", as I recall.

>
> Lizette
>

-- 
"Irrigation of the land with seawater desalinated by fusion power is
ancient. It's called 'rain'." -- Michael McClary, in alt.fusion

Maranatha! <><
John McKown

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: RMDS for reporting on Mainframe

2017-04-10 Thread Lizette Koehler

There are products out there

Systemware XPTR (not sure of today's name)

CA View (Old Mobius product I think)

$AVERS

And more

It will depend on $$ to spend and what features you need.

Searching the internet should be able to start your review process.

Not only look at the features, but how the conversion from RMDS to new product 
will be handled.

Lizette


> -Original Message-
> From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On
> Behalf Of SrinivasG
> Sent: Monday, April 10, 2017 2:28 AM
> To: IBM-MAIN@LISTSERV.UA.EDU
> Subject: RMDS for reporting on Mainframe
> 
> Hi,
> 
> Is anyone using RMDS on Mainframe?
> Since its being discontinued , I am interested in knowing what other shops are
> doing.
> Please share your solutions as far as RMDS is concerned.
> 
> Thanks in advance.
> 
> Regards,
> Srinivas G
> 

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: RMDS for reporting on Mainframe

2017-04-10 Thread Brian France

We moved from RMDS more years ago than I can remember. We use JSF from 
Mackinney.



On 4/10/2017 5:27 AM, SrinivasG wrote:

Hi,

Is anyone using RMDS on Mainframe?
Since its being discontinued , I am interested in knowing what other shops are 
doing.
Please share your solutions as far as RMDS is concerned.

Thanks in advance.

Regards,
Srinivas G

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


--
Brian W. France
Systems Administrator (Mainframe)
Pennsylvania State University
Administrative Information Services - Infrastructure/SYSARC
Rm 25 Shields Bldg., University Park, Pa. 16802
814-863-4739
b...@psu.edu

"To make an apple pie from scratch, you must first invent the universe."

Carl Sagan

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: RMDS

2014-07-29 Thread Roff, Donna

Thanks Koluso and Lizette

Ive gone through the manuals already and cant seem to find what I need.

We are z/OS 1.13, RMDS is 2.3 (this hasn't changed in eons) and ACF2 is V15.

This is the problem which we just recently discovered after decades: 

The RMDS administrator does set up something to determine who can browse which 
reports.  However, once you get into DISPLAY mode on a report, theres a whole 
series of commands available - CAP, COLS, F(IND) etc.  Fairly inoculous.  
However, there is also an ERASE command, which does not seem to have any 
restriction on it.  

This is on the report level, not the dsname level.  A user that does not have 
ACF2 authority to delete the vsam cluster corresponding to the report can still 
delete the report by issuing ERASE. The report is no longer viewable and  When 
the PURGE jobs runs, PURGE deletes the cluster.

Ive been working with both IBM and CA on this but to no avail.  It seems that 
once in RMDS, ACF2 is out of the picture.  So I think this has to be controlled 
within RMDS.  But we cant figure out how.

Thanks,
Donna

-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Sri h Kolusu
Sent: Monday, July 28, 2014 3:31 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: RMDS

May be this will help

Chapter 16 in Administration Guide

http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/DBNA3000

or this one

http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/DBNC3000


Kolusu

IBM Mainframe Discussion List IBM-MAIN@listserv.ua.edu wrote on
07/28/2014 12:08:10 PM:

 From: Roff, Donna dr...@fisa.nyc.gov
 To: IBM-MAIN@listserv.ua.edu
 Date: 07/28/2014 12:19 PM
 Subject: RMDS
 Sent by: IBM Mainframe Discussion List IBM-MAIN@listserv.ua.edu
 
 Hi,
 
 Is anyone here familiar with RMDS (Report Management Distribution
System) ?
 We have a question about security on one of the RMDS commands 
 available against a report.  ACF2 protects the MVS datasets but this 
 is for the actual report.
 
 (This is my first post.  I don't know if I need to put any
introduction.)
 
 Thanks,
 Donna
 
 --
 For IBM-MAIN subscribe / signoff / archive access instructions, send 
 email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
 

--
For IBM-MAIN subscribe / signoff / archive access instructions, send email to 
lists...@listserv.ua.edu with the message: INFO IBM-MAIN

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: RMDS

2014-07-29 Thread Brian France


Way back machine started.

Once upon a time we ran RMDS with ACF2. ACF2 versions woulda been like 6 
and 8. I have no idea anymore what RMDS version we had.


There were exits in RMDS that we utilized with ACF2. They would take the 
report name ( the one you see when you're in RMDS, not the data set name 
) and pass it to the exit were we would make a data set like call to 
grant access. We had to write code utilizing the sample exit to do this. 
Think we placed standard HLQ  on the report name when we built the data 
set like call to write rules against.


There was a sign on exit as well.

I looked for my exits but alas I musta cleaned house when RMDS went the 
way of the dino here...



On 7/29/2014 8:27 AM, Roff, Donna wrote:

Thanks Koluso and Lizette

Ive gone through the manuals already and cant seem to find what I need.

We are z/OS 1.13, RMDS is 2.3 (this hasn't changed in eons) and ACF2 is V15.

This is the problem which we just recently discovered after decades:

The RMDS administrator does set up something to determine who can browse which 
reports.  However, once you get into DISPLAY mode on a report, theres a whole 
series of commands available - CAP, COLS, F(IND) etc.  Fairly inoculous.  
However, there is also an ERASE command, which does not seem to have any 
restriction on it.

This is on the report level, not the dsname level.  A user that does not have 
ACF2 authority to delete the vsam cluster corresponding to the report can still 
delete the report by issuing ERASE. The report is no longer viewable and  When 
the PURGE jobs runs, PURGE deletes the cluster.

Ive been working with both IBM and CA on this but to no avail.  It seems that 
once in RMDS, ACF2 is out of the picture.  So I think this has to be controlled 
within RMDS.  But we cant figure out how.

Thanks,
Donna

-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Sri h Kolusu
Sent: Monday, July 28, 2014 3:31 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: RMDS

May be this will help

Chapter 16 in Administration Guide

http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/DBNA3000

or this one

http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/DBNC3000


Kolusu

IBM Mainframe Discussion List IBM-MAIN@listserv.ua.edu wrote on
07/28/2014 12:08:10 PM:


From: Roff, Donna dr...@fisa.nyc.gov
To: IBM-MAIN@listserv.ua.edu
Date: 07/28/2014 12:19 PM
Subject: RMDS
Sent by: IBM Mainframe Discussion List IBM-MAIN@listserv.ua.edu

Hi,

Is anyone here familiar with RMDS (Report Management Distribution

System) ?

We have a question about security on one of the RMDS commands
available against a report.  ACF2 protects the MVS datasets but this
is for the actual report.

(This is my first post.  I don't know if I need to put any

introduction.)

Thanks,
Donna

--
For IBM-MAIN subscribe / signoff / archive access instructions, send
email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


--
For IBM-MAIN subscribe / signoff / archive access instructions, send email to 
lists...@listserv.ua.edu with the message: INFO IBM-MAIN

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


--
Brian W. France
Systems Administrator (Mainframe)
Pennsylvania State University
Administrative Information Services - Infrastructure/SYSARC
Rm 25 Shields Bldg., University Park, Pa. 16802
814-863-4739
b...@psu.edu

To make an apple pie from scratch, you must first invent the universe.

Carl Sagan

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: RMDS

2014-07-29 Thread Roff, Donna

HI Brian
Thanks.

This , this is a very old product.  Even IBM is not able to offer much advice.

We have an exit that just covers sign on.

I would like to perhaps just disable that RMDS command  - ERASE - completely 
for either all or most users.  Within RMDS even, not ACF2.  The RMDS 
administrator controls access through RMDS.  But access seems to be all or 
nothing, if you can view it, you can erase it.

Tx for looking for your exits.

-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Brian France
Sent: Tuesday, July 29, 2014 8:57 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: RMDS

Way back machine started.

Once upon a time we ran RMDS with ACF2. ACF2 versions woulda been like 6 and 8. 
I have no idea anymore what RMDS version we had.

There were exits in RMDS that we utilized with ACF2. They would take the report 
name ( the one you see when you're in RMDS, not the data set name
) and pass it to the exit were we would make a data set like call to grant 
access. We had to write code utilizing the sample exit to do this. 
Think we placed standard HLQ  on the report name when we built the data set 
like call to write rules against.

There was a sign on exit as well.

I looked for my exits but alas I musta cleaned house when RMDS went the way of 
the dino here...


On 7/29/2014 8:27 AM, Roff, Donna wrote:
 Thanks Koluso and Lizette

 Ive gone through the manuals already and cant seem to find what I need.

 We are z/OS 1.13, RMDS is 2.3 (this hasn't changed in eons) and ACF2 is V15.

 This is the problem which we just recently discovered after decades:

 The RMDS administrator does set up something to determine who can browse 
 which reports.  However, once you get into DISPLAY mode on a report, theres a 
 whole series of commands available - CAP, COLS, F(IND) etc.  Fairly 
 inoculous.  However, there is also an ERASE command, which does not seem to 
 have any restriction on it.

 This is on the report level, not the dsname level.  A user that does not have 
 ACF2 authority to delete the vsam cluster corresponding to the report can 
 still delete the report by issuing ERASE. The report is no longer viewable 
 and  When the PURGE jobs runs, PURGE deletes the cluster.

 Ive been working with both IBM and CA on this but to no avail.  It seems that 
 once in RMDS, ACF2 is out of the picture.  So I think this has to be 
 controlled within RMDS.  But we cant figure out how.

 Thanks,
 Donna

 -Original Message-
 From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On 
 Behalf Of Sri h Kolusu
 Sent: Monday, July 28, 2014 3:31 PM
 To: IBM-MAIN@LISTSERV.UA.EDU
 Subject: Re: RMDS

 May be this will help

 Chapter 16 in Administration Guide

 http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/DBNA3000

 or this one

 http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/DBNC3000


 Kolusu

 IBM Mainframe Discussion List IBM-MAIN@listserv.ua.edu wrote on
 07/28/2014 12:08:10 PM:

 From: Roff, Donna dr...@fisa.nyc.gov
 To: IBM-MAIN@listserv.ua.edu
 Date: 07/28/2014 12:19 PM
 Subject: RMDS
 Sent by: IBM Mainframe Discussion List IBM-MAIN@listserv.ua.edu

 Hi,

 Is anyone here familiar with RMDS (Report Management Distribution
 System) ?
 We have a question about security on one of the RMDS commands
 available against a report.  ACF2 protects the MVS datasets but this
 is for the actual report.

 (This is my first post.  I don't know if I need to put any
 introduction.)
 Thanks,
 Donna

 --
 For IBM-MAIN subscribe / signoff / archive access instructions, send
 email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

 --
 For IBM-MAIN subscribe / signoff / archive access instructions, send email to 
 lists...@listserv.ua.edu with the message: INFO IBM-MAIN

 --
 For IBM-MAIN subscribe / signoff / archive access instructions,
 send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

-- 
Brian W. France
Systems Administrator (Mainframe)
Pennsylvania State University
Administrative Information Services - Infrastructure/SYSARC
Rm 25 Shields Bldg., University Park, Pa. 16802
814-863-4739
b...@psu.edu

To make an apple pie from scratch, you must first invent the universe.

Carl Sagan

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: RMDS

2014-07-29 Thread Lizette Koehler

You may need to contract an assembler programmer if you are not comfortable
with Assembler and system exits.

What you would want is if the ERASE command is entered, to trap it, probably
validate to see if that person is authorized and if they are not authorized,
send back a message along those lines.  Otherwise allow the command.

I am surprised IBM does not have sample exits that you could work with.

I do not remember if the panels were part of RMDS or if they were ISPF
Panels invoked by RMDS.  If they are ISPF Panels you might be able to put
something in the panel process to trap ERASE and action accordingly.

Lizette


 -Original Message-
 From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On
 Behalf Of Roff, Donna
 Sent: Tuesday, July 29, 2014 6:30 AM
 To: IBM-MAIN@LISTSERV.UA.EDU
 Subject: Re: RMDS
 
 HI Brian
 Thanks.
 
 This , this is a very old product.  Even IBM is not able to offer much
advice.
 
 We have an exit that just covers sign on.
 
 I would like to perhaps just disable that RMDS command  - ERASE -
completely for
 either all or most users.  Within RMDS even, not ACF2.  The RMDS
administrator
 controls access through RMDS.  But access seems to be all or nothing, if
you can
 view it, you can erase it.
 
 Tx for looking for your exits.
 
 -Original Message-
 From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On
 Behalf Of Brian France
 Sent: Tuesday, July 29, 2014 8:57 AM
 To: IBM-MAIN@LISTSERV.UA.EDU
 Subject: Re: RMDS
 
 Way back machine started.
 
 Once upon a time we ran RMDS with ACF2. ACF2 versions woulda been like 6
and
 8. I have no idea anymore what RMDS version we had.
 
 There were exits in RMDS that we utilized with ACF2. They would take the
report
 name ( the one you see when you're in RMDS, not the data set name
 ) and pass it to the exit were we would make a data set like call to grant
access. We
 had to write code utilizing the sample exit to do this.
 Think we placed standard HLQ  on the report name when we built the data
set like
 call to write rules against.
 
 There was a sign on exit as well.
 
 I looked for my exits but alas I musta cleaned house when RMDS went the
way of
 the dino here...
 
 
 On 7/29/2014 8:27 AM, Roff, Donna wrote:
  Thanks Koluso and Lizette
 
  Ive gone through the manuals already and cant seem to find what I need.
 
  We are z/OS 1.13, RMDS is 2.3 (this hasn't changed in eons) and ACF2 is
V15.
 
  This is the problem which we just recently discovered after decades:
 
  The RMDS administrator does set up something to determine who can browse
 which reports.  However, once you get into DISPLAY mode on a report,
theres a
 whole series of commands available - CAP, COLS, F(IND) etc.  Fairly
inoculous.
 However, there is also an ERASE command, which does not seem to have any
 restriction on it.
 
  This is on the report level, not the dsname level.  A user that does not
have ACF2
 authority to delete the vsam cluster corresponding to the report can still
delete the
 report by issuing ERASE. The report is no longer viewable and  When the
PURGE
 jobs runs, PURGE deletes the cluster.
 
  Ive been working with both IBM and CA on this but to no avail.  It seems
that once
 in RMDS, ACF2 is out of the picture.  So I think this has to be controlled
within
 RMDS.  But we cant figure out how.
 
  Thanks,
  Donna
 
  -Original Message-
  From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU]
  On Behalf Of Sri h Kolusu
  Sent: Monday, July 28, 2014 3:31 PM
  To: IBM-MAIN@LISTSERV.UA.EDU
  Subject: Re: RMDS
 
  May be this will help
 
  Chapter 16 in Administration Guide
 
  http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/DBNA3000
 
  or this one
 
  http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/DBNC3000
 
 
  Kolusu
 
  IBM Mainframe Discussion List IBM-MAIN@listserv.ua.edu wrote on
  07/28/2014 12:08:10 PM:
 
  From: Roff, Donna dr...@fisa.nyc.gov
  To: IBM-MAIN@listserv.ua.edu
  Date: 07/28/2014 12:19 PM
  Subject: RMDS
  Sent by: IBM Mainframe Discussion List IBM-MAIN@listserv.ua.edu
 
  Hi,
 
  Is anyone here familiar with RMDS (Report Management Distribution
  System) ?
  We have a question about security on one of the RMDS commands
  available against a report.  ACF2 protects the MVS datasets but this
  is for the actual report.
 
  (This is my first post.  I don't know if I need to put any
  introduction.)
  Thanks,
  Donna
 

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: RMDS

2014-07-29 Thread Lizette Koehler

I forgot to ask how you access RMDS.

Is it through
CICS
ISPF
VTAM
OTHER???

Lizette


 -Original Message-
 From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On
 Behalf Of Lizette Koehler
 Sent: Tuesday, July 29, 2014 6:48 AM
 To: IBM-MAIN@LISTSERV.UA.EDU
 Subject: Re: RMDS
 
 You may need to contract an assembler programmer if you are not
comfortable
 with Assembler and system exits.
 
 What you would want is if the ERASE command is entered, to trap it,
probably
 validate to see if that person is authorized and if they are not
authorized, send back
 a message along those lines.  Otherwise allow the command.
 
 I am surprised IBM does not have sample exits that you could work with.
 
 I do not remember if the panels were part of RMDS or if they were ISPF
Panels
 invoked by RMDS.  If they are ISPF Panels you might be able to put
something in
 the panel process to trap ERASE and action accordingly.
 
 Lizette
 
 
  -Original Message-
  From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU]
  On Behalf Of Roff, Donna
  Sent: Tuesday, July 29, 2014 6:30 AM
  To: IBM-MAIN@LISTSERV.UA.EDU
  Subject: Re: RMDS
 
  HI Brian
  Thanks.
 
  This , this is a very old product.  Even IBM is not able to offer much
 advice.
 
  We have an exit that just covers sign on.
 
  I would like to perhaps just disable that RMDS command  - ERASE -
 completely for
  either all or most users.  Within RMDS even, not ACF2.  The RMDS
 administrator
  controls access through RMDS.  But access seems to be all or nothing,
  if
 you can
  view it, you can erase it.
 
  Tx for looking for your exits.
 
  -Original Message-
  From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU]
  On Behalf Of Brian France
  Sent: Tuesday, July 29, 2014 8:57 AM
  To: IBM-MAIN@LISTSERV.UA.EDU
  Subject: Re: RMDS
 
  Way back machine started.
 
  Once upon a time we ran RMDS with ACF2. ACF2 versions woulda been like
  6
 and
  8. I have no idea anymore what RMDS version we had.
 
  There were exits in RMDS that we utilized with ACF2. They would take
  the
 report
  name ( the one you see when you're in RMDS, not the data set name
  ) and pass it to the exit were we would make a data set like call to
  grant
 access. We
  had to write code utilizing the sample exit to do this.
  Think we placed standard HLQ  on the report name when we built the
  data
 set like
  call to write rules against.
 
  There was a sign on exit as well.
 
  I looked for my exits but alas I musta cleaned house when RMDS went
  the
 way of
  the dino here...
 
 
  On 7/29/2014 8:27 AM, Roff, Donna wrote:
   Thanks Koluso and Lizette
  
   Ive gone through the manuals already and cant seem to find what I
need.
  
   We are z/OS 1.13, RMDS is 2.3 (this hasn't changed in eons) and ACF2
   is
 V15.
  
   This is the problem which we just recently discovered after decades:
  
   The RMDS administrator does set up something to determine who can
   browse
  which reports.  However, once you get into DISPLAY mode on a report,
 theres a
  whole series of commands available - CAP, COLS, F(IND) etc.  Fairly
 inoculous.
  However, there is also an ERASE command, which does not seem to have
  any restriction on it.
  
   This is on the report level, not the dsname level.  A user that does
   not
 have ACF2
  authority to delete the vsam cluster corresponding to the report can
  still
 delete the
  report by issuing ERASE. The report is no longer viewable and  When
  the
 PURGE
  jobs runs, PURGE deletes the cluster.
  
   Ive been working with both IBM and CA on this but to no avail.  It
   seems
 that once
  in RMDS, ACF2 is out of the picture.  So I think this has to be
  controlled
 within
  RMDS.  But we cant figure out how.
  
   Thanks,
   Donna
  
   -Original Message-
   From: IBM Mainframe Discussion List
   [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Sri h Kolusu
   Sent: Monday, July 28, 2014 3:31 PM
   To: IBM-MAIN@LISTSERV.UA.EDU
   Subject: Re: RMDS
  
   May be this will help
  
   Chapter 16 in Administration Guide
  
   http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/DBNA3000
  
   or this one
  
   http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/DBNC3000
  
  
   Kolusu
  
   IBM Mainframe Discussion List IBM-MAIN@listserv.ua.edu wrote on
   07/28/2014 12:08:10 PM:
  
   From: Roff, Donna dr...@fisa.nyc.gov
   To: IBM-MAIN@listserv.ua.edu
   Date: 07/28/2014 12:19 PM
   Subject: RMDS
   Sent by: IBM Mainframe Discussion List IBM-MAIN@listserv.ua.edu
  
   Hi,
  
   Is anyone here familiar with RMDS (Report Management Distribution
   System) ?
   We have a question about security on one of the RMDS commands
   available against a report.  ACF2 protects the MVS datasets but
   this is for the actual report.
  
   (This is my first post.  I don't know if I need to put any
   introduction.)
   Thanks,
   Donna

Re: RMDS

2014-07-29 Thread Roff, Donna

Through VTAM
Donna

-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Lizette Koehler
Sent: Tuesday, July 29, 2014 10:01 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: RMDS

I forgot to ask how you access RMDS.

Is it through
CICS
ISPF
VTAM
OTHER???

Lizette

 -Original Message-
 From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] 
 On Behalf Of Lizette Koehler
 Sent: Tuesday, July 29, 2014 6:48 AM
 To: IBM-MAIN@LISTSERV.UA.EDU
 Subject: Re: RMDS

 You may need to contract an assembler programmer if you are not
comfortable
 with Assembler and system exits.

 What you would want is if the ERASE command is entered, to trap it,
probably
 validate to see if that person is authorized and if they are not
authorized, send back
 a message along those lines.  Otherwise allow the command.

 I am surprised IBM does not have sample exits that you could work with.

 I do not remember if the panels were part of RMDS or if they were ISPF
Panels
 invoked by RMDS.  If they are ISPF Panels you might be able to put
something in
 the panel process to trap ERASE and action accordingly.

 Lizette

  -Original Message-
  From: IBM Mainframe Discussion List 
  [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Roff, Donna
  Sent: Tuesday, July 29, 2014 6:30 AM
  To: IBM-MAIN@LISTSERV.UA.EDU
  Subject: Re: RMDS

  HI Brian
  Thanks.

  This , this is a very old product.  Even IBM is not able to offer 
  much
 advice.

  We have an exit that just covers sign on.

  I would like to perhaps just disable that RMDS command  - ERASE -
 completely for
  either all or most users.  Within RMDS even, not ACF2.  The RMDS
 administrator
  controls access through RMDS.  But access seems to be all or 
  nothing, if
 you can
  view it, you can erase it.

  Tx for looking for your exits.

  -Original Message-
  From: IBM Mainframe Discussion List 
  [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Brian France
  Sent: Tuesday, July 29, 2014 8:57 AM
  To: IBM-MAIN@LISTSERV.UA.EDU
  Subject: Re: RMDS

  Way back machine started.

  Once upon a time we ran RMDS with ACF2. ACF2 versions woulda been 
  like
  6
 and
  8. I have no idea anymore what RMDS version we had.

  There were exits in RMDS that we utilized with ACF2. They would take 
  the
 report
  name ( the one you see when you're in RMDS, not the data set name
  ) and pass it to the exit were we would make a data set like call to 
  grant
 access. We
  had to write code utilizing the sample exit to do this.
  Think we placed standard HLQ  on the report name when we built the 
  data
 set like
  call to write rules against.

  There was a sign on exit as well.

  I looked for my exits but alas I musta cleaned house when RMDS went 
  the
 way of
  the dino here...

  On 7/29/2014 8:27 AM, Roff, Donna wrote:
   Thanks Koluso and Lizette

   Ive gone through the manuals already and cant seem to find what I
need.

   We are z/OS 1.13, RMDS is 2.3 (this hasn't changed in eons) and 
   ACF2 is
 V15.

   This is the problem which we just recently discovered after decades:

   The RMDS administrator does set up something to determine who can 
   browse
  which reports.  However, once you get into DISPLAY mode on a report,
 theres a
  whole series of commands available - CAP, COLS, F(IND) etc.  Fairly
 inoculous.
  However, there is also an ERASE command, which does not seem to have 
  any restriction on it.

   This is on the report level, not the dsname level.  A user that 
   does not
 have ACF2
  authority to delete the vsam cluster corresponding to the report can 
  still
 delete the
  report by issuing ERASE. The report is no longer viewable and  When 
  the
 PURGE
  jobs runs, PURGE deletes the cluster.

   Ive been working with both IBM and CA on this but to no avail.  It 
   seems
 that once
  in RMDS, ACF2 is out of the picture.  So I think this has to be 
  controlled
 within
  RMDS.  But we cant figure out how.

   Thanks,
   Donna

   -Original Message-
   From: IBM Mainframe Discussion List 
   [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Sri h Kolusu
   Sent: Monday, July 28, 2014 3:31 PM
   To: IBM-MAIN@LISTSERV.UA.EDU
   Subject: Re: RMDS

   May be this will help

   Chapter 16 in Administration Guide

   http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/DBNA300
   0

   or this one

   http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/DBNC300
   0

   Kolusu

   IBM Mainframe Discussion List IBM-MAIN@listserv.ua.edu wrote on
   07/28/2014 12:08:10 PM:

   From: Roff, Donna dr...@fisa.nyc.gov
   To: IBM-MAIN@listserv.ua.edu
   Date: 07/28/2014 12:19 PM
   Subject: RMDS
   Sent by: IBM Mainframe Discussion List IBM-MAIN@listserv.ua.edu

   Hi,

   Is anyone here familiar with RMDS (Report Management Distribution
   System) ?
   We have a question about security on one of the RMDS commands

Re: RMDS

2014-07-29 Thread Lizette Koehler

IN the manual it states

AUTHERASSpecifies the authorization level for the  ERASE and
RESTORE commands.
 A|ALTER 
 U|UPDATE

Perhaps you can see if your users have ALTER or UPDATE authority on the
report/dsn.  In the manual Report Management and Distribution System
Administration Guide Version 2 Release 3 Document Number S544-5395-00   

Note: The RMDS default is to define report owners as having UPDATE
authority, but system options are available to allow you to specify what
access should be used to define report owners (AUTHOWNR) and to define the
authority to issue ERASE commands (AUTHERAS).


   The viewer region and report distribution facility user IDs need
only READ access, for those cases where the job or started task user ID does
not match the user IDs accessing reports.


So maybe you can change the DEFINE AUTHERAS and AUTHOWNR to a different
levels and only give that level to those allowed to erase reports.

Lizette


 -Original Message-
 From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On
 Behalf Of Lizette Koehler
 Sent: Tuesday, July 29, 2014 7:01 AM
 To: IBM-MAIN@LISTSERV.UA.EDU
 Subject: Re: RMDS
 
 I forgot to ask how you access RMDS.
 
 Is it through
 CICS
 ISPF
 VTAM
 OTHER???
 
 Lizette
 
 
  -Original Message-
  From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU]
  On Behalf Of Lizette Koehler
  Sent: Tuesday, July 29, 2014 6:48 AM
  To: IBM-MAIN@LISTSERV.UA.EDU
  Subject: Re: RMDS
 
  You may need to contract an assembler programmer if you are not
 comfortable
  with Assembler and system exits.
 
  What you would want is if the ERASE command is entered, to trap it,
 probably
  validate to see if that person is authorized and if they are not
 authorized, send back
  a message along those lines.  Otherwise allow the command.
 
  I am surprised IBM does not have sample exits that you could work with.
 
  I do not remember if the panels were part of RMDS or if they were ISPF
 Panels
  invoked by RMDS.  If they are ISPF Panels you might be able to put
 something in
  the panel process to trap ERASE and action accordingly.
 
  Lizette
 
 
   -Original Message-
   From: IBM Mainframe Discussion List
   [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Roff, Donna
   Sent: Tuesday, July 29, 2014 6:30 AM
   To: IBM-MAIN@LISTSERV.UA.EDU
   Subject: Re: RMDS
  
   HI Brian
   Thanks.
  
   This , this is a very old product.  Even IBM is not able to offer
   much
  advice.
  
   We have an exit that just covers sign on.
  
   I would like to perhaps just disable that RMDS command  - ERASE -
  completely for
   either all or most users.  Within RMDS even, not ACF2.  The RMDS
  administrator
   controls access through RMDS.  But access seems to be all or
   nothing, if
  you can
   view it, you can erase it.
  
   Tx for looking for your exits.
  
   -Original Message-
   From: IBM Mainframe Discussion List
   [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Brian France
   Sent: Tuesday, July 29, 2014 8:57 AM
   To: IBM-MAIN@LISTSERV.UA.EDU
   Subject: Re: RMDS
  
   Way back machine started.
  
   Once upon a time we ran RMDS with ACF2. ACF2 versions woulda been
   like
   6
  and
   8. I have no idea anymore what RMDS version we had.
  
   There were exits in RMDS that we utilized with ACF2. They would take
   the
  report
   name ( the one you see when you're in RMDS, not the data set name
   ) and pass it to the exit were we would make a data set like call to
   grant
  access. We
   had to write code utilizing the sample exit to do this.
   Think we placed standard HLQ  on the report name when we built the
   data
  set like
   call to write rules against.
  
   There was a sign on exit as well.
  
   I looked for my exits but alas I musta cleaned house when RMDS went
   the
  way of
   the dino here...
  
  
   On 7/29/2014 8:27 AM, Roff, Donna wrote:
Thanks Koluso and Lizette
   
Ive gone through the manuals already and cant seem to find what I
 need.
   
We are z/OS 1.13, RMDS is 2.3 (this hasn't changed in eons) and
ACF2 is
  V15.
   
This is the problem which we just recently discovered after decades:
   
The RMDS administrator does set up something to determine who can
browse
   which reports.  However, once you get into DISPLAY mode on a report,
  theres a
   whole series of commands available - CAP, COLS, F(IND) etc.  Fairly
  inoculous.
   However, there is also an ERASE command, which does not seem to have
   any restriction on it.
   
This is on the report level, not the dsname level.  A user that
does not
  have ACF2
   authority to delete the vsam cluster corresponding to the report can
   still
  delete the
   report by issuing ERASE. The report is no longer viewable and  When
   the
  PURGE
   jobs runs, PURGE deletes the cluster.
   
Ive been working with both IBM and CA on this but to no avail.  It
seems
  that once
   in RMDS, ACF2

Re: RMDS

2014-07-29 Thread Roff, Donna

Hi Lizette,
I had changed this AUTHERAS option form UPDATE to ALTER  and it didn't make a 
difference.  Let me refresh what I did,  if anything,  with AUTHOWNR.

-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Lizette Koehler
Sent: Tuesday, July 29, 2014 10:13 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: RMDS

IN the manual it states

AUTHERASSpecifies the authorization level for the  ERASE and
RESTORE commands.
 A|ALTER 
 U|UPDATE

Perhaps you can see if your users have ALTER or UPDATE authority on the 
report/dsn.  In the manual Report Management and Distribution System
Administration Guide Version 2 Release 3 Document Number S544-5395-00   

Note: The RMDS default is to define report owners as having UPDATE authority, 
but system options are available to allow you to specify what access should be 
used to define report owners (AUTHOWNR) and to define the authority to issue 
ERASE commands (AUTHERAS).

   The viewer region and report distribution facility user IDs need 
only READ access, for those cases where the job or started task user ID does 
not match the user IDs accessing reports.

So maybe you can change the DEFINE AUTHERAS and AUTHOWNR to a different levels 
and only give that level to those allowed to erase reports.

Lizette

 -Original Message-
 From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] 
 On Behalf Of Lizette Koehler
 Sent: Tuesday, July 29, 2014 7:01 AM
 To: IBM-MAIN@LISTSERV.UA.EDU
 Subject: Re: RMDS

 I forgot to ask how you access RMDS.

 Is it through
 CICS
 ISPF
 VTAM
 OTHER???

 Lizette

  -Original Message-
  From: IBM Mainframe Discussion List 
  [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Lizette Koehler
  Sent: Tuesday, July 29, 2014 6:48 AM
  To: IBM-MAIN@LISTSERV.UA.EDU
  Subject: Re: RMDS

  You may need to contract an assembler programmer if you are not
 comfortable
  with Assembler and system exits.

  What you would want is if the ERASE command is entered, to trap it,
 probably
  validate to see if that person is authorized and if they are not
 authorized, send back
  a message along those lines.  Otherwise allow the command.

  I am surprised IBM does not have sample exits that you could work with.

  I do not remember if the panels were part of RMDS or if they were 
  ISPF
 Panels
  invoked by RMDS.  If they are ISPF Panels you might be able to put
 something in
  the panel process to trap ERASE and action accordingly.

  Lizette

   -Original Message-
   From: IBM Mainframe Discussion List 
   [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Roff, Donna
   Sent: Tuesday, July 29, 2014 6:30 AM
   To: IBM-MAIN@LISTSERV.UA.EDU
   Subject: Re: RMDS

   HI Brian
   Thanks.

   This , this is a very old product.  Even IBM is not able to offer 
   much
  advice.

   We have an exit that just covers sign on.

   I would like to perhaps just disable that RMDS command  - ERASE -
  completely for
   either all or most users.  Within RMDS even, not ACF2.  The RMDS
  administrator
   controls access through RMDS.  But access seems to be all or 
   nothing, if
  you can
   view it, you can erase it.

   Tx for looking for your exits.

   -Original Message-
   From: IBM Mainframe Discussion List 
   [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Brian France
   Sent: Tuesday, July 29, 2014 8:57 AM
   To: IBM-MAIN@LISTSERV.UA.EDU
   Subject: Re: RMDS

   Way back machine started.

   Once upon a time we ran RMDS with ACF2. ACF2 versions woulda been 
   like
   6
  and
   8. I have no idea anymore what RMDS version we had.

   There were exits in RMDS that we utilized with ACF2. They would 
   take the
  report
   name ( the one you see when you're in RMDS, not the data set name
   ) and pass it to the exit were we would make a data set like call 
   to grant
  access. We
   had to write code utilizing the sample exit to do this.
   Think we placed standard HLQ  on the report name when we built the 
   data
  set like
   call to write rules against.

   There was a sign on exit as well.

   I looked for my exits but alas I musta cleaned house when RMDS 
   went the
  way of
   the dino here...

   On 7/29/2014 8:27 AM, Roff, Donna wrote:
Thanks Koluso and Lizette

Ive gone through the manuals already and cant seem to find what 
I
 need.

We are z/OS 1.13, RMDS is 2.3 (this hasn't changed in eons) and
ACF2 is
  V15.

This is the problem which we just recently discovered after decades:

The RMDS administrator does set up something to determine who 
can browse
   which reports.  However, once you get into DISPLAY mode on a 
   report,
  theres a
   whole series of commands available - CAP, COLS, F(IND) etc.  
   Fairly
  inoculous.
   However, there is also an ERASE command, which does not seem to 
   have any restriction

Re: RMDS

2014-07-29 Thread Roff, Donna

Also, I couldn't figure out what the RMDS definitions for ALTER and UPDATE are. 
  The description for AUTHOWNR in the manual is like the description for 
AUTHERAS


AUTHOWNR | A|ALTER | Specifies the authorization level required| 
  |  | U|UPDATE| for a report owner. 


But both UPDATE and ALTER sound pretty significant.

-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Roff, Donna
Sent: Tuesday, July 29, 2014 10:16 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: RMDS

Hi Lizette,
I had changed this AUTHERAS option form UPDATE to ALTER  and it didn't make a 
difference.  Let me refresh what I did,  if anything,  with AUTHOWNR.

-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Lizette Koehler
Sent: Tuesday, July 29, 2014 10:13 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: RMDS

IN the manual it states

AUTHERASSpecifies the authorization level for the  ERASE and
RESTORE commands.
 A|ALTER 
 U|UPDATE

Perhaps you can see if your users have ALTER or UPDATE authority on the 
report/dsn.  In the manual Report Management and Distribution System
Administration Guide Version 2 Release 3 Document Number S544-5395-00   

Note: The RMDS default is to define report owners as having UPDATE authority, 
but system options are available to allow you to specify what access should be 
used to define report owners (AUTHOWNR) and to define the authority to issue 
ERASE commands (AUTHERAS).


   The viewer region and report distribution facility user IDs need 
only READ access, for those cases where the job or started task user ID does 
not match the user IDs accessing reports.


So maybe you can change the DEFINE AUTHERAS and AUTHOWNR to a different levels 
and only give that level to those allowed to erase reports.

Lizette


 -Original Message-
 From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] 
 On Behalf Of Lizette Koehler
 Sent: Tuesday, July 29, 2014 7:01 AM
 To: IBM-MAIN@LISTSERV.UA.EDU
 Subject: Re: RMDS
 
 I forgot to ask how you access RMDS.
 
 Is it through
 CICS
 ISPF
 VTAM
 OTHER???
 
 Lizette
 
 
  -Original Message-
  From: IBM Mainframe Discussion List 
  [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Lizette Koehler
  Sent: Tuesday, July 29, 2014 6:48 AM
  To: IBM-MAIN@LISTSERV.UA.EDU
  Subject: Re: RMDS
 
  You may need to contract an assembler programmer if you are not
 comfortable
  with Assembler and system exits.
 
  What you would want is if the ERASE command is entered, to trap it,
 probably
  validate to see if that person is authorized and if they are not
 authorized, send back
  a message along those lines.  Otherwise allow the command.
 
  I am surprised IBM does not have sample exits that you could work with.
 
  I do not remember if the panels were part of RMDS or if they were 
  ISPF
 Panels
  invoked by RMDS.  If they are ISPF Panels you might be able to put
 something in
  the panel process to trap ERASE and action accordingly.
 
  Lizette
 
 
   -Original Message-
   From: IBM Mainframe Discussion List 
   [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Roff, Donna
   Sent: Tuesday, July 29, 2014 6:30 AM
   To: IBM-MAIN@LISTSERV.UA.EDU
   Subject: Re: RMDS
  
   HI Brian
   Thanks.
  
   This , this is a very old product.  Even IBM is not able to offer 
   much
  advice.
  
   We have an exit that just covers sign on.
  
   I would like to perhaps just disable that RMDS command  - ERASE -
  completely for
   either all or most users.  Within RMDS even, not ACF2.  The RMDS
  administrator
   controls access through RMDS.  But access seems to be all or 
   nothing, if
  you can
   view it, you can erase it.
  
   Tx for looking for your exits.
  
   -Original Message-
   From: IBM Mainframe Discussion List 
   [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Brian France
   Sent: Tuesday, July 29, 2014 8:57 AM
   To: IBM-MAIN@LISTSERV.UA.EDU
   Subject: Re: RMDS
  
   Way back machine started.
  
   Once upon a time we ran RMDS with ACF2. ACF2 versions woulda been 
   like
   6
  and
   8. I have no idea anymore what RMDS version we had.
  
   There were exits in RMDS that we utilized with ACF2. They would 
   take the
  report
   name ( the one you see when you're in RMDS, not the data set name
   ) and pass it to the exit were we would make a data set like call 
   to grant
  access. We
   had to write code utilizing the sample exit to do this.
   Think we placed standard HLQ  on the report name when we built the 
   data
  set like
   call to write rules against.
  
   There was a sign on exit as well.
  
   I looked for my exits but alas I musta cleaned house when RMDS 
   went the
  way of
   the dino here...
  
  
   On 7/29/2014 8:27 AM, Roff, Donna wrote:
Thanks Koluso and Lizette
   
Ive gone through the manuals already and cant seem

Re: RMDS

2014-07-29 Thread Lizette Koehler

So, the problem with ERASE?
Is it too many users have ERASE?  Just from a brief look at the manuals, it
looks like that normal users would just need READ.

And I am going to guess here.

Unless both the AUTHOWNR and AUTHERAS are the same for the user, they would
not have the ability to erase.

I have not used RMDS in over 15 years.  So I am really fuzzy on how it
works.  And I am not sure why IBM cannot help.  I do not know it the product
is off support or not.

Has your management started discussions on moving to a better supported
product?

Lizette



 -Original Message-
 From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On
 Behalf Of Roff, Donna
 Sent: Tuesday, July 29, 2014 7:30 AM
 To: IBM-MAIN@LISTSERV.UA.EDU
 Subject: Re: RMDS
 
 Also, I couldn't figure out what the RMDS definitions for ALTER and UPDATE
are.
 The description for AUTHOWNR in the manual is like the description for
 AUTHERAS
 
 
 AUTHOWNR | A|ALTER | Specifies the authorization level required|
   |  | U|UPDATE| for a report owner.
 
 
 But both UPDATE and ALTER sound pretty significant.
 
 -Original Message-
 From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On
 Behalf Of Roff, Donna
 Sent: Tuesday, July 29, 2014 10:16 AM
 To: IBM-MAIN@LISTSERV.UA.EDU
 Subject: Re: RMDS
 
 Hi Lizette,
 I had changed this AUTHERAS option form UPDATE to ALTER  and it didn't
make
 a difference.  Let me refresh what I did,  if anything,  with AUTHOWNR.
 
 -Original Message-
 From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On
 Behalf Of Lizette Koehler
 Sent: Tuesday, July 29, 2014 10:13 AM
 To: IBM-MAIN@LISTSERV.UA.EDU
 Subject: Re: RMDS
 
 IN the manual it states
 
 AUTHERASSpecifies the authorization level for the  ERASE and
 RESTORE commands.
  A|ALTER
  U|UPDATE
 
 Perhaps you can see if your users have ALTER or UPDATE authority on the
 report/dsn.  In the manual Report Management and Distribution System
 Administration Guide Version 2 Release 3 Document Number S544-5395-00
 
 Note: The RMDS default is to define report owners as having UPDATE
authority,
 but system options are available to allow you to specify what access
should be used
 to define report owners (AUTHOWNR) and to define the authority to issue
ERASE
 commands (AUTHERAS).
 
 
The viewer region and report distribution facility user IDs
need only READ
 access, for those cases where the job or started task user ID does not
match the
 user IDs accessing reports.
 
 
 So maybe you can change the DEFINE AUTHERAS and AUTHOWNR to a
 different levels and only give that level to those allowed to erase
reports.
 
 Lizette
 

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: RMDS

2014-07-29 Thread Roff, Donna

Lizette,
I think everybody has ERASE authority.  AUTHOWNR and AUTHERAS are system 
options so wouldn't that be global?

I don't know why IBM cant help either. Sigh.  As far as I know it is still on 
support.

If that's the case, I suppose I could initiate a Request for Enhancement.  I 
know they would just love this for this vestigial product.

-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Lizette Koehler
Sent: Tuesday, July 29, 2014 10:35 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: RMDS

So, the problem with ERASE?
Is it too many users have ERASE?  Just from a brief look at the manuals, it 
looks like that normal users would just need READ.

And I am going to guess here.

Unless both the AUTHOWNR and AUTHERAS are the same for the user, they would not 
have the ability to erase.

I have not used RMDS in over 15 years.  So I am really fuzzy on how it works.  
And I am not sure why IBM cannot help.  I do not know it the product is off 
support or not.

Has your management started discussions on moving to a better supported product?

Lizette



 -Original Message-
 From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] 
 On Behalf Of Roff, Donna
 Sent: Tuesday, July 29, 2014 7:30 AM
 To: IBM-MAIN@LISTSERV.UA.EDU
 Subject: Re: RMDS
 
 Also, I couldn't figure out what the RMDS definitions for ALTER and 
 UPDATE
are.
 The description for AUTHOWNR in the manual is like the description for 
 AUTHERAS
 
 
 AUTHOWNR | A|ALTER | Specifies the authorization level required|
   |  | U|UPDATE| for a report owner.
 
 
 But both UPDATE and ALTER sound pretty significant.
 
 -Original Message-
 From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] 
 On Behalf Of Roff, Donna
 Sent: Tuesday, July 29, 2014 10:16 AM
 To: IBM-MAIN@LISTSERV.UA.EDU
 Subject: Re: RMDS
 
 Hi Lizette,
 I had changed this AUTHERAS option form UPDATE to ALTER  and it didn't
make
 a difference.  Let me refresh what I did,  if anything,  with AUTHOWNR.
 
 -Original Message-
 From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] 
 On Behalf Of Lizette Koehler
 Sent: Tuesday, July 29, 2014 10:13 AM
 To: IBM-MAIN@LISTSERV.UA.EDU
 Subject: Re: RMDS
 
 IN the manual it states
 
 AUTHERASSpecifies the authorization level for the  ERASE and
 RESTORE commands.
  A|ALTER
  U|UPDATE
 
 Perhaps you can see if your users have ALTER or UPDATE authority on 
 the report/dsn.  In the manual Report Management and Distribution 
 System Administration Guide Version 2 Release 3 Document Number 
 S544-5395-00
 
 Note: The RMDS default is to define report owners as having UPDATE
authority,
 but system options are available to allow you to specify what access
should be used
 to define report owners (AUTHOWNR) and to define the authority to 
 issue
ERASE
 commands (AUTHERAS).
 
 
The viewer region and report distribution facility user IDs
need only READ
 access, for those cases where the job or started task user ID does not
match the
 user IDs accessing reports.
 
 
 So maybe you can change the DEFINE AUTHERAS and AUTHOWNR to a 
 different levels and only give that level to those allowed to erase
reports.
 
 Lizette
 

--
For IBM-MAIN subscribe / signoff / archive access instructions, send email to 
lists...@listserv.ua.edu with the message: INFO IBM-MAIN

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: RMDS

2014-07-29 Thread Lizette Koehler

Or if you could try this.

Normal user would have READ access to the REPORT/dsn.

An owner would have either ALTER or UPDATE on the REPORT/DSN (just a guess)

So if a user had READ access then AUTHOWNR or AUTHERAS would not be involved

If they user had ALTER or UPDATE access the AUTHOWNR or AUTHERAS would be
involved.

I would take that question to IBM.  

How to get everyone to be a reader of reports, not be allowed to access
other reports they are not supposed to.  And how does AUTHOWNR and AUTHERAS
get involved.

It could be you still have to code the exit DBNUXSEC

Lizette


 -Original Message-
 From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On
 Behalf Of Roff, Donna
 Sent: Tuesday, July 29, 2014 7:41 AM
 To: IBM-MAIN@LISTSERV.UA.EDU
 Subject: Re: RMDS
 
 Lizette,
 I think everybody has ERASE authority.  AUTHOWNR and AUTHERAS are
 system options so wouldn't that be global?
 
 I don't know why IBM cant help either. Sigh.  As far as I know it is still
on support.
 
 If that's the case, I suppose I could initiate a Request for Enhancement.
I know they
 would just love this for this vestigial product.
 
 -Original Message-
 From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On
 Behalf Of Lizette Koehler
 Sent: Tuesday, July 29, 2014 10:35 AM
 To: IBM-MAIN@LISTSERV.UA.EDU
 Subject: Re: RMDS
 
 So, the problem with ERASE?
 Is it too many users have ERASE?  Just from a brief look at the manuals,
it looks
 like that normal users would just need READ.
 
 And I am going to guess here.
 
 Unless both the AUTHOWNR and AUTHERAS are the same for the user, they
 would not have the ability to erase.
 
 I have not used RMDS in over 15 years.  So I am really fuzzy on how it
works.  And
 I am not sure why IBM cannot help.  I do not know it the product is off
support or
 not.
 
 Has your management started discussions on moving to a better supported
 product?
 
 Lizette
 
 
 
  -Original Message-
  From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU]
  On Behalf Of Roff, Donna
  Sent: Tuesday, July 29, 2014 7:30 AM
  To: IBM-MAIN@LISTSERV.UA.EDU
  Subject: Re: RMDS
 
  Also, I couldn't figure out what the RMDS definitions for ALTER and
  UPDATE
 are.
  The description for AUTHOWNR in the manual is like the description for
  AUTHERAS
 
 
  AUTHOWNR | A|ALTER | Specifies the authorization level required|
|  | U|UPDATE| for a report owner.
 
 
  But both UPDATE and ALTER sound pretty significant.
 
  -Original Message-
  From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU]
  On Behalf Of Roff, Donna
  Sent: Tuesday, July 29, 2014 10:16 AM
  To: IBM-MAIN@LISTSERV.UA.EDU
  Subject: Re: RMDS
 
  Hi Lizette,
  I had changed this AUTHERAS option form UPDATE to ALTER  and it didn't
 make
  a difference.  Let me refresh what I did,  if anything,  with AUTHOWNR.
 
  -Original Message-
  From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU]
  On Behalf Of Lizette Koehler
  Sent: Tuesday, July 29, 2014 10:13 AM
  To: IBM-MAIN@LISTSERV.UA.EDU
  Subject: Re: RMDS
 
  IN the manual it states
 
  AUTHERASSpecifies the authorization level for the  ERASE and
  RESTORE commands.
   A|ALTER
   U|UPDATE
 
  Perhaps you can see if your users have ALTER or UPDATE authority on
  the report/dsn.  In the manual Report Management and Distribution
  System Administration Guide Version 2 Release 3 Document Number
  S544-5395-00
 
  Note: The RMDS default is to define report owners as having UPDATE
 authority,
  but system options are available to allow you to specify what access
 should be used
  to define report owners (AUTHOWNR) and to define the authority to
  issue
 ERASE
  commands (AUTHERAS).
 
 
 The viewer region and report distribution facility user IDs
 need only READ
  access, for those cases where the job or started task user ID does not
 match the
  user IDs accessing reports.
 
 
  So maybe you can change the DEFINE AUTHERAS and AUTHOWNR to a
  different levels and only give that level to those allowed to erase
 reports.
 
  Lizette
 
 
 --
 For IBM-MAIN subscribe / signoff / archive access instructions, send email
to
 lists...@listserv.ua.edu with the message: INFO IBM-MAIN
 
 --
 For IBM-MAIN subscribe / signoff / archive access instructions, send email
to
 lists...@listserv.ua.edu with the message: INFO IBM-MAIN

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: RMDS

2014-07-29 Thread Roff, Donna

Hi Lizette,
Actually, I was looking at a F2 (General help) as opposed to F1 (Help) in RMDS 
and see the following:
--- COMMANDS FOR OWNERS OF REPORTS -
ERASE   
  - FLAGS THE REPORT FOR DELETION   
RESTORE 
  - MAKES AN ERASED REPORT ACCESSIBLE AGAIN (EFFECTIVE ONLY IF ISSUED   
WHILE STILL VIEWING A REPORT ON WHICH ERASE WAS ISSUED) 


So it looks like ERASE is just for OWNERS.  So I do have to see how the 
administrator has defined the Owners and reports.




-Original Message-
From: Roff, Donna 
Sent: Tuesday, July 29, 2014 10:41 AM
To: 'IBM Mainframe Discussion List'
Subject: RE: RMDS

Lizette,
I think everybody has ERASE authority.  AUTHOWNR and AUTHERAS are system 
options so wouldn't that be global?

I don't know why IBM cant help either. Sigh.  As far as I know it is still on 
support.

If that's the case, I suppose I could initiate a Request for Enhancement.  I 
know they would just love this for this vestigial product.

-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Lizette Koehler
Sent: Tuesday, July 29, 2014 10:35 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: RMDS

So, the problem with ERASE?
Is it too many users have ERASE?  Just from a brief look at the manuals, it 
looks like that normal users would just need READ.

And I am going to guess here.

Unless both the AUTHOWNR and AUTHERAS are the same for the user, they would not 
have the ability to erase.

I have not used RMDS in over 15 years.  So I am really fuzzy on how it works.  
And I am not sure why IBM cannot help.  I do not know it the product is off 
support or not.

Has your management started discussions on moving to a better supported product?

Lizette



 -Original Message-
 From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] 
 On Behalf Of Roff, Donna
 Sent: Tuesday, July 29, 2014 7:30 AM
 To: IBM-MAIN@LISTSERV.UA.EDU
 Subject: Re: RMDS
 
 Also, I couldn't figure out what the RMDS definitions for ALTER and 
 UPDATE
are.
 The description for AUTHOWNR in the manual is like the description for 
 AUTHERAS
 
 
 AUTHOWNR | A|ALTER | Specifies the authorization level required|
   |  | U|UPDATE| for a report owner.
 
 
 But both UPDATE and ALTER sound pretty significant.
 
 -Original Message-
 From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] 
 On Behalf Of Roff, Donna
 Sent: Tuesday, July 29, 2014 10:16 AM
 To: IBM-MAIN@LISTSERV.UA.EDU
 Subject: Re: RMDS
 
 Hi Lizette,
 I had changed this AUTHERAS option form UPDATE to ALTER  and it didn't
make
 a difference.  Let me refresh what I did,  if anything,  with AUTHOWNR.
 
 -Original Message-
 From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] 
 On Behalf Of Lizette Koehler
 Sent: Tuesday, July 29, 2014 10:13 AM
 To: IBM-MAIN@LISTSERV.UA.EDU
 Subject: Re: RMDS
 
 IN the manual it states
 
 AUTHERASSpecifies the authorization level for the  ERASE and
 RESTORE commands.
  A|ALTER
  U|UPDATE
 
 Perhaps you can see if your users have ALTER or UPDATE authority on 
 the report/dsn.  In the manual Report Management and Distribution 
 System Administration Guide Version 2 Release 3 Document Number
 S544-5395-00
 
 Note: The RMDS default is to define report owners as having UPDATE
authority,
 but system options are available to allow you to specify what access
should be used
 to define report owners (AUTHOWNR) and to define the authority to 
 issue
ERASE
 commands (AUTHERAS).
 
 
The viewer region and report distribution facility user IDs
need only READ
 access, for those cases where the job or started task user ID does not
match the
 user IDs accessing reports.
 
 
 So maybe you can change the DEFINE AUTHERAS and AUTHOWNR to a 
 different levels and only give that level to those allowed to erase
reports.
 
 Lizette
 

--
For IBM-MAIN subscribe / signoff / archive access instructions, send email to 
lists...@listserv.ua.edu with the message: INFO IBM-MAIN

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: RMDS

2014-07-29 Thread Lizette Koehler

Good luck

Lizette

 -Original Message-
 From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On
 Behalf Of Roff, Donna
 Sent: Tuesday, July 29, 2014 9:34 AM
 To: IBM-MAIN@LISTSERV.UA.EDU
 Subject: Re: RMDS

 Hi Lizette,
 Actually, I was looking at a F2 (General help) as opposed to F1 (Help) in
RMDS and
 see the following:
 --- COMMANDS FOR OWNERS OF REPORTS -
 ERASE
   - FLAGS THE REPORT FOR DELETION
 RESTORE
   - MAKES AN ERASED REPORT ACCESSIBLE AGAIN (EFFECTIVE ONLY IF
 ISSUED
 WHILE STILL VIEWING A REPORT ON WHICH ERASE WAS ISSUED)

 So it looks like ERASE is just for OWNERS.  So I do have to see how the
 administrator has defined the Owners and reports.

 -Original Message-
 From: Roff, Donna
 Sent: Tuesday, July 29, 2014 10:41 AM
 To: 'IBM Mainframe Discussion List'
 Subject: RE: RMDS

 Lizette,
 I think everybody has ERASE authority.  AUTHOWNR and AUTHERAS are
 system options so wouldn't that be global?

 I don't know why IBM cant help either. Sigh.  As far as I know it is still
on support.

 If that's the case, I suppose I could initiate a Request for Enhancement.
I know they
 would just love this for this vestigial product.

 -Original Message-
 From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On
 Behalf Of Lizette Koehler
 Sent: Tuesday, July 29, 2014 10:35 AM
 To: IBM-MAIN@LISTSERV.UA.EDU
 Subject: Re: RMDS

 So, the problem with ERASE?
 Is it too many users have ERASE?  Just from a brief look at the manuals,
it looks
 like that normal users would just need READ.

 And I am going to guess here.

 Unless both the AUTHOWNR and AUTHERAS are the same for the user, they
 would not have the ability to erase.

 I have not used RMDS in over 15 years.  So I am really fuzzy on how it
works.  And
 I am not sure why IBM cannot help.  I do not know it the product is off
support or
 not.

 Has your management started discussions on moving to a better supported
 product?

 Lizette

  -Original Message-
  From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU]
  On Behalf Of Roff, Donna
  Sent: Tuesday, July 29, 2014 7:30 AM
  To: IBM-MAIN@LISTSERV.UA.EDU
  Subject: Re: RMDS

  Also, I couldn't figure out what the RMDS definitions for ALTER and
  UPDATE
 are.
  The description for AUTHOWNR in the manual is like the description for
  AUTHERAS

  AUTHOWNR | A|ALTER | Specifies the authorization level required|
|  | U|UPDATE| for a report owner.

  But both UPDATE and ALTER sound pretty significant.

  -Original Message-
  From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU]
  On Behalf Of Roff, Donna
  Sent: Tuesday, July 29, 2014 10:16 AM
  To: IBM-MAIN@LISTSERV.UA.EDU
  Subject: Re: RMDS

  Hi Lizette,
  I had changed this AUTHERAS option form UPDATE to ALTER  and it didn't
 make
  a difference.  Let me refresh what I did,  if anything,  with AUTHOWNR.

  -Original Message-
  From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU]
  On Behalf Of Lizette Koehler
  Sent: Tuesday, July 29, 2014 10:13 AM
  To: IBM-MAIN@LISTSERV.UA.EDU
  Subject: Re: RMDS

  IN the manual it states

  AUTHERASSpecifies the authorization level for the  ERASE and
  RESTORE commands.
   A|ALTER
   U|UPDATE

  Perhaps you can see if your users have ALTER or UPDATE authority on
  the report/dsn.  In the manual Report Management and Distribution
  System Administration Guide Version 2 Release 3 Document Number
  S544-5395-00

  Note: The RMDS default is to define report owners as having UPDATE
 authority,
  but system options are available to allow you to specify what access
 should be used
  to define report owners (AUTHOWNR) and to define the authority to
  issue
 ERASE
  commands (AUTHERAS).

 The viewer region and report distribution facility user IDs
 need only READ
  access, for those cases where the job or started task user ID does not
 match the
  user IDs accessing reports.

  So maybe you can change the DEFINE AUTHERAS and AUTHOWNR to a
  different levels and only give that level to those allowed to erase
 reports.

  Lizette

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: RMDS

2014-07-29 Thread Roff, Donna

Thank you for your input. I will keep you updated.

-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Lizette Koehler
Sent: Tuesday, July 29, 2014 12:50 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: RMDS

Good luck

Lizette

 -Original Message-
 From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] 
 On Behalf Of Roff, Donna
 Sent: Tuesday, July 29, 2014 9:34 AM
 To: IBM-MAIN@LISTSERV.UA.EDU
 Subject: Re: RMDS

 Hi Lizette,
 Actually, I was looking at a F2 (General help) as opposed to F1 (Help) 
 in
RMDS and
 see the following:
 --- COMMANDS FOR OWNERS OF REPORTS 
 - ERASE
   - FLAGS THE REPORT FOR DELETION
 RESTORE
   - MAKES AN ERASED REPORT ACCESSIBLE AGAIN (EFFECTIVE ONLY IF ISSUED
 WHILE STILL VIEWING A REPORT ON WHICH ERASE WAS ISSUED)

 So it looks like ERASE is just for OWNERS.  So I do have to see how 
 the administrator has defined the Owners and reports.

 -Original Message-
 From: Roff, Donna
 Sent: Tuesday, July 29, 2014 10:41 AM
 To: 'IBM Mainframe Discussion List'
 Subject: RE: RMDS

 Lizette,
 I think everybody has ERASE authority.  AUTHOWNR and AUTHERAS are 
 system options so wouldn't that be global?

 I don't know why IBM cant help either. Sigh.  As far as I know it is 
 still
on support.

 If that's the case, I suppose I could initiate a Request for Enhancement.
I know they
 would just love this for this vestigial product.

 -Original Message-
 From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] 
 On Behalf Of Lizette Koehler
 Sent: Tuesday, July 29, 2014 10:35 AM
 To: IBM-MAIN@LISTSERV.UA.EDU
 Subject: Re: RMDS

 So, the problem with ERASE?
 Is it too many users have ERASE?  Just from a brief look at the 
 manuals,
it looks
 like that normal users would just need READ.

 And I am going to guess here.

 Unless both the AUTHOWNR and AUTHERAS are the same for the user, they 
 would not have the ability to erase.

 I have not used RMDS in over 15 years.  So I am really fuzzy on how it
works.  And
 I am not sure why IBM cannot help.  I do not know it the product is 
 off
support or
 not.

 Has your management started discussions on moving to a better 
 supported product?

 Lizette

  -Original Message-
  From: IBM Mainframe Discussion List 
  [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Roff, Donna
  Sent: Tuesday, July 29, 2014 7:30 AM
  To: IBM-MAIN@LISTSERV.UA.EDU
  Subject: Re: RMDS

  Also, I couldn't figure out what the RMDS definitions for ALTER and 
  UPDATE
 are.
  The description for AUTHOWNR in the manual is like the description 
  for AUTHERAS

  AUTHOWNR | A|ALTER | Specifies the authorization level required|
|  | U|UPDATE| for a report owner.

  But both UPDATE and ALTER sound pretty significant.

  -Original Message-
  From: IBM Mainframe Discussion List 
  [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Roff, Donna
  Sent: Tuesday, July 29, 2014 10:16 AM
  To: IBM-MAIN@LISTSERV.UA.EDU
  Subject: Re: RMDS

  Hi Lizette,
  I had changed this AUTHERAS option form UPDATE to ALTER  and it 
  didn't
 make
  a difference.  Let me refresh what I did,  if anything,  with AUTHOWNR.

  -Original Message-
  From: IBM Mainframe Discussion List 
  [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Lizette Koehler
  Sent: Tuesday, July 29, 2014 10:13 AM
  To: IBM-MAIN@LISTSERV.UA.EDU
  Subject: Re: RMDS

  IN the manual it states

  AUTHERASSpecifies the authorization level for the  ERASE and
  RESTORE commands.
   A|ALTER
   U|UPDATE

  Perhaps you can see if your users have ALTER or UPDATE authority on 
  the report/dsn.  In the manual Report Management and Distribution 
  System Administration Guide Version 2 Release 3 Document Number
  S544-5395-00

  Note: The RMDS default is to define report owners as having UPDATE
 authority,
  but system options are available to allow you to specify what access
 should be used
  to define report owners (AUTHOWNR) and to define the authority to 
  issue
 ERASE
  commands (AUTHERAS).

 The viewer region and report distribution facility user 
  IDs
 need only READ
  access, for those cases where the job or started task user ID does 
  not
 match the
  user IDs accessing reports.

  So maybe you can change the DEFINE AUTHERAS and AUTHOWNR to a 
  different levels and only give that level to those allowed to erase
 reports.

  Lizette

--
For IBM-MAIN subscribe / signoff / archive access instructions, send email to 
lists...@listserv.ua.edu with the message: INFO IBM-MAIN

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: RMDS

2014-07-28 Thread Lizette Koehler

No introduction needed. And welcome
What version ofz/OS.  ;RMDS and ACF2

Just post with enough info so we can understand the question.

Lizette 


-Original Message-
From: Roff, Donna dr...@fisa.nyc.gov
Sent: Jul 28, 2014 12:08 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: RMDS

Hi,

Is anyone here familiar with RMDS (Report Management Distribution System) ?
We have a question about security on one of the RMDS commands available 
against a report.  ACF2 protects the MVS datasets but this is for the actual 
report.

(This is my first post.  I don't know if I need to put any introduction.)

Thanks,
Donna

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: RMDS

2014-07-28 Thread Sri h Kolusu

May be this will help

Chapter 16 in Administration Guide

http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/DBNA3000

or this one

http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/DBNC3000


Kolusu

IBM Mainframe Discussion List IBM-MAIN@listserv.ua.edu wrote on 
07/28/2014 12:08:10 PM:

 From: Roff, Donna dr...@fisa.nyc.gov
 To: IBM-MAIN@listserv.ua.edu
 Date: 07/28/2014 12:19 PM
 Subject: RMDS
 Sent by: IBM Mainframe Discussion List IBM-MAIN@listserv.ua.edu
 
 Hi,
 
 Is anyone here familiar with RMDS (Report Management Distribution 
System) ?
 We have a question about security on one of the RMDS commands 
 available against a report.  ACF2 protects the MVS datasets but this
 is for the actual report.
 
 (This is my first post.  I don't know if I need to put any 
introduction.)
 
 Thanks,
 Donna
 
 --
 For IBM-MAIN subscribe / signoff / archive access instructions,
 send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
 

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: RMDS for reporting on Mainframe

Re: RMDS for reporting on Mainframe

Re: RMDS for reporting on Mainframe

Re: RMDS for reporting on Mainframe

Re: RMDS

Re: RMDS

Re: RMDS

Re: RMDS

Re: RMDS

Re: RMDS

Re: RMDS

Re: RMDS

Re: RMDS

Re: RMDS

Re: RMDS

Re: RMDS

Re: RMDS

Re: RMDS

Re: RMDS

Re: RMDS

Re: RMDS

21 matches

Site Navigation

Mail list logo

Footer information