Re: ACF2/RACF User Appliation Logical Access

2012-01-13 Thread Chase, John
-Original Message- From: IBM Mainframe Discussion List On Behalf Of Henke, George tyvm, Seymour What we have since discovered is that the ACF2/NETMENU Session process has a side batch file non-SAF process that contains the applications specific to each user and the NETMENU session

Re: ACF2/RACF User Appliation Logical Access

2012-01-12 Thread Binyamin Dissen
Of Shmuel Metz (Seymour J.) :Sent: Saturday, January 07, 2012 5:48 PM :To: IBM-MAIN@bama.ua.edu :Subject: Re: ACF2/RACF User Appliation Logical Access : :In :04b3da7b71b3ab408ca62ba6046bcf8f23d673a...@gvw0676exc.americas.hpqcorp.net, :on 01/06/2012 : at 07:34 PM, Henke, George george.he...@hp.com

Re: ACF2/RACF User Appliation Logical Access

2012-01-12 Thread Shmuel Metz (Seymour J.)
In 04b3da7b71b3ab408ca62ba6046bcf8f23d722c...@gvw0676exc.americas.hpqcorp.net, on 01/12/2012 at 03:02 AM, Henke, George george.he...@hp.com said: What we have since discovered is that the ACF2/NETMENU Session process has a side batch file non-SAF process that contains the applications specific

Re: ACF2/RACF User Appliation Logical Access

2012-01-12 Thread Henke, George
/RACF User Appliation Logical Access In 04b3da7b71b3ab408ca62ba6046bcf8f23d722c...@gvw0676exc.americas.hpqcorp.net, on 01/12/2012 at 03:02 AM, Henke, George george.he...@hp.com said: What we have since discovered is that the ACF2/NETMENU Session process has a side batch file non-SAF process

Re: ACF2/RACF User Appliation Logical Access

2012-01-12 Thread Mark Zelden
On Thu, 12 Jan 2012 21:32:52 +, Henke, George george.he...@hp.com wrote: It looks at it in addition, either before or after (still getting the facts) going through the normal ACF2 validation process. Evidently to avoid the huge SAF call overhead of 1000's of SAF calls when 1000's of users

Re: ACF2/RACF User Appliation Logical Access

2012-01-11 Thread Henke, George
Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of Shmuel Metz (Seymour J.) Sent: Saturday, January 07, 2012 5:48 PM To: IBM-MAIN@bama.ua.edu Subject: Re: ACF2/RACF User Appliation Logical Access In 04b3da7b71b3ab408ca62ba6046bcf8f23d673a...@gvw0676exc.americas.hpqcorp.net, on 01/06/2012

Re: ACF2/RACF User Appliation Logical Access

2012-01-10 Thread Hal Merritt
and good luck. -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of Henke, George Sent: Thursday, January 05, 2012 5:49 PM To: IBM-MAIN@bama.ua.edu Subject: ACF2/RACF User Appliation Logical Access Does anyone know how ACF2 validates a users

Re: ACF2/RACF User Appliation Logical Access

2012-01-07 Thread Shmuel Metz (Seymour J.)
In of1e657c39.6b09d6a3-on8625797d.005ea97d-8625797d.005f1...@us.ibm.com, on 01/06/2012 at 11:18 AM, Wayne Driscoll wdri...@us.ibm.com said: Based on my past experiences with ACF2, I believe that ACF2 acts as if each rule line contains, in RACF terms, as asterisk after the last character.

Re: ACF2/RACF User Appliation Logical Access

2012-01-07 Thread Shmuel Metz (Seymour J.)
In 04b3da7b71b3ab408ca62ba6046bcf8f23d673a...@gvw0676exc.americas.hpqcorp.net, on 01/06/2012 at 07:34 PM, Henke, George george.he...@hp.com said: I suspect this may be generating a separate SAF call for each application for each user and there are 1000's of users, whereas ACF2 may be

Re: ACF2/RACF User Appliation Logical Access

2012-01-06 Thread Chase, John
-Original Message- From: IBM Mainframe Discussion List On Behalf Of Henke, George Does anyone know how ACF2 validates a users access to specific applications? Recently we tried to migrate from ACF2 to RACF and were forced to fallback because ACF2 was somehow *wildcarding* a user's

Re: ACF2/RACF User Appliation Logical Access

2012-01-06 Thread Shmuel Metz (Seymour J.)
In 04b3da7b71b3ab408ca62ba6046bcf8f23d673a...@gvw0676exc.americas.hpqcorp.net, on 01/05/2012 at 11:49 PM, Henke, George george.he...@hp.com said: Does anyone know how ACF2 validates a users access to specific applications? Not without knowing how the installation has defined each. Recently

Re: ACF2/RACF User Appliation Logical Access

2012-01-06 Thread Wayne Driscoll
. === Wayne Driscoll OMEGAMON DB2 L3 Support/Development wdrisco(AT)us.ibm.com === From: Shmuel Metz (Seymour J.) shmuel+ibm-m...@patriot.net To: IBM-MAIN@bama.ua.edu Date: 01/06/2012 10:07 AM Subject: Re: ACF2/RACF User Appliation Logical

Re: ACF2/RACF User Appliation Logical Access

2012-01-06 Thread Mark Post
On 1/6/2012 at 12:18 PM, Wayne Driscoll wdri...@us.ibm.com wrote: Based on my past experiences with ACF2, I believe that ACF2 acts as if each rule line contains, in RACF terms, as asterisk after the last character. For example, if there are the following resources protected: APPL APPL1

Re: ACF2/RACF User Appliation Logical Access

2012-01-06 Thread Henke, George
PRIMARY LANGUAGE DEFAULT : ENU SECONDARY LANGUAGE DEFAULT : ENU READY END  -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of Chase, John Sent: Friday, January 06, 2012 7:48 AM To: IBM-MAIN@bama.ua.edu Subject: Re: ACF2/RACF User Appliation

Re: ACF2/RACF User Appliation Logical Access

2012-01-06 Thread Mark Zelden
On Fri, 6 Jan 2012 19:34:33 +, Henke, George george.he...@hp.com wrote: Below is a list of all profiles under MENUAPPL class and our SETR list. As you will see there is a discrete profile for each application and 2 generic profiles one being **. The ** profile has a UACC(NONE) and no users

ACF2/RACF User Appliation Logical Access

2012-01-05 Thread Henke, George
Does anyone know how ACF2 validates a users access to specific applications? Recently we tried to migrate from ACF2 to RACF and were forced to fallback because ACF2 was somehow *wildcarding* a user's access to applications whereas RACF was iterating through a list of applications. The