Best Practices:PERMIT To PROFILE Or Directly To ACID In Top Secret
Article ID: 100664
Updated On:
Products
Top Secret
Top Secret - LDAP
Issue/Introduction
What is the best way to authorize a user to DSN(CFZSRV)?
Environment
Release:
Component: TSSMVS
Component: TSSMVS
Resolution
This can be achieved by one of the following:
1. PERMIT the dataset to the user's acid.
2. Add a PROFILE ACID to the user that has been PERMITted to DSN(CFZSRV).
3. Give the user the NODSNCHK and NOVOLCHK bypass attributes which is total overkill since it gives the user access to every dataset and volume. This is not a best practice. Auditors frown up on this.
The best practices would be to permit the dataset to a PROFILE and then attach the PROFILE to the user.
Permitting the dataset directly to the user's acid is also acceptable. It's just a matter of choice.
1. PERMIT the dataset to the user's acid.
2. Add a PROFILE ACID to the user that has been PERMITted to DSN(CFZSRV).
3. Give the user the NODSNCHK and NOVOLCHK bypass attributes which is total overkill since it gives the user access to every dataset and volume. This is not a best practice. Auditors frown up on this.
The best practices would be to permit the dataset to a PROFILE and then attach the PROFILE to the user.
Permitting the dataset directly to the user's acid is also acceptable. It's just a matter of choice.
Feedback
Yes
No
Powered by
