ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Top Secret command equivalent for RACF's "Protected" attribute


Article ID: 103008


Updated On:


Top Secret Top Secret - LDAP


Is there a Top Secret command equivalent for RACF's "Protected" attribute?


Component: TSSMVS


There is no Top Secret equivalent for RACF's "Protected" attribute 
We do have OPTIONS(4) setting along with SOURCE restriction available. 
OPTION 4 is will let started task run in the STC facility without the 
requirement to signon with a password. Everywhere else it will be required to 
signon with a password. BUT, if you dont give the password out to anyone, 
they will not be able to signon with it anywhere else. 

CA Top Secret is security check driven. So if a aignon security check 
is issued at the point of entry with the IP address, CA Top Secret 
can restrict entry via SOURCE keyword. SOURCE controls which terminals 
or IP addresses an acid can signon to. But the key is, the IP address 
must be provided at the signon, if not, CA Top Secret cannot enforce 
the SOURCE restriction. Please see the Command Functions Guide for 
more details about the SOURCE keyword/restriction.