Converting CA 7 Internal Security to RACF External Security
Article ID: 128454
CA 7 Workload Automation
This article provides a basic approach to converting from CA 7 Internal Security to a External Security Product. Within CA Workload Automation SE (CA 7) is a list of Application IDs.
Application IDs are assign a number from 0 to 15 and can be correlated to commands. Commands assigned lower numbers are less restrictive than commands assigned higher numbers. For example; inquiry commands can have level 4, while utilities can have level 10. An operator is limited to commands of the application that have an assigned value (in SASSTRAN) equal to or less than the authorization level specified in the SECURITY macro for the operator. An authorization level is specified for each application that an operator can access.
Release: Component: 7
When converting to External Security, it is helpful to understand the meaning of each Application ID given to your internal security table. External Security use Resource Names as oppose to Application IDs. Normaly, the CA 7 Database Administrator assigns the application levels for internal security users. Internal Security for CA 7 requires only a CA 7 OPID, or CA 7 Userid. External security requires the use of a logon id and a password for logging into CA 7.
To corelate the internal security table to resource names normally requires the CA 7 database administrator working in concert with the external security administrator. The application ids and their description can be determine by accessing the HELP feature of CA 7. This can be accomplished by typing 'HELP' fron an online session. Once the HELP menu appears, type 'Y' next to INDEX. A list of CA 7 commands will appear in the left column and the application name is listed in the second column. You can over type the command replacing it with INDEX to get a full description of the command. The CA 7 Security Manual will have a list of the command resources and level of access.
You can also refer to the CA 7 Command Guide for a description of each command.