Convert z/OSMF 2.3 Member IZUNASEC RACF To Top Secret Equivalent TSS Commands
Article ID: 129709
Updated On:
Products
Top Secret
Top Secret - LDAP
Issue/Introduction
Convert z/OSMF RACF member IZUNASEC to the Top Secret command equivalent.
Environment
Release:
Component: TSSMVS
Component: TSSMVS
Resolution
//IZUNASEC JOB MSGCLASS=C,MSGLEVEL=(1,1),USER=XXXXXXX,NOTIFY=XXXXXXX
//STEP1 EXEC PGM=IKJEFT01,DYNAMNBR=99
//SYSPRINT DD SYSOUT=*
//SYSTSPRT DD SYSOUT=*
//SYSTSIN DD *
/* */
/* Begin "zERT Network Analyzer" Setup */
/* */
/* Profile Definitions for "zERT Network Analyzer" */
RDEFINE ZMFAPLA IZUDFLT.ZOSMF.ZERT_NETWORK_ANALYZER +
UACC(NONE)
/* */
/* Create the zERT Network Analyzer group */
/* */
ADDGROUP IZUZNA OMVS(AUTOGID)
PERMIT IZUDFLT CLASS(APPL) ID(IZUZNA) ACCESS(READ)
PERMIT IZUDFLT.*.izuUsers CLASS(EJBROLE) ID(IZUZNA) ACCESS(READ)
PERMIT IZUDFLT.ZOSMF CLASS(ZMFAPLA) ID(IZUZNA) ACCESS(READ)
PERMIT IZUDFLT.ZOSMF.ZERT_NETWORK_ANALYZER CLASS(ZMFAPLA) +
ID(IZUZNA) ACCESS(READ)
TSS CREATE(IZUZNA) NAME('zERT Network Analyzer Profile') TYPE(PROFILE) DEPT(deptacid)
TSS CREATE(IZUZNAGP) NAME('zERT Network Analyzer Group') TYPE(GROUP) DEPT(deptacid)
TSS ADD(IZUZNAGP) GID(?)
TSS ADD(owningacid) APPL(IZUDFLT)
TSS ADD(owningacid) EJBROLE(IZUDFLT)
TSS ADD(owningacid) ZMFAPLA(IZUDFLT)
TSS PER(IZUZNA) APPL(IZUDFLT) ACC(READ)
TSS PER(IZUZNA) EJBROLE(PERMIT IZUDFLT.*.izuUsers)ACC(READ)
TSS PER(IZUZNA) ZMFAPLA(IZUDFLT.ZOSMF) ACC(READ)
TSS PER(IZUZNA) ZMFAPLA(IZUDFLT.ZOSMF.ZERT_NETWORK_ANALYZER) ACC(READ)
/* */
/* End Create the zERT Network Analyzer group */
/* */
/* */
/* Assign administrator privileges to IZUSVR */
/* */
RDEFINE EJBROLE +
IZUDFLT.com.ibm.ws.management.security.resource.Administrator +
UACC(NONE)
PERMIT +
IZUDFLT.com.ibm.ws.management.security.resource.Administrator +
CLASS(EJBROLE) ID(IZUSVR) ACCESS(READ)
TSS PER(IZUSVR) EJBROLE(IZUDFLT.com.ibm.ws.management.security.resource.Administrator) ACC(READ)
/* */
/* End Assign administrator privileges to IZUSVR */
/* */
/* Connect the users of the zERT Network Analyzer to the */
/* zERT Network Analyzer group */
/* CONNECT USERID GROUP(IZUZNA) */
/* TSS ADD(acid) GROUP(IZUZNAGP) PROFILE(IZUZNA)
/* End connect the users to zERT Network Analyzer group */
/* Need to REFRESH these classes for Roles */
SETROPTS RACLIST(APPL) REFRESH
SETROPTS RACLIST(ZMFAPLA) REFRESH
SETROPTS RACLIST(EJBROLE) REFRESH
*No equivalent and not need in TSS.
/* */
/* End "zERT Network Analyzer" Setup */
/* */
/*
//STEP1 EXEC PGM=IKJEFT01,DYNAMNBR=99
//SYSPRINT DD SYSOUT=*
//SYSTSPRT DD SYSOUT=*
//SYSTSIN DD *
/* */
/* Begin "zERT Network Analyzer" Setup */
/* */
/* Profile Definitions for "zERT Network Analyzer" */
RDEFINE ZMFAPLA IZUDFLT.ZOSMF.ZERT_NETWORK_ANALYZER +
UACC(NONE)
/* */
/* Create the zERT Network Analyzer group */
/* */
ADDGROUP IZUZNA OMVS(AUTOGID)
PERMIT IZUDFLT CLASS(APPL) ID(IZUZNA) ACCESS(READ)
PERMIT IZUDFLT.*.izuUsers CLASS(EJBROLE) ID(IZUZNA) ACCESS(READ)
PERMIT IZUDFLT.ZOSMF CLASS(ZMFAPLA) ID(IZUZNA) ACCESS(READ)
PERMIT IZUDFLT.ZOSMF.ZERT_NETWORK_ANALYZER CLASS(ZMFAPLA) +
ID(IZUZNA) ACCESS(READ)
TSS CREATE(IZUZNA) NAME('zERT Network Analyzer Profile') TYPE(PROFILE) DEPT(deptacid)
TSS CREATE(IZUZNAGP) NAME('zERT Network Analyzer Group') TYPE(GROUP) DEPT(deptacid)
TSS ADD(IZUZNAGP) GID(?)
TSS ADD(owningacid) APPL(IZUDFLT)
TSS ADD(owningacid) EJBROLE(IZUDFLT)
TSS ADD(owningacid) ZMFAPLA(IZUDFLT)
TSS PER(IZUZNA) APPL(IZUDFLT) ACC(READ)
TSS PER(IZUZNA) EJBROLE(PERMIT IZUDFLT.*.izuUsers)ACC(READ)
TSS PER(IZUZNA) ZMFAPLA(IZUDFLT.ZOSMF) ACC(READ)
TSS PER(IZUZNA) ZMFAPLA(IZUDFLT.ZOSMF.ZERT_NETWORK_ANALYZER) ACC(READ)
/* */
/* End Create the zERT Network Analyzer group */
/* */
/* */
/* Assign administrator privileges to IZUSVR */
/* */
RDEFINE EJBROLE +
IZUDFLT.com.ibm.ws.management.security.resource.Administrator +
UACC(NONE)
PERMIT +
IZUDFLT.com.ibm.ws.management.security.resource.Administrator +
CLASS(EJBROLE) ID(IZUSVR) ACCESS(READ)
TSS PER(IZUSVR) EJBROLE(IZUDFLT.com.ibm.ws.management.security.resource.Administrator) ACC(READ)
/* */
/* End Assign administrator privileges to IZUSVR */
/* */
/* Connect the users of the zERT Network Analyzer to the */
/* zERT Network Analyzer group */
/* CONNECT USERID GROUP(IZUZNA) */
/* TSS ADD(acid) GROUP(IZUZNAGP) PROFILE(IZUZNA)
/* End connect the users to zERT Network Analyzer group */
/* Need to REFRESH these classes for Roles */
SETROPTS RACLIST(APPL) REFRESH
SETROPTS RACLIST(ZMFAPLA) REFRESH
SETROPTS RACLIST(EJBROLE) REFRESH
*No equivalent and not need in TSS.
/* */
/* End "zERT Network Analyzer" Setup */
/* */
/*
Feedback
Yes
No
Powered by
