CA Top Secret Equivalents To the RACF Commands To Define/Permit New Authorization Profiles To The $OMEGZOS Class
Article ID: 132587
Updated On:
Products
Top Secret
Top Secret - LDAP
Issue/Introduction
Please define authorization profiles to the "$OMEGZOS" class as described by (RACF samples):
RDEFINE $OMEGZOS KOBUI.ADMIN.LISTUSERS UACC(NONE)
RDEFINE $OMEGZOS KOBUI.ADMIN.TRACE.** UACC(NONE)
RDEFINE $OMEGZOS KOBUI.ADMIN.MEMBER.WRITE.** UACC(NONE)
RDEFINE $OMEGZOS KOBUI.ADMIN.PREFS.AUTOUPDATE UACC(NONE)
RDEFINE $OMEGZOS KOBUI.USER.COMMAND.** UACC(NONE)
RDEFINE $OMEGZOS KOBUI.ADMIN.USEHUB.** UACC(NONE)
RDEFINE $OMEGZOS KOBUI.ADMIN.DEFINEHISTORY.** UACC(NONE)
RDEFINE $OMEGZOS KOBUI.ADMIN.KILLUSER UACC(NONE)
RDEFINE $OMEGZOS KOBUI.ADMIN.SITEDITOR UACC(NONE)
RDEFINE $OMEGZOS KOBUI.ADMIN.OBJECTEDITOR UACC(NONE)
RDEFINE $OMEGZOS O4SRV.** UACC(NONE)
RDEFINE $OMEGZOS SYSTEM.** UACC(NONE)
SETROPTS RACLIST($OMEGZOS) REFRESH
Afterwards, please authorize ID to these profiles.
PERMIT KOBUI.ADMIN.LISTUSERS ID(user) ACCESS(READ) CLASS($OMEGZOS)
PERMIT KOBUI.ADMIN.TRACE.** ID(user) ACCESS(READ) CLASS($OMEGZOS)
PERMIT KOBUI.ADMIN.MEMBER.WRITE.** ID(user) ACCESS(UPDATE) CLASS($OMEGZOS)
PERMIT KOBUI.ADMIN.PREFS.AUTOUPDATE ID(user) ACCESS(READ) CLASS($OMEGZOS)
PERMIT KOBUI.USER.COMMAND.** ID(user) ACCESS(UPDATE) CLASS($OMEGZOS)
PERMIT KOBUI.ADMIN.USEHUB.** ID(user) ACCESS(READ) CLASS($OMEGZOS)
PERMIT KOBUI.ADMIN.DEFINEHISTORY.** ID(user) ACCESS(UPDATE) CLASS($OMEGZOS)
PERMIT KOBUI.ADMIN.KILLUSER ID(user) ACCESS(UPDATE) CLASS($OMEGZOS)
PERMIT KOBUI.ADMIN.SITEDITOR ID(user) ACCESS(UPDATE) CLASS($OMEGZOS)
PERMIT KOBUI.ADMIN.OBJECTEDITOR ID(user) ACCESS(UPDATE) CLASS($OMEGZOS)
PERMIT O4SRV.** ID(user) ACCESS(READ) CLASS($OMEGZOS)
PERMIT SYSTEM.** ID(user) ACCESS(READ) CLASS($OMEGZOS)
Environment
Release:
Component: TSSMVS
Component: TSSMVS
Resolution
TSS Equivalent
TSS ADD(dept) $OMEGZOS(KOBUI.ADMIN.) Or, if you prefer, you can do: TSS ADD(dept) $OMEGZOS(KOBUI.)
TSS ADD(dept) $OMEGZOS(O4SRV.)
TSS ADD(dept) $OMEGZOS(SYSTEM.)
where 'dept' is the department ACID to own the resources
For the PERMITs:
TSS PER(user) $OMEGZOS(KOBUI.ADMIN.LISTUSERS) ACC(READ)
TSS PER(user) $OMEGZOS(KOBUI.ADMIN.TRACE.) ACC(READ)
TSS PER(user) $OMEGZOS(KOBUI.ADMIN.MEMBER.WRITE.) ACC(UPDATE)
TSS PER(user) $OMEGZOS(KOBUI.ADMIN.PREFS.AUTOUPDATE) ACC(READ)
TSS PER(user) $OMEGZOS(KOBUI.USER.COMMAND.) ACC(UPDATE)
TSS PER(user) $OMEGZOS(KOBUI.ADMIN.USEHUB.) ACC(READ)
TSS PER(user) $OMEGZOS(KOBUI.ADMIN.DEFINEHISTORY.) ACC(UPDATE)
TSS PER(user) $OMEGZOS(KOBUI.ADMIN.KILLUSER) ACC(UPDATE)
TSS PER(user) $OMEGZOS(KOBUI.ADMIN.SITEDITOR) ACC(UPDATE)
TSS PER(user) $OMEGZOS(KOBUI.ADMIN.OBJECTEDITOR) ACC(UPDATE)
TSS PER(user) $OMEGZOS(O4SRV.) ACC(READ)
TSS PER(user) $OMEGZOS(SYSTEM.) ACC(READ)
TSS ADD(dept) $OMEGZOS(KOBUI.ADMIN.) Or, if you prefer, you can do: TSS ADD(dept) $OMEGZOS(KOBUI.)
TSS ADD(dept) $OMEGZOS(O4SRV.)
TSS ADD(dept) $OMEGZOS(SYSTEM.)
where 'dept' is the department ACID to own the resources
For the PERMITs:
TSS PER(user) $OMEGZOS(KOBUI.ADMIN.LISTUSERS) ACC(READ)
TSS PER(user) $OMEGZOS(KOBUI.ADMIN.TRACE.) ACC(READ)
TSS PER(user) $OMEGZOS(KOBUI.ADMIN.MEMBER.WRITE.) ACC(UPDATE)
TSS PER(user) $OMEGZOS(KOBUI.ADMIN.PREFS.AUTOUPDATE) ACC(READ)
TSS PER(user) $OMEGZOS(KOBUI.USER.COMMAND.) ACC(UPDATE)
TSS PER(user) $OMEGZOS(KOBUI.ADMIN.USEHUB.) ACC(READ)
TSS PER(user) $OMEGZOS(KOBUI.ADMIN.DEFINEHISTORY.) ACC(UPDATE)
TSS PER(user) $OMEGZOS(KOBUI.ADMIN.KILLUSER) ACC(UPDATE)
TSS PER(user) $OMEGZOS(KOBUI.ADMIN.SITEDITOR) ACC(UPDATE)
TSS PER(user) $OMEGZOS(KOBUI.ADMIN.OBJECTEDITOR) ACC(UPDATE)
TSS PER(user) $OMEGZOS(O4SRV.) ACC(READ)
TSS PER(user) $OMEGZOS(SYSTEM.) ACC(READ)
Feedback
Yes
No
Powered by
