Is there a recommended ACF2 GSO SAFDEF for the product IAM?
search cancel

Is there a recommended ACF2 GSO SAFDEF for the product IAM?

book

Article ID: 13652

calendar_today

Updated On:

Products

ACF2 ACF2 - DB2 Option ACF2 for zVM ACF2 - z/OS ACF2 - MISC PanApt PanAudit

Issue/Introduction



Is there a recommended ACF2 GSO SAFDEF for the product IAM?

Environment

Release:
Component: ACF2MS

Resolution

The IAM file opens are not picked up by the ACF2 open intercept so the SAF AUTH call from SVC019 is being ignored so no validations will be validated essentially no security for IAM file opens. Adding the SAFDEF that will force the validations if they are issued by IAM. 

ACF
SET C(GSO)
INSERT SAFDEF.IAM MODE(GLOBAL) ID(IAM) RB(SVC019) -
RACROUTE(REQUEST= AUTH CLASS=DATASET REQSTOR=IAMAVSOC) REP
F ACF2,REFRESH(SAFDEF) 

After adding the above SAFDEF ACF2 dataset access rules will be needed to IAM file opens.

Powered by Wolken Software