ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Can Roles in ACF2 have USERS and ROLES specified together?

book

Article ID: 143568

calendar_today

Updated On:

Products

ACF2 ACF2 - DB2 Option ACF2 for zVM ACF2 - z/OS ACF2 - MISC

Issue/Introduction

Is it possible to create a group that contains both other roles AND users?

this is a user:  CPOSRV               ASPDSTC         CPOSRV   CPOSRV TASK ACID  

this is a role:  DEV**** / SWASIS LAST CHANGED BY DXF125 ON 20/01/20-16:35     
                     INCLUDE(DPM701 MXG120 NBV343 SXR056) ROLE

If a group role record is inserted will it look for CPOSRV and SWASIS as lids or roles?

INS CPOQUERY INCLUDE(CPOSRV SWASIS)  GROUP

Environment

Release : 16.0

Component : CA ACF2 for z/OS

Resolution

A group role record cannot be created to include both users and roles.

  • ROLE indicates that the record defines a group of users.
  • GROUP indicates that the record defines a group of roles. Specify GROUP only when you want to define an X ROL record that includes other X ROL records.

If the role record is specified as a group record it assumes all includes are role records, not users.

In the example, all the users in the SWASIS role would be included plus anyone in the CPOSRV role. The user CPOSRV would not be included unless it was included in the CPOSRV role.