Does ACF2 have an equivalent to the RACF LIMITED option?


Article ID: 144451


Updated On:


CA ACF2 CA ACF2 - DB2 Option CA ACF2 for zVM CA ACF2 - z/OS CA ACF2 - MISC


Getting the message : CWWKS2908W: SAF unauthenticated user WSGUEST does not have the RESTRICTED attribute set. which may be related to RACF LIMITED option/restriction.



Release : 16.0
Component : CA ACF2 for z/OS


ACF2 PTF SO08598 is required for support of the LIMITED logonid restriction. The PTF is available for download from our Broadcom Support Portal. Details on the LIMITED logonid field follows.
Specifies that a user has limited access to datasets and resources. LIMITED is the ACF2 equivalent to the RACF RESTRICTED attribute. A LIMITED user cannot access the datasets or resources if the applicable rule entry is a UID(*) ALLOW rule. Assigning LIMITED to a user also restricts access to UNIX files and directories as documented under the RSTDACC field.

Details on the logonid LIMITED field as wekk as other logonid fields can be found in section: "Logonid Record Sections and Fields" in the ACF2 documentation.