Why a TSS administrator can only administer to certain acids and not others.
A TSS administrator is trying to cloning accounts that have an OMVS Segment.
Currently our TSS administrator with Zone access cannot clone these accounts and receives a:
TSS0352E ACID NOT OWNED WITHIN SCOPE
but our admin accounts with central access can clone these accounts.
Is there a way to allow our zone admin accounts access to create an account that has an OMVS segment."
Release: TOPSEC00200-15-Top Secret-Security
SCA type administrators have scope over everyone. It can administer to any acid on the security file.
A Zone should be able to clone the accounts assuming that accounts fall under their scope.
The type of TSS admin determines an admins scope over other acids.
Example a DCA type TSS admin is a department type admin. They can only modify those acid that are in its own department which is their scope.
A VCA or Division type administrator has more scope. There are many departments that fall under a Division. A VCA can only administer to those acids that are in departments under the Division.
Zone type admins have many Divisions under its scope. It can only administer to those acids for those Divisions.
Please see the following doc regarding scope.