ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

ACF2 resource rule question about what kind of access does ALLOW give?

book

Article ID: 185911

calendar_today

Updated On:

Products

ACF2 ACF2 - DB2 Option ACF2 for zVM ACF2 - z/OS ACF2 - MISC LDAP SERVER FOR Z/OS PAM CLIENT FOR LINUX ON MAINFRAME WEB ADMINISTRATOR FOR TOP SECRET

Issue/Introduction

When assigning access to a General Resource Rule, if you assign ALLOW access, what kind of access does ALLOW give?  

Environment

Release : 16.0

Component : CA ACF2 for z/OS

Resolution

When specifying ALLOW on a resource rule it will give access to what is specified in the SERVICE value. If no SERVICE keyword is specified, all services are the default. So in effect, if SERVICE is not specified the user is granted access to READ, ADD, UPDATE, DELETE, EXECUTE.

Additional Information

Please see documentation for further guidance https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-mainframe-software/security/ca-acf2-for-z-os/16-0/administrating/administer-rules/resource-rules/resource-rule-entries.html