Find All LCF Rules
search cancel

Find All LCF Rules

book

Article ID: 18710

calendar_today

Updated On:

Products

Cleanup Datacom DATACOM - AD CIS COMMON SERVICES FOR Z/OS 90S SERVICES DATABASE MANAGEMENT SOLUTIONS FOR DB2 FOR Z/OS COMMON PRODUCT SERVICES COMPONENT Common Services CA ECOMETER SERVER COMPONENT FOC Easytrieve Report Generator for Common Services INFOCAI MAINTENANCE IPC UNICENTER JCLCHECK COMMON COMPONENT Mainframe VM Product Manager CHORUS SOFTWARE MANAGER CA ON DEMAND PORTAL CA Service Desk Manager - Unified Self Service PAM CLIENT FOR LINUX ON MAINFRAME MAINFRAME CONNECTOR FOR LINUX ON MAINFRAME GRAPHICAL MANAGEMENT INTERFACE WEB ADMINISTRATOR FOR TOP SECRET Xpertware Top Secret Top Secret - LDAP Top Secret - VSE

Issue/Introduction

Is there a way to find all LCF rules?

 

Environment

Release: TOPSEC00200-15-Top Secret-Security
Component:

Resolution

Answer:

To find who has access to an LCF, run TSSCFILE during off peak hours with the following commands:

 

TSS LIST(ACIDS) DATA(LCF)       
TSS LIST(ALL) DATA(LCF)

 

Record id 2100 will contain the LCF facility (ie CICSPROD) in columns 33 through 40.
Record id 2101 will contain authorized commands (inclusive list) in columns 33 through 40, and, if more then one LCF, columns 42 through 49, 51 through 58, etc.
Record id 2102 will contain exempt commands (exclusive list) in columns 33 through 40, and, if more then one LCF, columns 42 through 49, 51 through 58, etc.

The inclusive list says only these transactions can be issued. Any acid with an inclusive list containing the transaction will have access to that

transaction. The exclusive list says any transactions but the ones in the list can be issued. If only inclusive lists exist on the ACIDs, the TSSCFILE output can be searched for the specific transaction. If there are exclusive lists, these will need to be reviewed to determine which exclusive lists do NOT contain the transaction. An EARL, SAS, or other program can be written to search the output. Note that if any 2102 record ids are in the output, those are exclusive lists.

For more information on TSSCFILE, see chapter 5 of the CA Top Secret r15 Report and Tracking Guide and member TSSCFILE in the TSS CAKOJCL0 library.

Powered by Wolken Software