ACF2 Scope for LID gets NOT AUTHORIZED TO LIST THIS LOGONID RECORD msg with LIST logonid
search cancel

ACF2 Scope for LID gets NOT AUTHORIZED TO LIST THIS LOGONID RECORD msg with LIST logonid

book

Article ID: 189901

calendar_today

Updated On:

Products

ACF2 ACF2 - DB2 Option ACF2 for zVM ACF2 - z/OS ACF2 - MISC LDAP SERVER FOR Z/OS PAM CLIENT FOR LINUX ON MAINFRAME WEB ADMINISTRATOR FOR TOP SECRET

Issue/Introduction

Setting up a scope list for a user to maintain profiles and userids. Scope list UID(IZPT-) INF(RIZP-)    
TSO, ACF, LIST of logonid gets: NOT AUTHORIZED TO LIST THIS LOGONID RECORD  

Environment

Release : 16.0

Component : CA ACF2 for z/OS

Resolution

When using a SCOPE record the UID and LID need to be specified together:

UID
Specifies the one to 24-character UID or UID mask to be placed in the scope of the logonid. You must also specify a LID entry to permit access to the Logonid database.

LID
Specifies logonids or logonid masks that the scoped logonid can create, list, alter, or delete. You must also specify a UID entry to permit access to records in the Logonid database.

Typically if you specify a UID, you can specify LID(-). You can either add LID(-) or LID(CSI-) and the SCOPE record should work. After making any change to a SCOPE record be sure to issue the 'F ACF2,REBUILD(SCP),CLASS(S)'