search cancel

Does ACF2 RECKEY ADD subcommand validate duplicate entries within subsequent NEXTKEYs?

book

Article ID: 190029

calendar_today

Updated On:

Products

ACF2 ACF2 - z/OS

Issue/Introduction

Using the RECKEY ADD command to add user id access to ACF2 resource keys.  But in scenarios where access
is provided for an ID within a NEXTKEY of the resource, RECKEY ADD on the primary key does not reflect it as a duplicate.
Please advise if this is the nature how it works.


Example : 

ABCD KEY :
$KEY(ABCD) TYPE(CKP)
UID(*) NEXTKEY(ABCDNXT1)


ABCDNXT1 KEY:

$KEY(ABCDNXT1) TYPE(CKP)
$PREFIX(ABCD)
UID(ABCDEFG) ALLOW 


RECKEY ADD : 

SET RES(CKP)
RECKEY ABCD ADD(UID(ABCDEFG) ALLOW)


This inserts a rule line in rule ABCD and does not validate the NEXTKEY.

Environment

Release : 16.0
Component : CA ACF2 for z/OS

Resolution

ACF2 RECKEY processing is expected in that the RECKEY will not check for duplicate
entries within the NEXTKEY rules. 

This was consistent with ACF2 rule definitions using PGM=ACFBCOMP and COMPILE
of the primary $KEY and the duplicate was not noted if within the NEXTKEY rule.