ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Top Secret with ACTION(AUDIT) PERMIT

book

Article ID: 196572

calendar_today

Updated On:

Products

Top Secret

Issue/Introduction

How to grant access to EXTENDED ADMINISTRATION AUTHORITIES

Is there a report that will display all dataset PERMITs that have ACTION(AUDIT)

 

Environment

Release : 16.0

Component : CA Top Secret for z/OS

Resolution

TSS PERMIT(acid) DSN(xxxx)  ACTION(ADMIN)

The ACTION(ADMIN) keyword gives the security administrator the ability to allow ACIDs 
within his scope the authority to administer resources that are not within the permitted ACID's scope. 
If an access level is not specified, Top Secret permits the default access level for that resource class.
Note: ACTION(ADMIN) is not valid for Profile type ACIDs.

 

Currently there is no report that will display add datasets that have a PERMIT with ACTION(AUDIT).

The closest thing functionality is a TSS WHOHAS for a specific dataset prefix which will show you all the PERMITs for that dataset prefix. If any of the PERMITs have ACTION(AUDIT), it will show up in the display. A user written program could be created to extract the information from the TSS WHOHAS output.

Another alternative could be to run a  TSSCFILE batch utility to dump all the permits to a dataset, then a user written program or report generating program could extract all the PERMITs with ACTION(AUDIT).