search cancel

Newly defined ACF2 Roles not working for z/OS Connect

book

Article ID: 198517

calendar_today

Updated On:

Products

ACF2 ACF2 - DB2 Option ACF2 for zVM ACF2 - z/OS ACF2 - MISC LDAP SERVER FOR Z/OS PAM CLIENT FOR LINUX ON MAINFRAME WEB ADMINISTRATOR FOR TOP SECRET

Issue/Introduction

When trying to use z/OS Connect software using ACF2 role groups, the user is not being restricted from using different functions based on the role that the user is defined to. Why is this occurring?

Environment

Release : 16.0

Component : CA ACF2 for z/OS

Resolution

ROLESETs and TGR resource rules for Supplemental groups were created correctly, but the following rebuild and refresh commands needed to be issued in order to rebuild the OMVS table and resident directories:

F ACF2,REBUILD(TGR)

F ACF2,REUBUILD(GRP),CLASS(P)

F ACF2,REBUILD(USR),CLASS(P)

F ACF2,OMVS

Once these commands were issued, the ROLESETs functioned as expected.