Accessing the same DB2TABLE resource with the same DB2 batch processing, the access results vary depending on the user.
- PERMIT definition of DB2TABLE resource;
----------------------------------------------------------------------------
TSS WHOH DB2DBASE(ddddddd)
DB2DBASE = ddddddd OWNER(dept )
XAUTH = ddddddd ACID(aaaaa )
ACCESS = NONE
FAC = DSN1B
ACTION = FAIL
- Comparison of TSSUTIL report results;
DATE TIME SYSI ACCESSOR JOBNAME FFM VC PROGRAM R-ACCESS A-ACCESS SRC/DRC SEC RESOURCE (TYPE & NAME) JOBID TERMINA
-------- -------- ---- -------- -------- --- -- -------- -------- -------- ------- --- ---------------------------- ------- -------
20/08/31 17:52:41 ssss acid1 jjjjjjjj 3 F 01 DSNECP10 DROP NONE *08*-97 OPN ? ddddddd J030252 INTRDR
20/08/31 17:52:41 ssss acid1 jjjjjjjj 3 F 02 DSNECP10 CRETS NONE *08*-97 78 ? ddddddd J030252 INTRDR
20/08/31 17:52:42 ssss acid1 jjjjjjjj 3 F 03 DSNECP10 CRETAB NONE *08*-97 78 ? ddddddd J030252 INTRDR
20/08/31 17:52:43 ssss acid1 jjjjjjjj 3 F 04 DSNUTILB IMAGCOPY NONE *08*-97 78 ? ddddddd J030252 INTRDR
20/08/31 17:52:44 ssss acid1 jjjjjjjj 3 F 05 DSNUTILB STATS NONE *08*-97 78 ? ddddddd J030252 INTRDR
20/08/31 17:52:44 ssss acid1 jjjjjjjj 3 F 06 DSNUTILB REORG NONE *08*-97 78 ? ddddddd J030252 INTRDR
20/08/31 17:52:46 ssss acid1 jjjjjjjj 3 F 07 DSNUTILB IMAGCOPY NONE *08*-97 78 ? ddddddd J030252 INTRDR
20/08/31 17:52:48 ssss acid1 jjjjjjjj 3 F 17 DSNUTILB RECOVDB NONE *08*-97 78 ? ddddddd J030252 INTRDR
-------- -------- ---- -------- -------- --- -- -------- -------- -------- ------- --- ---------------------------- ------- -------
20/09/01 13:38:13 ssss acid2 jjjjjjjj B W IKJEFF04 OK VFX T030573 INTRDR
20/09/01 13:38:13 ssss acid2 jjjjjjjj B W HOSCNVT PSCHK=NO SIGNON OK INI NAME=name
20/09/01 13:38:13 ssss acid2 jjjjjjjj B W HOSCNVT OK TRM
20/09/01 13:38:13 ssss acid2 jjjjjjjj B W IEFIIC PSCHK=NO SIGNON OK INI NAME=name J030574 INTRDR
20/09/01 13:38:13 ssss acid2 jjjjjjjj B W IEFIIC OK TRM J030574 INTRDR
20/09/01 13:38:13 ssss acid2 jjjjjjjj B W IEFIIC PSCHK=NO SIGNON OK INI NAME=name J030574 INTRDR
20/09/01 13:38:27 ssss acid2 jjjjjjjj B W IEFIIC OK TRM J030574 INTRDR
-------- -------- ---- -------- -------- --- -- -------- -------- -------- ------- --- ---------------------------- ------- -------
Release : 16.0
Component : CA Top Secret for z/OS
Review the DSNZPARM settings. 'acid2' is defined as an INSTALL SYSADM/SYSADM2 id. That authid is not subject to any security authorization checking.
That would explain why the ID had the TSSUTIL events for signon and signoff type events.