search cancel

ACF2,a large number of ACC-CNT updates from one logon?

book

Article ID: 202482

calendar_today

Updated On:

Products

ACF2 ACF2 - z/OS ACF2 - MISC

Issue/Introduction

When using a IBM product called IDZ  IBM Development Tool for z/OS  and when the user just does a connect and logon the security admin noticed that the ACC-CNT count jumps by 20+.  What updates the ACC-CNT field of a logonid?

 

Environment

Release : 16.0

Component : CA ACF2 for z/OS

Resolution

ACF2 updates the ACC-CNT field any time a system entry validation is done. To verify how the logonid is being used, add the logonid MON-LOG bit field to the user logonid in question, have the user connect and logon and then run the ACFRPTPW report to see the jobname, submitter, source and program that drove the system entry validation for that logonid. 

To turn on the MON-LOG bit field from TSO, ACF:

ACF
CHANGE logonid MON-LOG

Sample ACFRPTPW report JCL:

//REPORT  EXEC PGM=ACFRPTPW                     
//SYSPRINT DD SYSOUT=*                          
//RECMAN1  DD DISP=SHR,DSN=SYS1.MAN1            
//RECMAN2  DD DISP=SHR,DSN=SYS1.MAN2            
//RECMAN3  DD DISP=SHR,DSN=SYS1.MAN3            
//SYSIN    DD *                                 
TITLE(ACFRPTPW)                                 
/*