I have updated the SECURITY COMMAND GROUP section to contain the entry GSVCICS A to allow all CICS commands.
That does not seem to prevent other commands from being issued, such as PRISM, LINKLIST, etc.
I see in the COMMANDS SECTION that I can set the access column to fail or allow any command and this does work without a problem.
I would like to have for example certain CICS commands and certain MVS commands be available but not all commands.
Is there another way to accomplish without having to update the access setting for each entry in the list? What is the best way to accomplish this?
Release : 16.0
Component : SYSVIEW
Note: You need to be attached to the SYSVIEW ADMIN security group in order to use the SECURITY command in SYSVIEW for the following command restrictions.
Note: All SYSVIEW commands are listed in each command group. The feature group like CICS or MVS commands are included for that feature group (i.e. Include with a value of YES). All others are marked with an include value of NO.
Scenario: The Customer creates two command groups, CICSCMDS and MVSCMDS, by copying command groups GSVCICS and GSVMVS. He would like to restrict his user to ONLY these two sets of feature commands with some of the these commands to also be restricted. If a command is not included ( i.e. Include set to NO) in either group, allow is by default set in the the Commands Section of the User Group. To allow the user to only have allow to the CICSCMDS included commands and the MVSCMDS included commands and not have access to any other commands in any other feature groups, please follow the steps documented below.
This should result in all commands NOT in the CICS or MVS command groups being failed (since they will be failed by group GSVALL) except for commands in CICSCMDS and MVSCMDS unless they are specifically marked as Fail in the Commands Section.
Any feature command groups can be Allowed without allowing all commands if this process is followed.
Additional information on SYSVIEW Security using command groups can be found at the following link: