search cancel

Does the started task CTS require the OPERATIONS attribute in RACF?


Article ID: 216337


Updated On:


TLMS Tape Management


We are reviewing our security and are questioning if CTS requires OPERATIONS attribute? 


Release : 12.6/14.0

Component : CA TLMS Tape Management


CTS does the actual scratching and uncataloging of DSN from CATTRS and online updates. CTS/TLMS address space needs to have create/delete authority to all data sets and ALTER authority all catalogs containing the tape data sets to allow the uncataloging of datasets when a volume is scratched.    


z/OS catalog management changed the way in which an entry is deleted from the OS/Catalog:

“To delete entries in a catalog, users need either ALTER authority to the data set or ALTER authority to the catalog. UPDATE is not sufficient for deleting (un-cataloging) a catalog entry. “

 The CTS STC must have ALTER authority to the OS/Catalog(s). 


1). Define  CTS into the started task table with a unique ID(CTS).     

2A). Update RACF to allow this userid(CTS) to have ALTER authority to the OS user cats.


2B). Give CTS OPERATOR authority. 


I would recommend using the 2A method in place of giving OPER authority.                                   

This will keep the OS Catalog in-sync with TLMS.