CEMWTO1I received for TSS MODIFY FAC(ALL) in Compliance Event Manager
search cancel

CEMWTO1I received for TSS MODIFY FAC(ALL) in Compliance Event Manager

book

Article ID: 227789

calendar_today

Updated On:

Products

Top Secret

Issue/Introduction

Received the following message from Compliance Event Manager:

CEMWTO1I ESM CHANGE DETECTED ON xxxxx BY acid ON LPAR lpar 29-OCT-2021 AT 10:00:00 RUN A CEM ESM REPORT

When issuing a:

F TSS,FAC(ALL)

The following security violations are received:                                                  

TSS7251E ACCESS DENIED TO CASECAUT <TSSCMD.ADMIN.MODIFY>

IEF196I TSS7251E ACCESS DENIED TO CASECAUT <TSSCMD.ADMIN.MODIFY>

Resolution

TSS MODIFY commands allow you to change or display Top Secret Control Options.

It is normal to want to track TSS MODIFY commands usage since it has the ability to display Top Secret configuration and make Top Secret configurations changes.

Issuing the TSS MODIFY command requires the CONSOLE attribute via:

TSS ADD(acid) CONSOLE

or a PERMIT to:

TSS PER(acid) CASECAUT(TSSCMD.ADMON.MODIFY) ACC(PRIVILEG)