CA ACF2 defines a maintenance logonid as one that has the MAINT privilege bit and there is an associated GSO MAINT record that defines the program, library, and logonid that make up the "maintenance" environment.

This is a powerful feature that gives the MAINT logonid access to all datasets when in the "maintenance" environment without any logging or rule validation.

To establish a maintenance environment for a logonid requires two pieces. A GSO MAINT record to describe the environment, and the specified logonid must have either the MAINT privilege.

Here is an example of how to set up a maintenance environment for HSM (from ACF mode under TSO):

1.  Create the logonid called HSMLID

SET LID

INSERT LOGONID HSMLID NAME(HSM UTILITY) RESTRICT JOB MAINT

2.  Creating the GSO MAINT record:

SET CONTROL(GSO)

INSERT MAINT.HSM LIBRARY(SYS1.LINKLIB) PGM(HSM) LOGONID(HSMLID)

F ACF2,REFRESH(MAINT)

In the above example, when a job executes program HSM from SYS1.LINKLIB, and uses logonid HSMLID, and HSMLID has the MAINT privilege, then the maintenance environment is established. If the logonid does not have MAINT, or if a different logonid is used, then the maintenance environment is not established. If the program is not from SYS1.LINKLIB, or if it is a different program, then again the maintenance environment is not established.

The important aspect of this maintenance environment is that CA ACF2 will not journal any SMF records if it determines that the correct logonid/library/program maintenance conditions have been met, and will not issue any ACF99913 violation or ACF99900 logging messages. This powerful feature is usually reserved for system maintenance functions. Examples include system backup processing, disk compression, and dataset archiving.

Consult the CA ACF2 Administrator Guide for additional information related to the MAINT logonid privilege and the GSO MAINT record.