Have one of SCA which resigned from the bank, this SCA admin a lot of Profiles and Facilities, if we remove this SCA then the Profiles and Facilities will be gone, and will cause a lot of problems. Really want to remove this SCA acid, and need to know how to transfer the ADMIN BY of this SCA acid to other first before remove this SCA acid.
Release : 3.0, 16.0
Answer:
You don't transfer it's a Control Option so any Sec Admin doing a create, permit, add....ect will show who (what ACID) issued the command
example:
TSS ADD(acid) FAC(facname)
then
TSS LIST(acid)....will show who issued the command and when they did it
FACILITY = facname
ADMIN BY= BY(acid ) SMFID(xxxx) ON(mm/dd/yyyy) AT(hh:mm:ss)
ADMINBY—Record Administration Information
If you have the ADMINBY control option set, there will be ADMINBY
information stored when an ACID is CREATEd, when FACILITY is ADDed,
and when resources are PERMITTed. when you list the profile, the
ADMINBY information will include:
* Administrative ACID who performed the change
* Date, time and system SMFID where the change was performed
To see if you have the ADMINBY control option set, you can issue
TSS MODIFY and look for ADMINBY(YES). (If you see ADMINBY(NO), then
this is not set.)
******************************************************************************************
Answer:
Profile and Facilities Should not cause problem, Profiles are normally Owned by a Department .
If they want to be safe just they can create a new acid for the replacement.
TSS CRE(new SCA) USING(old SCA) NAME('new name') pass(xxx) ect....
They need to determine why the SCA needed all the Profile and Facilities, list out the Profiles and see who owns them and what other ACIDS are attached.
Was this client's job only to be a Sec Admin or was this a side job and the client also had another job and the Profile and Facilities were needed for that second job...they need to investigate.
TSS LIS(PROF) DATA(ALL)
example this shows only 1 SCA has it notice DEPT ACID = CMGR3DPT OWNS it:
ACCESSORID = NNNNN NAME = CMGR ADMIN PROFILE
TYPE = PROFILE SIZE = 512 BYTES
DEPT ACID = NNNNNN DEPARTMENT = NNNN DEPARTMENT
CREATED = 09/08/14 17:23 LAST MOD = 09/08/14 17:23
XA DTUTIL = CM3MUF. OWNER(NNNNNNNT)
ACCESS = ALL
XA DTADMIN = NNNNN. OWNER(NNNNNN)
ACCESS = ALL
XA DATASET = your dsname here OWNER(NNNNNN )
ACCESS = READ
XA DATASET =your dsname here OWNER(LDAP3DPT)
ACCESS = ALL
XA DATASET = your dsname here. OWNER(LDAP3DPT)
ACCESS = ALL
XA DATASET = your dsname here OWNER(LDAP3DPT)
ACCESS = READ
XA DCTABLE = NNNNNN. OWNER(LDAP3DPT)
ACCESS = ALL
ACIDS = NNNNN -SC
TSS0300I LIST FUNCTION SUCCESSFUL