RACF to ACF2 conversion for setting up GDPS GUI v4.5
search cancel

RACF to ACF2 conversion for setting up GDPS GUI v4.5

book

Article ID: 260343

calendar_today

Updated On:

Products

ACF2 - z/OS

Issue/Introduction

RACF to ACF2 conversions are needed for setting up GDPS GUI V4.5.

 

Environment

Release : 16.0

Resolution

RACF to ACF2 conversions are shown in blue below.

RDEF STARTED BBGZANGL.* UACC(NONE) STDATA(USER(ANGLUSR) GROUP(WASGRP) PRIVILEGED(NO) TRUSTED(NO) TRACE(YES))
RDEF STARTED GEOSRV1.* UACC(NONE) STDATA(USER(GEOUSR1) GROUP(WASGRP) PRIVILEGED(NO) TRUSTED(NO) TRACE(YES))
RDEF SERVER BBG.ANGEL UACC(NONE)
*There are no ACF2 counterpart for RDEF as everything is protected by default* 


PERMIT BBG.ANGEL CLASS(SERVER) ACCESS(READ) ID(GEOUSR1)
SET T(ser) -->Verify what type code resource class SERVER is mapped to by issuing SHOW CLASMAP command and change it accordingly 
RECKEY BBG ADD( ANGEL SERVICE(READ) UID(uid of GEOUSR1) ALLOW)

RDEF SERVER BBG.ANGEL.namedAngelName UACC(NONE) 
* No ACF2 counterpart*
PERMIT BBG.ANGEL.namedAngelName CLASS(SERVER) ACCESS(READ) ID(GEOUSR1)
SET T(ser) -->Verify what type code resource class SERVER as explained above
RECKEY BBG ADD( ANGEL.namedAngelName SERVICE(READ) UID(uid of GEOUSR1) ALLOW)

RDEF SERVER BBG.AUTHMOD.BBGZSAFM UACC(NONE)
* No ACF2 counterpart*
PERMIT BBG.AUTHMOD.BBGZSAFM CLASS(SERVER) ACCESS(READ) ID(GEOUSR1)
SET T(ser) -->Verify what type code resource class SERVER as explained above
RECKEY BBG ADD( AUTHMOD.BBGZSAF SERVICE(READ) UID(uid of GEOUSR1) ALLOW)

RDEF SERVER BBG.AUTHMOD.BBGZSAFM.SAFCRED UACC(NONE)
* No ACF2 counterpart*
PERMIT BBG.AUTHMOD.BBGZSAFM.SAFCRED CLASS(SERVER) ACCESS(READ) ID(GEOUSR1)
SET T(ser) -->Verify what type code resource class SERVER as explained above
RECKEY BBG ADD( AUTHMOD.BBGZSAFM.SAFCRED SRVICE(READ) UID(uid of GEOUSR1) ALLOW)

RDEF SERVER BBG.AUTHMOD.BBGZSCFM UACC(NONE)
* No ACF2 counterpart*
PERMIT BBG.AUTHMOD.BBGZSCFM CLASS(SERVER) ACCESS(READ) ID(GEOUSR1)
SET T(ser) -->Verify what type code resource class SERVER as explained above
RECKEY BBG ADD( AUTHMOD.BBGZSCFM SERVICE(READ) UID(uid of GEOUSR1) ALLOW)

RDEF SERVER BBG.AUTHMOD.BBGZSCFM.WOLA UACC(NONE)
* No ACF2 counterpart*
PERMIT BBG.AUTHMOD.BBGZSCFM.WOLA CLASS(SERVER) ACCESS(READ) ID(GEOUSR1)
SET T(ser) -->Verify what type code resource class SERVER as explained above
RECKEY BBG ADD( AUTHMOD.BBGZSCFM.WOLA SERVICE(READ) UID(uid of GEOUSR1) ALLOW)

-Define the BBGZDFLT profile in the APPL class:
RDEFINE APPL BBGZDFLT UACC(NONE) OWNER(SYS1)
SETR RACLIST(APPL) REFRESH
* No ACF2 counterpart*
-Grant the users that will connect to the GDP GUI or API read access to it:
PERMIT BBGZDFLT CLASS(APPL) ACCESS(READ) ID(unauth_ID)
SET T(apl) -->Verify what type code resource class APPL is mapped to 
RECKEY BBGZDFLT ADD( - SERVICE(READ) UID(unauth_ID) ALLOW)

-Define the BBG.SECPFX.BBGZDFLT in the SERVER class and permit read access for the user ID of the Liberty server started task:
RDEFINE SERVER BBG.SECPFX.BBGZDFLT UACC(NONE)
* No ACF2 counterpart*
PERMIT BBG.SECPFX.BBGZDFLT CLASS(SERVER) ACCESS(READ) ID(GEOUSR1)
SET T(ser) -->Verify what type code resource class SERVER as explained above
RECKEY BBG ADD( ECPFX.BBGZDFLTA SERVICE(READ) UID(uid of GEOUSR1) ALLOW)

You will need to issue the following REBUILD commands if the directories are resident on your systems.

F ACF2,REBUILD(ser)
F ACF2,REBUILD(apl)

Powered by Wolken Software