TCPIP STC not displayed within SYSVIEW
search cancel

TCPIP STC not displayed within SYSVIEW

book

Article ID: 384501

calendar_today

Updated On:

Products

SYSVIEW Performance Management

Issue/Introduction

Trying to view the TCPIP STC under SYSVIEW product. 
One userid can see TCPIP STC, the other one userid2 cannot. 

Could that be related to external security with RACF, TOP SECRET or ACF2? 

 

Environment

SYSVIEW 17.0 - z/OS supported releases - 

Resolution

Implementing External Security (SAF): 

Enabling External Security in SYSVIEW is controlled by defining a SAF Entity Class in the External Security Section of an Internal  Security Group.

This allows for the possibility of turning on  External Security for some users, but not others. The default  SAF Class is NONE, meaning that no SAF calls are made. Even though External Security may be in use, users will still be assigned to an Internal Security Group that will be used to determine External Security settings.

The control access using SAF can be done with the JTYP entity (JTYP - Control Job Access Based on Job Type). 

The JTYP entity controls access to jobs based on job type.

The JTYP entity has the following format:

SV.JTYP.system.qualifier.jobtype  

The control access using SAF can be done with the USER entity (USER - Control Job Access Based on User ID)

USER - Control Job Access Based on User ID
The USER entity controls access to jobs based on the user ID value for the job.
If the USER entity checks allow access, then all other job name checks are skipped. The USER entity is the first check when a SAF job name (JOBN) call is made.

The USER entity has the following format:

SV.USER.system.qualifier.userid  

In case of problems, enabling the WARN mode can be useful to find the problem: 

WARN mode provides a means to trace SAF calls being made when External Security is enabled.

WARN mode can be enabled by permitting access to:
 
    SV.WARN.<smfid>.<entity_type>
 
    to trace only specific entity type calls, or by granting access to:
 
    SV.WARN.<smfid>.*
 
    to trace all SAF calls made by the user. 

 

 

Additional Information