Designated jobs and online users (or profiles) can be restricted to enter the system from designated terminals and readers. This is source of origin security. Adding SOURCE to a profile affects all users attached to that profile.
Source restriction is always checked during signon.
To restrict a user to a specified terminal/reader, enter the command:
TSS ADDTO(acid) SOURCE(terminalID/reader)
Examples: grant access by source of origin
This example restricts USER01 to signing on from terminal TESTNY002 only:
TSS ADDTO(USER01) SOURCE(TESTNY002)
Terminal TESTNY002 does not have to be defined to Top Secret to be a source. However, if the specified terminal is a protected resource, be sure the user is permitted to access it:
TSS PERMIT(USER01) TERMINAL(TESTNY002)
A source of origin restriction overrides TERMINAL authorization. If USER01 has a source restriction of TESTNY002 and USER01 is permitted to access terminal TESTNY999 as shown above, an attempt by USER01 to sign on from TESTNY999 results in a security violation.