Is it possible to control the system command through SOLVE or Netmaster region ?
search cancel

Is it possible to control the system command through SOLVE or Netmaster region ?

book

Article ID: 45783

calendar_today

Updated On:

Products

CMDB for z/OS NetSpy Network Performance NetMaster Network Automation SOLVE NetMaster Network Management for SNA NetMaster Network Management for TCP/IP NetMaster File Transfer Management SOLVE:Operations Automation SOLVE:Access Session Management SOLVE:FTS

Issue/Introduction

Is it possible to control the system command through SOLVE or Netmaster region ?

 

 

Environment

Release: SLOPFC00200-12.1-NetMaster-File Transfer Management
Component:

Resolution

Answer :


A system command can be submitted through SYSCMD ocs command from a SOLVE or Netmaster region.
This command like others OCS commands are not controlled by the security exit (Full or Partial) relevant to the first level of security.
The control of OCS commands are part of the second level of security.
For this purpose, it is possible to control SYSCMD by either one of the two following methods :

1. NPF (Network Partitioning Facility)
This feature can be implemented to control access to an ocs command, system command, menu, resource, database, ...
When the NPF is implemented for the system command, it is possible to specify which system command is allowed or not allowed.

 

  1. SYSCMD ncl procedure
    The SYSCMD is set with the command replacement through SYSPARM CMDREPL by default. When the SYSPARM CMDREPL is effective for SYSCMD, the SYSCMD NCL procedure is executed first before invoking the SYSCMD command. A sample of SYSCMD is provided in hlq.CC2DEXEC library to enhance security in OCS windows.
    The command replacement for SYSCMD is specified through the parameter group $NM CMDREPLS to get the permanent assignment.

 

Note : The System Command is always under the control of OPERCMDS security profile set for the user by the security system.

 

 

Additional Information

The complete description can be found from CA Solve:Operations Automation Security Guide 11.9 - Chapter 6 : Implementing Resource-Level security - Controlling Access to Functions and Resources by Using NPF.