Is it possible to control the system command through SOLVE or NetMaster region ?
Article ID: 45783
Updated On:
Products
NetMaster Network Automation
SOLVE
NetMaster Network Management for SNA
NetMaster Network Management for TCP/IP
NetMaster File Transfer Management
SOLVE:Operations Automation
SOLVE:Access Session Management
SOLVE:FTS
Issue/Introduction
Is it possible to control the system command through SOLVE or NetMaster region ?
Resolution
A system command can be submitted through SYSCMD OCS command from a SOLVE or NetMaster region.
This command like others OCS commands are not controlled by the security exit (Full or Partial) relevant to the first level of security.
The control of OCS commands are part of the second level of security.
For this purpose, it is possible to control SYSCMD by either one of the two following methods :
- NPF (Network Partitioning Facility)
This feature can be implemented to control access to an ocs command, system command, menu, resource, database, ...
When the NPF is implemented for the system command, it is possible to specify which system command is allowed or not allowed. - SYSCMD ncl procedure
The SYSCMD is set with the command replacement through SYSPARM CMDREPL by default. When the SYSPARM CMDREPL is effective for SYSCMD, the SYSCMD NCL procedure is executed first before invoking the SYSCMD command. A sample of SYSCMD is provided in hlq.CC2DEXEC library to enhance security in OCS windows.
The command replacement for SYSCMD is specified through the parameter group $NM CMDREPLS to get the permanent assignment.
Note : The System Command is always under the control of OPERCMDS security profile set for the user by the security system.
Additional Information
Feedback
Yes
No
Powered by
