Administrative Authorities Required For TSSFAR, TSSMAINT, And TSSXTEND
search cancel

Administrative Authorities Required For TSSFAR, TSSMAINT, And TSSXTEND

book

Article ID: 48172

calendar_today

Updated On:

Products

Top Secret

Issue/Introduction

What Top Secret administrative authorities are required for TSSFAR, TSSMAINT, and TSSXTEND?

Resolution

TSSMAINT:

No administrative authority is needed for the TSSMAINT utility.

TSSXTEND:

The MSCA may run TSSXTEND. In addition, a user with one of the following authorizations may also run TSSXTEND:

  * Has USE access to the TSSUTILITY.TSSXTEND entity in the CASECAUT resource class for any function but ZAP.

  • To grant a user this level of access, an administrator can issue the following command:

               TSS PERMIT(user) CASECAUT(TSSUTILITY.TSSXTEND) ACCESS(USE)

  * Has UPDATE access to TSSUTILITY.TSSXTEND entity in the CASECAUT resource class for using the ZAP function.

  • To grant a user this level of access, an administrator can issue the following command:

               TSS PERMIT(user) CASECAUT(TSSUTILITY.TSSXTEND) ACCESS(UPDATE)

TSSFAR:

The following users may run TSSFAR:

  * The MSCA

  * A user with no administrative authority may use TSSFAR if given given USE access to entity TSSUTILITY.TSSFAR in the 
    CASECAUT resource class.

     This access may be granted by an administrator using the following command:

             TSS PERMIT(user) CASECAUT(TSSUTILITY.TSSFAR) ACCESS(USE)

             Before permitting, the resource must be owned:

             TSS ADD(dept) CASECAUT(TSSUTILITY.)

    This authority can now be used to allow users with no administrative authorities to run the following utilities:

    TSSUTIL, TSSTRACK, TSSAUDIT, TSSCHART, TSSCFILE, TSSXTEND, TSSSIM, and TSSFAR

If they have the proper authority in TSSUTILITY.utilityname in the CASECAUT resource class. SCOPE limitations for utilities like TSSUTIL, TSSTRACK, TSSCHART, TSSSIM and TSSCFILE still apply.

Access to the utilities should be restricted to the MSCA and system engineers that are responsible for things such as allocating new Top Secret files, copying the security file, and maintaining the security file. By maintaining the security file, TSSFAR has different parameters that show broken WHOHAS pointers, security file stats, ownership issues, to name a few.

Powered by Wolken Software