I am trying to setup ACF2 security for the Product TSP. Can you provide the ACF2 equivalent commands to the RACF setup commands?
search cancel

I am trying to setup ACF2 security for the Product TSP. Can you provide the ACF2 equivalent commands to the RACF setup commands?

book

Article ID: 48222

calendar_today

Updated On:

Products

ACF2 ACF2 - DB2 Option ACF2 for zVM ACF2 - z/OS ACF2 - MISC PanApt PanAudit

Issue/Introduction

The r15 CA ACF2 for z/OS Administration Guide Appendix H: RACF Commands provides information on converting RACF command to ACF2 commands.

Environment

Release: ACF2..001AO-15-ACF2
Component:

Resolution

  1. Need userid, R3SP defined with no TSO segment or OMVS. The id needs to be connected to group SYS1 with Operations attribute (needs authority to rename SYS1TMP to SYS1 hi-lvl).

    ACF2 equivalent: 

     ACF        
    SET LID  
    Insert R3SP STC NAME(R3SP started task) GROUP(SYS1)
     SET RULE 
    RECKEY SYS1TMP ADD( - UID(UID string for R3SP) ALLOCATE(A) 
    RECKEY SYS1 ADD( - UID(UID string for R3SP) ALLOCATE(A)
  2. Need one profile, if possible, for Started Tasks. All will run under R3SP.
    R3SP, Procs will need to be added to proclib concatenation. Proc members are R3SV2IPL and R3SV2TSO and can be found in SYS1.RSSS.SAMPLIB.

    ACF2 equivalent:

     ACF        
    SET CONTROL(GSO)  
    INSERT STCR3SP LOGONID(R3SP) STCID(R3S-)
  3. Need a SURROGAT for R3SP.SUBMIT with R3S group permitted with READ

    ACF2 equivalent:

     ACF 
    SET RESOURCE(SUR)
    RECKEY R3SP ADD( SUBMIT UID(UID string for R3SP) ALLOW)
  4. Need the following defined to FACILITY class with R3SP granted READ access

     MVS.NFTP.TRUST.*.R0DFTP0% 
    ACF2 equivalent: 
    ACF 
    SET RESOURCE(FAC) 
    RECKEY MVS ADD( NFTP.TRUST.-.R0DFTP0* UID(UID string for R3SP) - SERVICE(READ) ALLOW)
Powered by Wolken Software