Description:
IBM's RACF SDSF commands documentation converted to Top Secret
*
**** start of IBM doc *****
You can also use SAF to control membership in groups defined with ISFPARMS.
To do this:
Solution:
The details of memberships can be summarized as follows:
Function | Resource Name | Class | Access |
Membership in Group | GROUP.group-name.server-name | SDSF | READ |
Note:
If the SDSF client is not connected to the SDSF server, the server-name is blank.
Then, as shown in this table, it is translated to RACF as follows:
Resolution:
To authorize membership in a group in ISFPARMS, issue the following commands:
RDEFINE SDSF GROUP.group-name.server-name UACC(NONE) PERMIT GROUP.group-name.server-name CLASS(SDSF) ID(userid or groupid) ACCESS(READ)
Converted to a CA Top Secret TSS command:
TSS ADD(owningacid) SDSF(GROUP.)
TSS PER(aciduser or acidprofile) SDSF(GROUP.group-name.server-name) -
ACCESS(READ)
Please refer to: