search cancel

How to determine if the RULELONG facility of CA ACF2 Security should be utilized?


Article ID: 53596


Updated On:


ACF2 ACF2 - DB2 Option ACF2 - z/OS ACF2 - MISC



A site can determine the need to increase the 4K rulesize to a larger size with RULELONG by evaluating their current access and resource rules.



Component: ACF2MS


RULELONG allows for access and resource rules greater than 4K up to a maximum of 32K. The first thing to determine is if there is really a need to increase the size of the rules. If there are only have 3-6 rules that are over 4K, then it would be better off leaving the rules at 4k, and making these few rules and their NEXTKEYS as resident, either in RESRULES or INFODIR depending on the type. If there are many rules that are over 4K or a large number of rules that are approaching the NEXTKEY nesting limit of 25 then increasing the rulesize should be considered.

There are two REXX EXECs in ACF2.CAIREXX that can be used to determine the size of resource and access rules and sort them from largest to smallest. The REXX EXEC ACFRSCSZ can be used for resource rules and ACFDSNSZ can be used for access rules.

For detailed steps on implementing RULELONG see the CA/Broadcom Techdocs step 6 under Follow These Steps on page 'Create CA ACF2 VSAM Databases'.