We have some RACF resource access commands from Tivoli System automation for Z/os. How do I convert that to CA ACF2?

SYSAUTO general resource class controlled by SA z/OS:

The rules that IBM supply all have UACC(none) which mean that no-one has any

access to any of the resources.

/*-------------------------------------------------------------------/

/* Define resource profiles in class SYSAUTO to control access to

/* automation resources.

/* -------------------------------------------------------------------/

/*

RDEFINE SYSAUTO AGT.*.*.RES._CONFIG UACC(NONE) +

DATA('Protects the automation configuration data model')

RDEFINE SYSAUTO AGT.*.*.RES._MANAGER UACC(NONE)+

DATA('Protects control of the Automation Manager in general')

RDEFINE SYSAUTO AGT.*.*.RES._MANAGER.DIAG UACC(NONE) +

DATA('Protects control of the Automation Manager diagnostics')

RDEFINE SYSAUTO AGT.*.*.RES._MANAGER.PACING UACC(NONE) +

DATA('Controls the release function of the INGPAC command')

IBM SYSAUTO resource class could be converted to an ACF2 resource rule with a TYPE of SYA.

The default resource type for any resource class is the first three characters of the class.

In this case it would be SYSauto - $TYPE(SYA) the default access is always NO ACCESS so you would need to write rules to allow users to access these resources under CA ACF2.

For example.

$KEY(AGT) TYPE(SYA)

-.RES._CONFIG UID(user allowed access) ALLOW

-.RES._MANAGER UID(user allowed access) ALLOW

-.RES._MANAGER.DIAG UID(user allowed access) ALLOW

-.RES._MANAGER.PACING UID(user allowed access) ALLOW

The product is Tivoli System Automation for z/OS 3.5.0, information available on following link:

http://www-01.ibm.com/support/knowledgecenter/SSWRCJ_3.5.0/com.ibm.safos.doc_3.5/acz_resources_r.html