I was told by a co-worker that I should see resource validations when I generate or use a passticket when I logon. I do not see any resource validations - what have I done wrong.
search cancel

I was told by a co-worker that I should see resource validations when I generate or use a passticket when I logon. I do not see any resource validations - what have I done wrong.

book

Article ID: 14566

calendar_today

Updated On:

Products

ACF2 ACF2 - DB2 Option ACF2 for zVM ACF2 - z/OS ACF2 - MISC PanApt PanAudit

Issue/Introduction

I was told that I need to setup resource rules in the PTKTDATA  resource class for generation
and validation of a passticket for logon requests.

When I ran a SECTRACE during the generation and logon process, I did not see any resource
validations.

What am I missing?

Environment

Release: ACF2..001AO-16-ACF2
Component:

Resolution

There are two types of resource validations taking place with PASSTICKET generation and validation. 
both use resource class PTKTDATA. 
The first is from calls using R_ticketserv or r_gensec callable services. 
They have resource names of IRRPTAUTH.applid.userid. 

The second calls are made if you have PTKRESCK set in the C(GSO) OPTS record in ACF2. 
This is optional. If you do not have the bit set, we do not issue the resource validation. 

If you are not using the callable services but are using the program that is anchored in RCVTPTGN - there is no validation for the resource. 

so it looks like you are not using the callable service and you do not have the validation bit set.... 

THEREFORE THERE ARE NO VALIDATIONS. 

Powered by Wolken Software