Is there a CA ACF2 attribute similar to ROAUDIT in RACF?


Article ID: 14628


Updated On:


CA ACF2 CA ACF2 - DB2 Option CA ACF2 for zVM CA ACF2 - z/OS CA ACF2 - MISC CA PanApt CA PanAudit


The ROAUDIT attribute 

A user who has the ROAUDIT attribute has the authority to list auditing information using the LISTDSD, RLIST, LISTUSER, LISTGRP, SETROPTS LIST, and SEARCH commands, as well as the IRRUT100 utility.


Is there a CA ACF2 attribute similar to ROAUDIT in RACF?


Component: ACF2MS



A user with the AUDIT privilege defined in their logonid record can display logonid records, access and resource rules, and infostorage records. A logonid with this privilege is known as an auditor. An auditor can issue the ACF SHOW subcommands that display CA ACF2 system control options, but an auditor cannot modify any of these components of the CA ACF2 system. An auditor cannot update or delete logonid records or access any resources other than those authorized through rules, although a site can authorize auditors to update certain logonid record fields. The AUDIT privilege also gives users search and read access to directories in HFS.

Additional Information

For more information on AUDIT and other CA ACF2 attributes, please review the CA ACF2 documentation.