SDSF MENU の「ULOG USER SESSION LOG」表示/非表示について
search cancel

SDSF MENU の「ULOG USER SESSION LOG」表示/非表示について

book

Article ID: 251146

calendar_today

Updated On:

Products

Top Secret

Issue/Introduction

z/OS 2.5環境でSDSFのISFPRMxx定義をTop Secretにコンバートしました。

SDSF MENUで表示のコマンドで、「ULOG  USER SESSION LOG」を非表示とするために、
以下の定義を指定していますが、当定義が有効とならず「ULOG  USER SESSION LOG」を非表示とすることができません。

TSS PER(acid) SDSF(ISFCMD.ODSP.ULOG.) ACC(NONE)

「ULOG  USER SESSION LOG」を非表示とするためには、どのような定義が必要ですか?

Resolution

IBM PTF PH38663 によると, z/OS 2.5環境ではULOG パネルの実行にSAFは必要ないようです。

PH38663

In SDSF V2R5, entering a command, user receives console
activation failure messages when not authorized to the EMCS
console. An option is needed to condition console activation
based on ULOG authorization.

As of SDSF V2R5, access to the ULOG panel no longer requires SAF
access to the ULOG command.

SDSF adds messages that are unrelated to commands and responses
to ULOG, such as sectrace.  SDSF V2R5 users can now view those
messages without the need for ULOG authority.

SDSF activates an extended console (EMCS) when the first
system command is issued or when the ULOG is accessed.  However,
some installations do not grant access to users to activate an
extended console and instead use ULOG authority to restrict
console usage.
This APAR implements a new ISFPRMxx custom property,
Console.EMCS.UlogAuthReq, to allow the installation to
maintain this preference.

With this change, access to the ULOG panel will remain
unauthorized.  When the property is set to FALSE (the
default), SDSF will activate the extended console when the
first system command is generated or the ULOG panel is
accessed.  The user must be authorized to activate the
console.

When the property is set to TRUE, SDSF will check READ
access to resource ISFCMD.ODSP.ULOG.jesx in the SDSF
class.  If the user has access, the extended console will
be activated.  Otherwise, the activation will be skipped.

See the doc hold associated with this APAR for more
information on the custom property.

This APAR includes changes to the SDSF V2R5 sample
ISF.ISFJCL(ISFPRM01) to include the new custom property.
For the down-level systems SDSF V2R3 and SDSF V2R4,
this APAR contains toleration support
to ignore the custom property at those levels.  This allows
you to share ISFPRMxx between SDSF V2R3, V2R4, and V2R5.

This APAR may be installed at any time.  However, if you
install the APAR on SDSF V2R5, and share your ISFPRMxx that
includes the new custom property, you must install the APAR
on your SDSF V2R3 and SDSF V2R4 systems.

Alternatively, if you install the APAR on SDSF V2R5 and share
your ISFPRMxx, do not include the new custom property until
the APAR has been installed on SDSF V2R3 and SDSF V2R4.

 

z/OS 2.5より前のリリースでは、SDSF MENU表示時に、SDSFクラスの「ISFCMD.ODSP.ULOG.jesx」に対する検証要求が確認できますが、
z/OS 2.5では、当資源に対する検証要求は確認することができません。

SDSF MENU表示時に、「ULOG  USER SESSION LOG」表示/非表示を決定する検証要求が実施されておりませんので
Top Secretでは、SDSF MENU表示時の「ULOG  USER SESSION LOG」表示/非表示を制御することはできません。

z/OS 2.5環境でのULOG パネル表示/非表示の制御についてはIBM社にご確認ください。

Additional Information

Old Japanese Knowledge document ID: JTEC003130

CA Top Secretのその他FAQについては、以下のリンクからご確認ください。

CA Top Secret FAQ一覧表

Powered by Wolken Software