A fix is available
APAR status
Closed as new function.
Error description
PROVIDE AN INSTALLATION OPTION TO ALLOW THE USE OF FILE MANAGER DB2 WITHOUT REQUIRING ANY ACCESS TO *AUTH DB2 CATALOG TABLES
Local fix
Problem summary
**************************************************************** * USERS AFFECTED: All users of File Manager DB2 component. * **************************************************************** * PROBLEM DESCRIPTION: File Manager DB2 component requires * * SELECT access on all DB2 catalog tables * * to be available to each FM/DB2 user. * * This requirement can conflict with * * the security policy in place at some * * sites which forbids access to the *AUTH * * DB2 catalog tables. * **************************************************************** * RECOMMENDATION: Apply the provided PTF. * **************************************************************** While File Manager DB2 component will currently work without any SELECT access to the DB2 *AUTH catalog tables, a better method of accommodating this requirement is needed.
Problem conclusion
Temporary fix
Comments
Enhancement APAR. File Manager DB2 component (FM/DB2) has been changed to provide a new installation parameter - AUTH_ACCESS. When set to 'N' those parts of FM/DB2 that access the *AUTH DB2 catalog tables are explicitly disabled. No additional changes are required after application of the APAR if the existing behaviour (access to the *AUTH DB2 catalog tables is available to FM/DB2 users) is acceptable. When access to the *AUTH tables is to be restricted: 1. Code AUTH_ACCESS=N in the FMN2SSDM macro entries (FMN2POPT module) for those DB2 systems where the access is to be restricted. 2. Re-assemble the FMN2POPT module 3. Review the sample member used to grant SELECT access on the DB2 *AUTH catalog tables to FM/DB2 users. You should revoke any access on the *AUTH tables granted to FM/DB2 users either directly, or via a view. If views of the DB2 *AUTH catalog tables were used, consider dropping those views. Publication Closing Code: DEVCHNG For the documentation changes associated with this APAR, please refer to: ftp://public.dhe.ibm.com/software/websphere/awdtools/ filemanager/fmv12apar.pdf The changes are to the following publications: PUB ID PUB NAME ------------ ---------------------------------------- SC19-3673-00 File Manager for z/OS V12R1 Customization Guide The latest published manuals can be found at: http://www.ibm.com/software/awdtools/filemanager/library/ index.html.
APAR Information
APAR number
PM72197
Reported component name
FILE MANAGER Z/
Reported component ID
5655W6800
Reported release
C12
Status
CLOSED UR1
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2012-09-04
Closed date
2012-11-20
Last modified date
2012-12-04
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
128AC7Ÿ
Modules/Macros
FMN2LVL
| SC19367300 |
Fix information
Fixed component name
FILE MANAGER Z/
Fixed component ID
5655W6800
Applicable component levels
RC12 PSY UK83656
UP12/11/24 P F211
Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.
[{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG19M","label":"APARs - z\/OS environment"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"C12","Edition":"","Line of Business":{"code":"","label":""}},{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSXJAV","label":"File Manager for z\/OS"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"C12","Edition":"","Line of Business":{"code":"LOB35","label":"Mainframe SW"}}]
Document Information
Modified date:
04 December 2012