z/OS DFSMSdss Storage Administration
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


SMS-managed data set protection

z/OS DFSMSdss Storage Administration
SC23-6868-01

A data set profile may contain a DFP segment. The DFP segment contains a RESOWNER field, which may be used to specify the owner of an SMS-managed data set that is protected by the data set profile. If a new SMS-managed data set is allocated, the user or group ID in the RESOWNER field must have at least READ access to any MGMTCLAS and STORCLAS profile used in the allocation when:
  • Your installation has activated the RACF® general resource classes MGMTCLAS and STORCLAS.
  • Profiles have been defined in those classes to protect against unauthorized usage of an SMS management class name or a storage class name.

If RESOWNER is not specified when the data set is allocated, the user or group ID that matches the high-level qualifier is used as the data set owner. Regardless of who owns an SMS-managed data set, you can select different default values for MGMTCLAS and STORCLAS by using those parameters with the COPY or RESTORE command. When you do, RACF checks to ensure that the data set owner, rather than you, is authorized to use the specified MGMTCLAS and STORCLAS. The user or group ID must not be revoked.

Storage class and Management class authorization checking can be bypassed for logical and physical data set restore and physical data set copy processing by using the ADRPATCH Serviceability Aid with the ADMINISTRATOR keyword.

Related reading: For more information about using the ADRPATCH Serviceability Aid, see DFSMSdss patch area.

Parent topic: General data security information

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014