z/OS Security Server RACF System Programmer's Guide
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


Using utilities with the OPERATIONS or group-OPERATIONS attribute

z/OS Security Server RACF System Programmer's Guide
SA23-2287-00

A user who has the OPERATIONS attribute can do the following:
  • Create, rename, and define group data sets for groups except when both of the following are true:
    • The user is connected to the group with less than CREATE authority
    • The user has less than ALTER access to the data set if it is protected by a generic profile
  • Create, rename, and define user data sets that are prefixed by another user's user ID (unless, for rename, specifically prohibited in the data set's access list).

Thus, a user with the OPERATIONS attribute can perform many operations on DASD data sets using the system utilities.

The group-OPERATIONS user can perform all operations that can be performed by the OPERATIONS user; however, the authority is limited to the resources that are within the scope of the group to which the user is connected with the group-OPERATIONS attribute. For more information on the scope of the group, see z/OS Security Server RACF Command Language Reference.

Parent topic: Using utilities on RACF-protected DASD data sets

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014